Zebediah Figura : ntdll: Do not touch the privilege output buffers if access_check fails. - wine-commits

8 Feb 2021

Module: wine
Branch: master
Commit: d14cf677b5825fe26b30b65fafac7962d7c279dc
URL:    https://source.winehq.org/git/wine.git/?a=commit;h=d14cf677b5825fe26b30b65fa...
Author: Zebediah Figura z.figura12@gmail.com
Date:   Sun Feb  7 19:50:10 2021 -0600
ntdll: Do not touch the privilege output buffers if access_check fails.
Signed-off-by: Zebediah Figura z.figura12@gmail.com
Signed-off-by: Alexandre Julliard julliard@winehq.org
---
dlls/advapi32/tests/security.c | 4 ++--
 dlls/ntdll/unix/security.c     | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 239c9d3caff..764e0bb5ef6 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -1344,7 +1344,7 @@ static void test_AccessCheck(void)
          "NtAccessCheck shouldn't set last error, got %d\n", err);
       ok(Access == 0x1abe11ed && ntAccessStatus == 0x1abe11ed,
          "Access and/or AccessStatus were changed!\n");
-      todo_wine ok(ntPrivSetLen == 0, "PrivSetLen returns %d\n", ntPrivSetLen);
+      ok(ntPrivSetLen == 0, "PrivSetLen returns %d\n", ntPrivSetLen);
/* Generic access mask - insufficient returnlength */
       SetLastError(0xdeadbeef);
@@ -1359,7 +1359,7 @@ static void test_AccessCheck(void)
          "NtAccessCheck shouldn't set last error, got %d\n", err);
       ok(Access == 0x1abe11ed && ntAccessStatus == 0x1abe11ed,
          "Access and/or AccessStatus were changed!\n");
-      todo_wine ok(ntPrivSetLen == sizeof(PRIVILEGE_SET)-1, "PrivSetLen returns %d\n", ntPrivSetLen);
+      ok(ntPrivSetLen == sizeof(PRIVILEGE_SET)-1, "PrivSetLen returns %d\n", ntPrivSetLen);
/* Key access mask - zero returnlength */
       SetLastError(0xdeadbeef);
diff --git a/dlls/ntdll/unix/security.c b/dlls/ntdll/unix/security.c
index 8a5b1515ba9..0134b80e148 100644
--- a/dlls/ntdll/unix/security.c
+++ b/dlls/ntdll/unix/security.c
@@ -732,10 +732,10 @@ NTSTATUS WINAPI NtAccessCheck( PSECURITY_DESCRIPTOR descr, HANDLE token, ACCESS_
status = wine_server_call( req );
-        *retlen = max( offsetof( PRIVILEGE_SET, Privilege ) + reply->privileges_len, sizeof(PRIVILEGE_SET) );
-        privs->PrivilegeCount = reply->privileges_len / sizeof(LUID_AND_ATTRIBUTES);
         if (status == STATUS_SUCCESS)
         {
+            *retlen = max( offsetof( PRIVILEGE_SET, Privilege ) + reply->privileges_len, sizeof(PRIVILEGE_SET) );
+            privs->PrivilegeCount = reply->privileges_len / sizeof(LUID_AND_ATTRIBUTES);
             *access_status = reply->access_status;
             *access_granted = reply->access_granted;
         }

    