From: Micah N Gorrell mgorrell@codeweavers.com
Signed-off-by: Micah N Gorrell mgorrell@codeweavers.com Signed-off-by: Zebediah Figura zfigura@codeweavers.com --- dlls/advapi32/advapi32_misc.h | 3 -- dlls/advapi32/security.c | 70 ++++++++++++++++------------------- dlls/advapi32/service.c | 6 +-- 3 files changed, 35 insertions(+), 44 deletions(-)
diff --git a/dlls/advapi32/advapi32_misc.h b/dlls/advapi32/advapi32_misc.h index 4ced1e8a648..77b56420ba3 100644 --- a/dlls/advapi32/advapi32_misc.h +++ b/dlls/advapi32/advapi32_misc.h @@ -32,9 +32,6 @@ BOOL ADVAPI_GetComputerSid(PSID sid) DECLSPEC_HIDDEN; BOOL lookup_local_wellknown_name(const LSA_UNICODE_STRING*, PSID, LPDWORD, LPWSTR, LPDWORD, PSID_NAME_USE, BOOL*) DECLSPEC_HIDDEN; BOOL lookup_local_user_name(const LSA_UNICODE_STRING*, PSID, LPDWORD, LPWSTR, LPDWORD, PSID_NAME_USE, BOOL*) DECLSPEC_HIDDEN; WCHAR *SERV_dup(const char *str) DECLSPEC_HIDDEN; -DWORD SERV_OpenSCManagerW(LPCWSTR, LPCWSTR, DWORD, SC_HANDLE*) DECLSPEC_HIDDEN; -DWORD SERV_OpenServiceW(SC_HANDLE, LPCWSTR, DWORD, SC_HANDLE*) DECLSPEC_HIDDEN; -NTSTATUS SERV_QueryServiceObjectSecurity(SC_HANDLE, SECURITY_INFORMATION, PSECURITY_DESCRIPTOR, DWORD, LPDWORD) DECLSPEC_HIDDEN; const WCHAR *get_wellknown_privilege_name(const LUID *) DECLSPEC_HIDDEN;
/* memory allocation functions */ diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c index 4bea26d1557..7315f9b51a9 100644 --- a/dlls/advapi32/security.c +++ b/dlls/advapi32/security.c @@ -415,16 +415,15 @@ static inline DWORD get_security_file( LPCWSTR full_file_name, DWORD access, HAN /* helper function for SE_SERVICE objects in [Get|Set]NamedSecurityInfo */ static inline DWORD get_security_service( LPWSTR full_service_name, DWORD access, HANDLE *service ) { - SC_HANDLE manager = 0; - DWORD err; - - err = SERV_OpenSCManagerW( NULL, NULL, access, (SC_HANDLE *)&manager ); - if (err == ERROR_SUCCESS) + SC_HANDLE manager = OpenSCManagerW( NULL, NULL, access ); + if (manager) { - err = SERV_OpenServiceW( manager, full_service_name, access, (SC_HANDLE *)service ); + *service = OpenServiceW( manager, full_service_name, access); CloseServiceHandle( manager ); + if (*service) + return ERROR_SUCCESS; } - return err; + return GetLastError(); }
/* helper function for SE_REGISTRY_KEY objects in [Get|Set]NamedSecurityInfo */ @@ -1779,16 +1778,13 @@ BOOL WINAPI PrivilegedServiceAuditAlarmA( LPCSTR SubsystemName, LPCSTR ServiceNa * RETURNS * ERROR_SUCCESS if all's well, and a WIN32 error code otherwise. */ -DWORD WINAPI GetSecurityInfo( - HANDLE hObject, SE_OBJECT_TYPE ObjectType, - SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner, - PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl, - PSECURITY_DESCRIPTOR *ppSecurityDescriptor -) +DWORD WINAPI GetSecurityInfo( HANDLE handle, SE_OBJECT_TYPE type, SECURITY_INFORMATION SecurityInfo, + PSID *ppsidOwner, PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl, + PSECURITY_DESCRIPTOR *ppSecurityDescriptor ) { PSECURITY_DESCRIPTOR sd; NTSTATUS status; - ULONG n1, n2; + ULONG size; BOOL present, defaulted;
/* A NULL descriptor is allowed if any one of the other pointers is not NULL */ @@ -1802,35 +1798,33 @@ DWORD WINAPI GetSecurityInfo( || ((SecurityInfo & SACL_SECURITY_INFORMATION) && !ppSacl) )) return ERROR_INVALID_PARAMETER;
- switch (ObjectType) + if (type == SE_SERVICE) { - case SE_SERVICE: - status = SERV_QueryServiceObjectSecurity(hObject, SecurityInfo, NULL, 0, &n1); - break; - default: - status = NtQuerySecurityObject(hObject, SecurityInfo, NULL, 0, &n1); - break; - } - if (status != STATUS_BUFFER_TOO_SMALL && status != STATUS_SUCCESS) - return RtlNtStatusToDosError(status); + if (!QueryServiceObjectSecurity( handle, SecurityInfo, NULL, 0, &size ) + && GetLastError() != ERROR_INSUFFICIENT_BUFFER) + return GetLastError();
- sd = LocalAlloc(0, n1); - if (!sd) - return ERROR_NOT_ENOUGH_MEMORY; + if (!(sd = LocalAlloc( 0, size ))) return ERROR_NOT_ENOUGH_MEMORY;
- switch (ObjectType) - { - case SE_SERVICE: - status = SERV_QueryServiceObjectSecurity(hObject, SecurityInfo, sd, n1, &n2); - break; - default: - status = NtQuerySecurityObject(hObject, SecurityInfo, sd, n1, &n2); - break; + if (!QueryServiceObjectSecurity( handle, SecurityInfo, sd, size, &size )) + { + LocalFree(sd); + return GetLastError(); + } } - if (status != STATUS_SUCCESS) + else { - LocalFree(sd); - return RtlNtStatusToDosError(status); + status = NtQuerySecurityObject( handle, SecurityInfo, NULL, 0, &size ); + if (status != STATUS_SUCCESS && status != STATUS_BUFFER_TOO_SMALL) + return RtlNtStatusToDosError( status ); + + if (!(sd = LocalAlloc( 0, size ))) return ERROR_NOT_ENOUGH_MEMORY; + + if ((status = NtQuerySecurityObject( handle, SecurityInfo, sd, size, &size ))) + { + LocalFree(sd); + return RtlNtStatusToDosError( status ); + } }
if (ppsidOwner) diff --git a/dlls/advapi32/service.c b/dlls/advapi32/service.c index 231f0267e98..2781a128239 100644 --- a/dlls/advapi32/service.c +++ b/dlls/advapi32/service.c @@ -897,7 +897,7 @@ SC_HANDLE WINAPI OpenSCManagerA( LPCSTR lpMachineName, LPCSTR lpDatabaseName, * * See OpenSCManagerA. */ -DWORD SERV_OpenSCManagerW( LPCWSTR lpMachineName, LPCWSTR lpDatabaseName, +static DWORD SERV_OpenSCManagerW( LPCWSTR lpMachineName, LPCWSTR lpDatabaseName, DWORD dwDesiredAccess, SC_HANDLE *handle ) { DWORD r; @@ -1049,7 +1049,7 @@ SC_HANDLE WINAPI OpenServiceA( SC_HANDLE hSCManager, LPCSTR lpServiceName, * * See OpenServiceA. */ -DWORD SERV_OpenServiceW( SC_HANDLE hSCManager, LPCWSTR lpServiceName, +static DWORD SERV_OpenServiceW( SC_HANDLE hSCManager, LPCWSTR lpServiceName, DWORD dwDesiredAccess, SC_HANDLE *handle ) { DWORD err; @@ -2484,7 +2484,7 @@ BOOL WINAPI ChangeServiceConfig2W( SC_HANDLE hService, DWORD dwInfoLevel, return err == ERROR_SUCCESS; }
-NTSTATUS SERV_QueryServiceObjectSecurity(SC_HANDLE hService, +static NTSTATUS SERV_QueryServiceObjectSecurity(SC_HANDLE hService, SECURITY_INFORMATION dwSecurityInformation, PSECURITY_DESCRIPTOR lpSecurityDescriptor, DWORD cbBufSize, LPDWORD pcbBytesNeeded)