sys: IRP_MJ_CREATE: handle security descriptor and file attributes correctly for named streams

2025-10-30 19:48:38 -05:00 · 2016-10-03 10:29:46 -07:00
parent 03df0a9c26
commit 6a126da51d
3 changed files with 36 additions and 23 deletions
--- a/src/sys/create.c
+++ b/src/sys/create.c
@@ -351,24 +351,15 @@ static NTSTATUS FspFsvolCreateNoLock(
        return Result;
    }

+    /* fix FileAttributes */
+    ClearFlag(FileAttributes,
+        FILE_ATTRIBUTE_NORMAL | FILE_ATTRIBUTE_DIRECTORY | FILE_ATTRIBUTE_REPARSE_POINT);
+    if (CreateOptions & FILE_DIRECTORY_FILE)
+        SetFlag(FileAttributes, FILE_ATTRIBUTE_DIRECTORY);
+
    /* if we have a non-empty stream part, open the main file */
    if (0 != StreamPart.Buffer)
    {
-        Result = FspMainFileOpen(FsvolDeviceObject,
-            &MainFileName, CaseSensitive,
-            CreateDisposition,
-            &FileDesc->MainFileHandle,
-            &FileDesc->MainFileObject);
-        if (!NT_SUCCESS(Result))
-            goto main_stream_exit;
-
-        /* check that the main file is one we recognize */
-        if (!FspFileNodeIsValid(FileDesc->MainFileObject->FsContext))
-        {
-            Result = STATUS_OBJECT_NAME_NOT_FOUND;
-            goto main_stream_exit;
-        }
-
        /* named streams can never be directories (even when attached to directories) */
        if (FlagOn(CreateOptions, FILE_DIRECTORY_FILE))
        {
@@ -383,6 +374,28 @@ static NTSTATUS FspFsvolCreateNoLock(
            goto main_stream_exit;
        }

+        Result = FspMainFileOpen(FsvolDeviceObject,
+            &MainFileName, CaseSensitive,
+            SecurityDescriptor,
+            FileAttributes,
+            CreateDisposition,
+            &FileDesc->MainFileHandle,
+            &FileDesc->MainFileObject);
+        if (!NT_SUCCESS(Result))
+            goto main_stream_exit;
+
+        /* check that the main file is one we recognize */
+        if (!FspFileNodeIsValid(FileDesc->MainFileObject->FsContext))
+        {
+            Result = STATUS_OBJECT_NAME_NOT_FOUND;
+            goto main_stream_exit;
+        }
+
+        /* cannot set security descriptor or file attributes on named stream */
+        SecurityDescriptor = 0;
+        SecurityDescriptorSize = 0;
+        FileAttributes = 0;
+
        /* remember the main file node */
        FileNode->MainFileNode = FileDesc->MainFileObject->FsContext;

@@ -407,12 +420,6 @@ static NTSTATUS FspFsvolCreateNoLock(
        return Result;
    }

-    /* fix FileAttributes */
-    ClearFlag(FileAttributes,
-        FILE_ATTRIBUTE_NORMAL | FILE_ATTRIBUTE_DIRECTORY | FILE_ATTRIBUTE_REPARSE_POINT);
-    if (CreateOptions & FILE_DIRECTORY_FILE)
-        SetFlag(FileAttributes, FILE_ATTRIBUTE_DIRECTORY);
-
    /*
     * The new request is associated with our IRP. Go ahead and associate our FileNode/FileDesc
     * with the Request as well. After this is done completing our IRP will automatically
--- a/src/sys/driver.h
+++ b/src/sys/driver.h
@@ -434,6 +434,8 @@ NTSTATUS FspGetDeviceObjectPointer(PUNICODE_STRING ObjectName, ACCESS_MASK Desir
 NTSTATUS FspMainFileOpen(
    PDEVICE_OBJECT DeviceObject,
    PUNICODE_STRING MainFileName, BOOLEAN CaseSensitive,
+    PSECURITY_DESCRIPTOR SecurityDescriptor,
+    ULONG FileAttributes,
    ULONG Disposition,
    PHANDLE PMainFileHandle,
    PFILE_OBJECT *PMainFileObject);
--- a/src/sys/util.c
+++ b/src/sys/util.c
@@ -26,6 +26,8 @@ NTSTATUS FspGetDeviceObjectPointer(PUNICODE_STRING ObjectName, ACCESS_MASK Desir
 NTSTATUS FspMainFileOpen(
    PDEVICE_OBJECT DeviceObject,
    PUNICODE_STRING MainFileName, BOOLEAN CaseSensitive,
+    PSECURITY_DESCRIPTOR SecurityDescriptor,
+    ULONG FileAttributes,
    ULONG Disposition,
    PHANDLE PMainFileHandle,
    PFILE_OBJECT *PMainFileObject);
@@ -387,6 +389,8 @@ NTSTATUS FspGetDeviceObjectPointer(PUNICODE_STRING ObjectName, ACCESS_MASK Desir
 NTSTATUS FspMainFileOpen(
    PDEVICE_OBJECT DeviceObject,
    PUNICODE_STRING MainFileName, BOOLEAN CaseSensitive,
+    PSECURITY_DESCRIPTOR SecurityDescriptor,
+    ULONG FileAttributes,
    ULONG Disposition,
    PHANDLE PMainFileHandle,
    PFILE_OBJECT *PMainFileObject)
@@ -425,7 +429,7 @@ NTSTATUS FspMainFileOpen(
        MainFileName,
        OBJ_KERNEL_HANDLE | OBJ_FORCE_ACCESS_CHECK | (CaseSensitive ? 0 : OBJ_CASE_INSENSITIVE),
        0/*RootDirectory*/,
-        0/*SecurityDescriptor*/);
+        SecurityDescriptor);

    IoStatus.Status = IoCreateFileSpecifyDeviceObjectHint(
        &MainFileHandle,
@@ -433,7 +437,7 @@ NTSTATUS FspMainFileOpen(
        &ObjectAttributes,
        &IoStatus,
        0/*AllocationSize*/,
-        FILE_ATTRIBUTE_NORMAL,
+        FileAttributes,
        FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
        Disposition,
        FILE_OPEN_REPARSE_POINT,