Public/winfsp
1
0
Fork 0
mirror of https://github.com/winfsp/winfsp.git synced 2025-04-23 17:03:12 -05:00
Code Issues Packages Projects Releases Wiki Activity

dll: create: testing

Browse Source
This commit is contained in:
Bill Zissimopoulos 2016-01-15 15:05:52 -08:00
parent 5a1384462b
commit 8b1bcf3583
1 changed files with 43 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
src/dll/create.c
View File

@ -50,7 +50,8 @@ FSP_API NTSTATUS FspAccessCheckEx(FSP_FILE_SYSTEM *FileSystem,
if (0 == FileSystem->Interface->GetSecurity || if (0 == FileSystem->Interface->GetSecurity ||
(!Request->Req.Create.UserMode && 0 == PSecurityDescriptor)) (!Request->Req.Create.UserMode && 0 == PSecurityDescriptor))
{ {
*PGrantedAccess = (MAXIMUM_ALLOWED & DesiredAccess) ? FILE_ALL_ACCESS : DesiredAccess; *PGrantedAccess = (MAXIMUM_ALLOWED & DesiredAccess) ?
FspFileGenericMapping.GenericAll : DesiredAccess;
return STATUS_SUCCESS; return STATUS_SUCCESS;
} }
@ -100,13 +101,16 @@ FSP_API NTSTATUS FspAccessCheckEx(FSP_FILE_SYSTEM *FileSystem,
goto exit; goto exit;
} }
if (AccessCheck(SecurityDescriptor, (HANDLE)Request->Req.Create.AccessToken, FILE_TRAVERSE, if (0 < SecurityDescriptorSize)
&FspFileGenericMapping, 0, &PrivilegeSetLength, &TraverseAccess, &AccessStatus)) {
Result = AccessStatus ? STATUS_SUCCESS : STATUS_ACCESS_DENIED; if (AccessCheck(SecurityDescriptor, (HANDLE)Request->Req.Create.AccessToken, FILE_TRAVERSE,
else &FspFileGenericMapping, 0, &PrivilegeSetLength, &TraverseAccess, &AccessStatus))
Result = FspNtStatusFromWin32(GetLastError()); Result = AccessStatus ? STATUS_SUCCESS : STATUS_ACCESS_DENIED;
if (!NT_SUCCESS(Result)) else
goto exit; Result = FspNtStatusFromWin32(GetLastError());
if (!NT_SUCCESS(Result))
goto exit;
}
} }
} }
@ -117,13 +121,16 @@ FSP_API NTSTATUS FspAccessCheckEx(FSP_FILE_SYSTEM *FileSystem,
if (Request->Req.Create.UserMode) if (Request->Req.Create.UserMode)
{ {
if (AccessCheck(SecurityDescriptor, (HANDLE)Request->Req.Create.AccessToken, DesiredAccess, if (0 < SecurityDescriptorSize)
&FspFileGenericMapping, 0, &PrivilegeSetLength, PGrantedAccess, &AccessStatus)) {
Result = AccessStatus ? STATUS_SUCCESS : STATUS_ACCESS_DENIED; if (AccessCheck(SecurityDescriptor, (HANDLE)Request->Req.Create.AccessToken, DesiredAccess,
else &FspFileGenericMapping, 0, &PrivilegeSetLength, PGrantedAccess, &AccessStatus))
Result = FspNtStatusFromWin32(GetLastError()); Result = AccessStatus ? STATUS_SUCCESS : STATUS_ACCESS_DENIED;
if (!NT_SUCCESS(Result)) else
goto exit; Result = FspNtStatusFromWin32(GetLastError());
if (!NT_SUCCESS(Result))
goto exit;
}
if (CheckParentDirectory) if (CheckParentDirectory)
{ {
@ -163,21 +170,31 @@ FSP_API NTSTATUS FspAccessCheckEx(FSP_FILE_SYSTEM *FileSystem,
goto exit; goto exit;
} }
} }
if (0 == SecurityDescriptorSize)
*PGrantedAccess = (MAXIMUM_ALLOWED & DesiredAccess) ?
FspFileGenericMapping.GenericAll : DesiredAccess;
} }
else else
*PGrantedAccess = (MAXIMUM_ALLOWED & DesiredAccess) ? FILE_ALL_ACCESS : DesiredAccess; *PGrantedAccess = (MAXIMUM_ALLOWED & DesiredAccess) ?
FspFileGenericMapping.GenericAll : DesiredAccess;
Result = STATUS_SUCCESS; Result = STATUS_SUCCESS;
exit: exit:
if (0 != PSecurityDescriptor) if (0 != PSecurityDescriptor && 0 < SecurityDescriptorSize && NT_SUCCESS(Result))
*PSecurityDescriptor = SecurityDescriptor; *PSecurityDescriptor = SecurityDescriptor;
else else
MemFree(SecurityDescriptor); MemFree(SecurityDescriptor);
if (CheckParentDirectory) if (CheckParentDirectory)
{
FspPathCombine((PWSTR)Request->Buffer, Suffix); FspPathCombine((PWSTR)Request->Buffer, Suffix);
if (STATUS_OBJECT_NAME_NOT_FOUND == Result)
Result = STATUS_OBJECT_PATH_NOT_FOUND;
}
return Result; return Result;
} }
@ -190,13 +207,16 @@ FSP_API NTSTATUS FspAssignSecurity(FSP_FILE_SYSTEM *FileSystem,
if (!CreatePrivateObjectSecurity( if (!CreatePrivateObjectSecurity(
ParentDescriptor, ParentDescriptor,
(PSECURITY_DESCRIPTOR)(Request->Buffer + Request->Req.Create.SecurityDescriptor.Offset), 0 != Request->Req.Create.SecurityDescriptor.Offset ?
(PSECURITY_DESCRIPTOR)(Request->Buffer + Request->Req.Create.SecurityDescriptor.Offset) : 0,
PSecurityDescriptor, PSecurityDescriptor,
0 != (Request->Req.Create.CreateOptions & FILE_DIRECTORY_FILE), 0 != (Request->Req.Create.CreateOptions & FILE_DIRECTORY_FILE),
(HANDLE)Request->Req.Create.AccessToken, (HANDLE)Request->Req.Create.AccessToken,
&FspFileGenericMapping)) &FspFileGenericMapping))
return FspNtStatusFromWin32(GetLastError()); return FspNtStatusFromWin32(GetLastError());
DEBUGLOGSD("SDDL=%s", *PSecurityDescriptor);
return STATUS_SUCCESS; return STATUS_SUCCESS;
} }
@ -206,7 +226,7 @@ FSP_API VOID FspDeleteSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor
if ((NTSTATUS (*)())FspAccessCheckEx == CreateFunc) if ((NTSTATUS (*)())FspAccessCheckEx == CreateFunc)
MemFree(SecurityDescriptor); MemFree(SecurityDescriptor);
else if ((NTSTATUS (*)())FspAssignSecurity == CreateFunc) else if ((NTSTATUS (*)())FspAssignSecurity == CreateFunc)
DestroyPrivateObjectSecurity(SecurityDescriptor); DestroyPrivateObjectSecurity(&SecurityDescriptor);
} }
static inline static inline
@ -224,12 +244,7 @@ NTSTATUS FspFileSystemCreateCheck(FSP_FILE_SYSTEM *FileSystem,
if (NT_SUCCESS(Result)) if (NT_SUCCESS(Result))
{ {
*PGrantedAccess = (MAXIMUM_ALLOWED & Request->Req.Create.DesiredAccess) ? *PGrantedAccess = (MAXIMUM_ALLOWED & Request->Req.Create.DesiredAccess) ?
FILE_ALL_ACCESS : Request->Req.Create.DesiredAccess; FspFileGenericMapping.GenericAll : Request->Req.Create.DesiredAccess;
}
else
{
if (STATUS_OBJECT_NAME_NOT_FOUND == Result)
Result = STATUS_OBJECT_PATH_NOT_FOUND;
} }
return Result; return Result;
@ -287,7 +302,7 @@ static NTSTATUS FspFileSystemOpCreate_FileCreate(FSP_FILE_SYSTEM *FileSystem,
(PWSTR)Request->Buffer, Request->Req.Create.CaseSensitive, Request->Req.Create.CreateOptions, (PWSTR)Request->Buffer, Request->Req.Create.CaseSensitive, Request->Req.Create.CreateOptions,
Request->Req.Create.FileAttributes, ObjectDescriptor, Request->Req.Create.AllocationSize, Request->Req.Create.FileAttributes, ObjectDescriptor, Request->Req.Create.AllocationSize,
&NodeInfo); &NodeInfo);
FspDeleteSecurityDescriptor(ParentDescriptor, FspAssignSecurity); FspDeleteSecurityDescriptor(ObjectDescriptor, FspAssignSecurity);
if (!NT_SUCCESS(Result)) if (!NT_SUCCESS(Result))
return FspFileSystemSendResponseWithStatus(FileSystem, Request, Result); return FspFileSystemSendResponseWithStatus(FileSystem, Request, Result);
@ -361,7 +376,7 @@ static NTSTATUS FspFileSystemOpCreate_FileOpenIf(FSP_FILE_SYSTEM *FileSystem,
(PWSTR)Request->Buffer, Request->Req.Create.CaseSensitive, Request->Req.Create.CreateOptions, (PWSTR)Request->Buffer, Request->Req.Create.CaseSensitive, Request->Req.Create.CreateOptions,
Request->Req.Create.FileAttributes, ObjectDescriptor, Request->Req.Create.AllocationSize, Request->Req.Create.FileAttributes, ObjectDescriptor, Request->Req.Create.AllocationSize,
&NodeInfo); &NodeInfo);
FspDeleteSecurityDescriptor(ParentDescriptor, FspAssignSecurity); FspDeleteSecurityDescriptor(ObjectDescriptor, FspAssignSecurity);
if (!NT_SUCCESS(Result)) if (!NT_SUCCESS(Result))
return FspFileSystemSendResponseWithStatus(FileSystem, Request, Result); return FspFileSystemSendResponseWithStatus(FileSystem, Request, Result);
} }
@ -437,7 +452,7 @@ static NTSTATUS FspFileSystemOpCreate_FileOverwriteIf(FSP_FILE_SYSTEM *FileSyste
(PWSTR)Request->Buffer, Request->Req.Create.CaseSensitive, Request->Req.Create.CreateOptions, (PWSTR)Request->Buffer, Request->Req.Create.CaseSensitive, Request->Req.Create.CreateOptions,
Request->Req.Create.FileAttributes, ObjectDescriptor, Request->Req.Create.AllocationSize, Request->Req.Create.FileAttributes, ObjectDescriptor, Request->Req.Create.AllocationSize,
&NodeInfo); &NodeInfo);
FspDeleteSecurityDescriptor(ParentDescriptor, FspAssignSecurity); FspDeleteSecurityDescriptor(ObjectDescriptor, FspAssignSecurity);
if (!NT_SUCCESS(Result)) if (!NT_SUCCESS(Result))
return FspFileSystemSendResponseWithStatus(FileSystem, Request, Result); return FspFileSystemSendResponseWithStatus(FileSystem, Request, Result);
} }