Public/winfsp
1
0
Fork 0
mirror of https://github.com/winfsp/winfsp.git synced 2025-04-23 17:03:12 -05:00
Code Issues Packages Projects Releases Wiki Activity

dll: create: testing

Browse Source
This commit is contained in:
Bill Zissimopoulos 2016-01-15 15:05:52 -08:00
parent 5a1384462b
commit 8b1bcf3583
1 changed files with 43 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
src/dll/create.c
View File

@ -50,7 +50,8 @@ FSP_API NTSTATUS FspAccessCheckEx(FSP_FILE_SYSTEM *FileSystem,
if (0 == FileSystem->Interface->GetSecurity || if (0 == FileSystem->Interface->GetSecurity ||
(!Request->Req.Create.UserMode && 0 == PSecurityDescriptor)) (!Request->Req.Create.UserMode && 0 == PSecurityDescriptor))
{ {
*PGrantedAccess = (MAXIMUM_ALLOWED & DesiredAccess) ? FILE_ALL_ACCESS : DesiredAccess; *PGrantedAccess = (MAXIMUM_ALLOWED & DesiredAccess) ?
FspFileGenericMapping.GenericAll : DesiredAccess;
return STATUS_SUCCESS; return STATUS_SUCCESS;
} }
@ -100,6 +101,8 @@ FSP_API NTSTATUS FspAccessCheckEx(FSP_FILE_SYSTEM *FileSystem,
goto exit; goto exit;
} }
if (0 < SecurityDescriptorSize)
{
if (AccessCheck(SecurityDescriptor, (HANDLE)Request->Req.Create.AccessToken, FILE_TRAVERSE, if (AccessCheck(SecurityDescriptor, (HANDLE)Request->Req.Create.AccessToken, FILE_TRAVERSE,
&FspFileGenericMapping, 0, &PrivilegeSetLength, &TraverseAccess, &AccessStatus)) &FspFileGenericMapping, 0, &PrivilegeSetLength, &TraverseAccess, &AccessStatus))
Result = AccessStatus ? STATUS_SUCCESS : STATUS_ACCESS_DENIED; Result = AccessStatus ? STATUS_SUCCESS : STATUS_ACCESS_DENIED;
@ -109,6 +112,7 @@ FSP_API NTSTATUS FspAccessCheckEx(FSP_FILE_SYSTEM *FileSystem,
goto exit; goto exit;
} }
} }
}
Result = FspGetSecurity(FileSystem, (PWSTR)Request->Buffer, &FileAttributes, Result = FspGetSecurity(FileSystem, (PWSTR)Request->Buffer, &FileAttributes,
&SecurityDescriptor, &SecurityDescriptorSize); &SecurityDescriptor, &SecurityDescriptorSize);
@ -116,6 +120,8 @@ FSP_API NTSTATUS FspAccessCheckEx(FSP_FILE_SYSTEM *FileSystem,
goto exit; goto exit;
if (Request->Req.Create.UserMode) if (Request->Req.Create.UserMode)
{
if (0 < SecurityDescriptorSize)
{ {
if (AccessCheck(SecurityDescriptor, (HANDLE)Request->Req.Create.AccessToken, DesiredAccess, if (AccessCheck(SecurityDescriptor, (HANDLE)Request->Req.Create.AccessToken, DesiredAccess,
&FspFileGenericMapping, 0, &PrivilegeSetLength, PGrantedAccess, &AccessStatus)) &FspFileGenericMapping, 0, &PrivilegeSetLength, PGrantedAccess, &AccessStatus))
@ -124,6 +130,7 @@ FSP_API NTSTATUS FspAccessCheckEx(FSP_FILE_SYSTEM *FileSystem,
Result = FspNtStatusFromWin32(GetLastError()); Result = FspNtStatusFromWin32(GetLastError());
if (!NT_SUCCESS(Result)) if (!NT_SUCCESS(Result))
goto exit; goto exit;
}
if (CheckParentDirectory) if (CheckParentDirectory)
{ {
@ -163,21 +170,31 @@ FSP_API NTSTATUS FspAccessCheckEx(FSP_FILE_SYSTEM *FileSystem,
goto exit; goto exit;
} }
} }
if (0 == SecurityDescriptorSize)
*PGrantedAccess = (MAXIMUM_ALLOWED & DesiredAccess) ?
FspFileGenericMapping.GenericAll : DesiredAccess;
} }
else else
*PGrantedAccess = (MAXIMUM_ALLOWED & DesiredAccess) ? FILE_ALL_ACCESS : DesiredAccess; *PGrantedAccess = (MAXIMUM_ALLOWED & DesiredAccess) ?
FspFileGenericMapping.GenericAll : DesiredAccess;
Result = STATUS_SUCCESS; Result = STATUS_SUCCESS;
exit: exit:
if (0 != PSecurityDescriptor) if (0 != PSecurityDescriptor && 0 < SecurityDescriptorSize && NT_SUCCESS(Result))
*PSecurityDescriptor = SecurityDescriptor; *PSecurityDescriptor = SecurityDescriptor;
else else
MemFree(SecurityDescriptor); MemFree(SecurityDescriptor);
if (CheckParentDirectory) if (CheckParentDirectory)
{
FspPathCombine((PWSTR)Request->Buffer, Suffix); FspPathCombine((PWSTR)Request->Buffer, Suffix);
if (STATUS_OBJECT_NAME_NOT_FOUND == Result)
Result = STATUS_OBJECT_PATH_NOT_FOUND;
}
return Result; return Result;
} }
@ -190,13 +207,16 @@ FSP_API NTSTATUS FspAssignSecurity(FSP_FILE_SYSTEM *FileSystem,
if (!CreatePrivateObjectSecurity( if (!CreatePrivateObjectSecurity(
ParentDescriptor, ParentDescriptor,
(PSECURITY_DESCRIPTOR)(Request->Buffer + Request->Req.Create.SecurityDescriptor.Offset), 0 != Request->Req.Create.SecurityDescriptor.Offset ?
(PSECURITY_DESCRIPTOR)(Request->Buffer + Request->Req.Create.SecurityDescriptor.Offset) : 0,
PSecurityDescriptor, PSecurityDescriptor,
0 != (Request->Req.Create.CreateOptions & FILE_DIRECTORY_FILE), 0 != (Request->Req.Create.CreateOptions & FILE_DIRECTORY_FILE),
(HANDLE)Request->Req.Create.AccessToken, (HANDLE)Request->Req.Create.AccessToken,
&FspFileGenericMapping)) &FspFileGenericMapping))
return FspNtStatusFromWin32(GetLastError()); return FspNtStatusFromWin32(GetLastError());
DEBUGLOGSD("SDDL=%s", *PSecurityDescriptor);
return STATUS_SUCCESS; return STATUS_SUCCESS;
} }
@ -206,7 +226,7 @@ FSP_API VOID FspDeleteSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor
if ((NTSTATUS (*)())FspAccessCheckEx == CreateFunc) if ((NTSTATUS (*)())FspAccessCheckEx == CreateFunc)
MemFree(SecurityDescriptor); MemFree(SecurityDescriptor);
else if ((NTSTATUS (*)())FspAssignSecurity == CreateFunc) else if ((NTSTATUS (*)())FspAssignSecurity == CreateFunc)
DestroyPrivateObjectSecurity(SecurityDescriptor); DestroyPrivateObjectSecurity(&SecurityDescriptor);
} }
static inline static inline
@ -224,12 +244,7 @@ NTSTATUS FspFileSystemCreateCheck(FSP_FILE_SYSTEM *FileSystem,
if (NT_SUCCESS(Result)) if (NT_SUCCESS(Result))
{ {
*PGrantedAccess = (MAXIMUM_ALLOWED & Request->Req.Create.DesiredAccess) ? *PGrantedAccess = (MAXIMUM_ALLOWED & Request->Req.Create.DesiredAccess) ?
FILE_ALL_ACCESS : Request->Req.Create.DesiredAccess; FspFileGenericMapping.GenericAll : Request->Req.Create.DesiredAccess;
}
else
{
if (STATUS_OBJECT_NAME_NOT_FOUND == Result)
Result = STATUS_OBJECT_PATH_NOT_FOUND;
} }
return Result; return Result;
@ -287,7 +302,7 @@ static NTSTATUS FspFileSystemOpCreate_FileCreate(FSP_FILE_SYSTEM *FileSystem,
(PWSTR)Request->Buffer, Request->Req.Create.CaseSensitive, Request->Req.Create.CreateOptions, (PWSTR)Request->Buffer, Request->Req.Create.CaseSensitive, Request->Req.Create.CreateOptions,
Request->Req.Create.FileAttributes, ObjectDescriptor, Request->Req.Create.AllocationSize, Request->Req.Create.FileAttributes, ObjectDescriptor, Request->Req.Create.AllocationSize,
&NodeInfo); &NodeInfo);
FspDeleteSecurityDescriptor(ParentDescriptor, FspAssignSecurity); FspDeleteSecurityDescriptor(ObjectDescriptor, FspAssignSecurity);
if (!NT_SUCCESS(Result)) if (!NT_SUCCESS(Result))
return FspFileSystemSendResponseWithStatus(FileSystem, Request, Result); return FspFileSystemSendResponseWithStatus(FileSystem, Request, Result);
@ -361,7 +376,7 @@ static NTSTATUS FspFileSystemOpCreate_FileOpenIf(FSP_FILE_SYSTEM *FileSystem,
(PWSTR)Request->Buffer, Request->Req.Create.CaseSensitive, Request->Req.Create.CreateOptions, (PWSTR)Request->Buffer, Request->Req.Create.CaseSensitive, Request->Req.Create.CreateOptions,
Request->Req.Create.FileAttributes, ObjectDescriptor, Request->Req.Create.AllocationSize, Request->Req.Create.FileAttributes, ObjectDescriptor, Request->Req.Create.AllocationSize,
&NodeInfo); &NodeInfo);
FspDeleteSecurityDescriptor(ParentDescriptor, FspAssignSecurity); FspDeleteSecurityDescriptor(ObjectDescriptor, FspAssignSecurity);
if (!NT_SUCCESS(Result)) if (!NT_SUCCESS(Result))
return FspFileSystemSendResponseWithStatus(FileSystem, Request, Result); return FspFileSystemSendResponseWithStatus(FileSystem, Request, Result);
} }
@ -437,7 +452,7 @@ static NTSTATUS FspFileSystemOpCreate_FileOverwriteIf(FSP_FILE_SYSTEM *FileSyste
(PWSTR)Request->Buffer, Request->Req.Create.CaseSensitive, Request->Req.Create.CreateOptions, (PWSTR)Request->Buffer, Request->Req.Create.CaseSensitive, Request->Req.Create.CreateOptions,
Request->Req.Create.FileAttributes, ObjectDescriptor, Request->Req.Create.AllocationSize, Request->Req.Create.FileAttributes, ObjectDescriptor, Request->Req.Create.AllocationSize,
&NodeInfo); &NodeInfo);
FspDeleteSecurityDescriptor(ParentDescriptor, FspAssignSecurity); FspDeleteSecurityDescriptor(ObjectDescriptor, FspAssignSecurity);
if (!NT_SUCCESS(Result)) if (!NT_SUCCESS(Result))
return FspFileSystemSendResponseWithStatus(FileSystem, Request, Result); return FspFileSystemSendResponseWithStatus(FileSystem, Request, Result);
} }