Public/winfsp
1
0
Fork 0
mirror of https://github.com/winfsp/winfsp.git synced 2026-06-26 06:18:21 -05:00
Code Activity

sys: FspFsvolCreate, FspFsvolSetSecurity: absolute security descriptors

Browse Source 
Some third party filters send us security descriptors in absolute rather
than self-relative format. Handle this case by converting them to self-
relative format ourselves.
This commit is contained in:
Bill Zissimopoulos
2024-10-10 12:32:50 +01:00
parent 2da97d48f5
commit 4fdec4d37f
2 changed files with 34 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/sys/create.c
+18 -3
View File
@@ -298,6 +298,8 @@ static NTSTATUS FspFsvolCreateNoLock(
ULONG CreateOptions = IrpSp->Parameters.Create.Options;
USHORT FileAttributes = IrpSp->Parameters.Create.FileAttributes;
PSECURITY_DESCRIPTOR SecurityDescriptor = AccessState->SecurityDescriptor;
BOOLEAN SecurityDescriptorRelative = 0 != SecurityDescriptor &&
BooleanFlagOn(((SECURITY_DESCRIPTOR *)SecurityDescriptor)->Control, SE_SELF_RELATIVE);
ULONG SecurityDescriptorSize = 0;
UINT64 AllocationSize = Irp->Overlay.AllocationSize.QuadPart;
UINT64 AllocationUnit;
@@ -406,7 +408,10 @@ static NTSTATUS FspFsvolCreateNoLock(
if (!RtlValidSecurityDescriptor(SecurityDescriptor))
return STATUS_INVALID_PARAMETER;
#endif
SecurityDescriptorSize = RtlLengthSecurityDescriptor(SecurityDescriptor);
if (SecurityDescriptorRelative)
SecurityDescriptorSize = RtlLengthSecurityDescriptor(SecurityDescriptor);
else
RtlAbsoluteToSelfRelativeSD(SecurityDescriptor, 0, &SecurityDescriptorSize);
}
/* align allocation size */
@@ -702,8 +707,18 @@ static NTSTATUS FspFsvolCreateNoLock(
/* copy the security descriptor (if any) into the request */
if (0 != SecurityDescriptorSize)
RtlCopyMemory(Request->Buffer + Request->Req.Create.SecurityDescriptor.Offset,
SecurityDescriptor, SecurityDescriptorSize);
{
if (SecurityDescriptorRelative)
RtlCopyMemory(
Request->Buffer + Request->Req.Create.SecurityDescriptor.Offset,
SecurityDescriptor,
SecurityDescriptorSize);
else
RtlAbsoluteToSelfRelativeSD(
SecurityDescriptor,
(PSECURITY_DESCRIPTOR)(Request->Buffer + Request->Req.Create.SecurityDescriptor.Offset),
&SecurityDescriptorSize);
}
/* copy the extra buffer (if any) into the request */
if (0 != ExtraBuffer)