From a292cd4d73da31f8446aeecbaf99139019247fce Mon Sep 17 00:00:00 2001 From: Bill Zissimopoulos Date: Fri, 19 Oct 2018 21:41:52 -0700 Subject: [PATCH] dll: FspAccessCheckEx: fix #190 --- src/dll/security.c | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/src/dll/security.c b/src/dll/security.c index f226c738..16cc54f8 100644 --- a/src/dll/security.c +++ b/src/dll/security.c @@ -341,26 +341,25 @@ FSP_API NTSTATUS FspAccessCheckEx(FSP_FILE_SYSTEM *FileSystem, if (Request->Req.Create.UserMode) { - if (0 != (FileAttributes & FILE_ATTRIBUTE_READONLY)) + if (FILE_ATTRIBUTE_READONLY == (FileAttributes & (FILE_ATTRIBUTE_READONLY | FILE_ATTRIBUTE_DIRECTORY)) && + (DesiredAccess & (FILE_WRITE_DATA | FILE_APPEND_DATA | FILE_ADD_SUBDIRECTORY | FILE_DELETE_CHILD))) { - if (DesiredAccess & - (FILE_WRITE_DATA | FILE_APPEND_DATA | FILE_ADD_SUBDIRECTORY | FILE_DELETE_CHILD)) - { - Result = STATUS_ACCESS_DENIED; - goto exit; - } - if (Request->Req.Create.CreateOptions & FILE_DELETE_ON_CLOSE) - { - Result = STATUS_CANNOT_DELETE; - goto exit; - } + Result = STATUS_ACCESS_DENIED; + goto exit; + } + + if (FILE_ATTRIBUTE_READONLY == (FileAttributes & FILE_ATTRIBUTE_READONLY) && + Request->Req.Create.CreateOptions & FILE_DELETE_ON_CLOSE) + { + Result = STATUS_CANNOT_DELETE; + goto exit; } if (0 == SecurityDescriptorSize) *PGrantedAccess = (MAXIMUM_ALLOWED & DesiredAccess) ? FspFileGenericMapping.GenericAll : DesiredAccess; - if (0 != (FileAttributes & FILE_ATTRIBUTE_READONLY) && + if (FILE_ATTRIBUTE_READONLY == (FileAttributes & (FILE_ATTRIBUTE_READONLY | FILE_ATTRIBUTE_DIRECTORY)) && 0 != (MAXIMUM_ALLOWED & DesiredAccess)) *PGrantedAccess &= ~(FILE_WRITE_DATA | FILE_APPEND_DATA | FILE_ADD_SUBDIRECTORY | FILE_DELETE_CHILD);