Public/winfsp
1
0
Fork 0
mirror of https://github.com/winfsp/winfsp.git synced 2025-04-22 16:33:02 -05:00
Code Issues Packages Projects Releases Wiki Activity

sys: FspValidRelativeSecurityDescriptor

Browse Source
This commit is contained in:
Bill Zissimopoulos 2015-11-30 15:22:35 -08:00
parent 5aa6af2653
commit a318100d24
4 changed files with 40 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/sys/device.c
View File

@ -147,7 +147,6 @@ VOID FspDeviceDelete(PDEVICE_OBJECT DeviceObject)
} }
ExDeleteResourceLite(&DeviceExtension->Resource); ExDeleteResourceLite(&DeviceExtension->Resource);
RtlZeroMemory(DeviceExtension, DeviceObject->Size - sizeof(DEVICE_OBJECT));
IoDeleteDevice(DeviceObject); IoDeleteDevice(DeviceObject);
} }

25
src/sys/driver.h
View File

@ -164,12 +164,12 @@
#pragma warning(disable:4200) /* zero-sized array in struct/union */ #pragma warning(disable:4200) /* zero-sized array in struct/union */
/* driver major functions */ /* driver major functions */
_Function_class_(DRIVER_DISPATCH) _Function_class_(DRIVER_DISPATCH)
_IRQL_requires_max_(APC_LEVEL) _IRQL_requires_max_(APC_LEVEL)
/* see https://msdn.microsoft.com/en-us/library/windows/hardware/ff540124(v=vs.85).aspx */ /* see https://msdn.microsoft.com/en-us/library/windows/hardware/ff540124(v=vs.85).aspx */
_IRQL_requires_same_ _IRQL_requires_same_
typedef NTSTATUS FSP_DRIVER_DISPATCH( typedef NTSTATUS FSP_DRIVER_DISPATCH(
_In_ struct _DEVICE_OBJECT *DeviceObject, _Inout_ struct _IRP *Irp); _In_ struct _DEVICE_OBJECT *DeviceObject, _Inout_ struct _IRP *Irp);
_Dispatch_type_(IRP_MJ_CLEANUP) FSP_DRIVER_DISPATCH FspCleanup; _Dispatch_type_(IRP_MJ_CLEANUP) FSP_DRIVER_DISPATCH FspCleanup;
_Dispatch_type_(IRP_MJ_CLOSE) FSP_DRIVER_DISPATCH FspClose; _Dispatch_type_(IRP_MJ_CLOSE) FSP_DRIVER_DISPATCH FspClose;
_Dispatch_type_(IRP_MJ_CREATE) FSP_DRIVER_DISPATCH FspCreate; _Dispatch_type_(IRP_MJ_CREATE) FSP_DRIVER_DISPATCH FspCreate;
@ -191,10 +191,10 @@ _Dispatch_type_(IRP_MJ_SHUTDOWN) FSP_DRIVER_DISPATCH FspShutdown;
_Dispatch_type_(IRP_MJ_WRITE) FSP_DRIVER_DISPATCH FspWrite; _Dispatch_type_(IRP_MJ_WRITE) FSP_DRIVER_DISPATCH FspWrite;
/* I/O process functions */ /* I/O process functions */
_IRQL_requires_max_(APC_LEVEL) _IRQL_requires_max_(APC_LEVEL)
_IRQL_requires_same_ _IRQL_requires_same_
typedef VOID FSP_IOCMPL_DISPATCH( typedef VOID FSP_IOCMPL_DISPATCH(
_Inout_ PIRP Irp, _In_ const FSP_FSCTL_TRANSACT_RSP *Response); _Inout_ PIRP Irp, _In_ const FSP_FSCTL_TRANSACT_RSP *Response);
FSP_IOCMPL_DISPATCH FspCleanupComplete; FSP_IOCMPL_DISPATCH FspCleanupComplete;
FSP_IOCMPL_DISPATCH FspCloseComplete; FSP_IOCMPL_DISPATCH FspCloseComplete;
FSP_IOCMPL_DISPATCH FspCreateComplete; FSP_IOCMPL_DISPATCH FspCreateComplete;
@ -322,6 +322,9 @@ VOID FspIopDispatchComplete(PIRP Irp, const FSP_FSCTL_TRANSACT_RSP *Response);
/* misc */ /* misc */
NTSTATUS FspCreateGuid(GUID *Guid); NTSTATUS FspCreateGuid(GUID *Guid);
BOOLEAN FspValidRelativeSecurityDescriptor(
PSECURITY_DESCRIPTOR SecurityDescriptor, ULONG SecurityDescriptorLength,
SECURITY_INFORMATION RequiredInformation);
NTSTATUS FspSecuritySubjectContextAccessCheck( NTSTATUS FspSecuritySubjectContextAccessCheck(
PSECURITY_DESCRIPTOR SecurityDescriptor, ACCESS_MASK DesiredAccess, KPROCESSOR_MODE AccessMode); PSECURITY_DESCRIPTOR SecurityDescriptor, ACCESS_MASK DesiredAccess, KPROCESSOR_MODE AccessMode);
@ -338,6 +341,6 @@ const char *IoctlCodeSym(ULONG ControlCode);
extern PDRIVER_OBJECT FspDriverObject; extern PDRIVER_OBJECT FspDriverObject;
extern PDEVICE_OBJECT FspFsctlDiskDeviceObject; extern PDEVICE_OBJECT FspFsctlDiskDeviceObject;
extern PDEVICE_OBJECT FspFsctlNetDeviceObject; extern PDEVICE_OBJECT FspFsctlNetDeviceObject;
extern FSP_IOCMPL_DISPATCH *FspIopCompleteFunction[]; extern FSP_IOCMPL_DISPATCH *FspIopCompleteFunction[];
#endif #endif

2
src/sys/fsctl.c
View File

@ -110,7 +110,7 @@ static NTSTATUS FspFsctlCreateVolume(
PSECURITY_DESCRIPTOR SecurityDescriptor = (PVOID)(Params + 1); PSECURITY_DESCRIPTOR SecurityDescriptor = (PVOID)(Params + 1);
DWORD SecurityDescriptorSize = InputBufferLength - sizeof *Params; DWORD SecurityDescriptorSize = InputBufferLength - sizeof *Params;
if (sizeof *Params >= InputBufferLength || 0 == SystemBuffer || if (sizeof *Params >= InputBufferLength || 0 == SystemBuffer ||
!RtlValidRelativeSecurityDescriptor(SecurityDescriptor, SecurityDescriptorSize, !FspValidRelativeSecurityDescriptor(SecurityDescriptor, SecurityDescriptorSize,
OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION)) OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION))
return STATUS_INVALID_PARAMETER; return STATUS_INVALID_PARAMETER;
if (FSP_FSCTL_CREATE_BUFFER_SIZE > OutputBufferLength) if (FSP_FSCTL_CREATE_BUFFER_SIZE > OutputBufferLength)

25
src/sys/misc.c
View File

@ -7,11 +7,15 @@
#include <sys/driver.h> #include <sys/driver.h>
NTSTATUS FspCreateGuid(GUID *Guid); NTSTATUS FspCreateGuid(GUID *Guid);
BOOLEAN FspValidRelativeSecurityDescriptor(
PSECURITY_DESCRIPTOR SecurityDescriptor, ULONG SecurityDescriptorLength,
SECURITY_INFORMATION RequiredInformation);
NTSTATUS FspSecuritySubjectContextAccessCheck( NTSTATUS FspSecuritySubjectContextAccessCheck(
PSECURITY_DESCRIPTOR SecurityDescriptor, ACCESS_MASK DesiredAccess, KPROCESSOR_MODE AccessMode); PSECURITY_DESCRIPTOR SecurityDescriptor, ACCESS_MASK DesiredAccess, KPROCESSOR_MODE AccessMode);
#ifdef ALLOC_PRAGMA #ifdef ALLOC_PRAGMA
#pragma alloc_text(PAGE, FspCreateGuid) #pragma alloc_text(PAGE, FspCreateGuid)
#pragma alloc_text(PAGE, FspValidRelativeSecurityDescriptor)
#pragma alloc_text(PAGE, FspSecuritySubjectContextAccessCheck) #pragma alloc_text(PAGE, FspSecuritySubjectContextAccessCheck)
#endif #endif
@ -30,6 +34,27 @@ NTSTATUS FspCreateGuid(GUID *Guid)
return Result; return Result;
} }
BOOLEAN FspValidRelativeSecurityDescriptor(
PSECURITY_DESCRIPTOR SecurityDescriptor, ULONG SecurityDescriptorLength,
SECURITY_INFORMATION RequiredInformation)
{
PAGED_CODE();
BOOLEAN Result;
try
{
Result = RtlValidRelativeSecurityDescriptor(SecurityDescriptor, SecurityDescriptorLength,
RequiredInformation);
}
except(EXCEPTION_EXECUTE_HANDLER)
{
Result = FALSE;
}
return Result;
}
NTSTATUS FspSecuritySubjectContextAccessCheck( NTSTATUS FspSecuritySubjectContextAccessCheck(
PSECURITY_DESCRIPTOR SecurityDescriptor, ACCESS_MASK DesiredAccess, KPROCESSOR_MODE AccessMode) PSECURITY_DESCRIPTOR SecurityDescriptor, ACCESS_MASK DesiredAccess, KPROCESSOR_MODE AccessMode)
{ {