Public/winfsp
1
0
Fork 0
mirror of https://github.com/winfsp/winfsp.git synced 2025-04-23 17:03:12 -05:00
Code Issues Packages Projects Releases Wiki Activity

dll: WIP

Browse Source
This commit is contained in:
Bill Zissimopoulos 2016-01-04 00:10:04 -08:00
parent b3854368c5
commit cada782340
3 changed files with 29 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
inc/winfsp/winfsp.h
View File

@ -45,8 +45,8 @@ typedef NTSTATUS FSP_FILE_SYSTEM_OPERATION(FSP_FILE_SYSTEM *, FSP_FSCTL_TRANSACT
typedef struct _FSP_FILE_SYSTEM_INTERFACE typedef struct _FSP_FILE_SYSTEM_INTERFACE
{ {
NTSTATUS (*AccessCheck)(FSP_FILE_SYSTEM *FileSystem, NTSTATUS (*AccessCheck)(FSP_FILE_SYSTEM *FileSystem,
FSP_FSCTL_TRANSACT_REQ *Request, BOOLEAN AllowTraverseCheck, DWORD DesiredAccess, FSP_FSCTL_TRANSACT_REQ *Request, BOOLEAN CheckParentDirectory, BOOLEAN AllowTraverseCheck,
PDWORD PGrantedAccess); DWORD DesiredAccess, PDWORD PGrantedAccess);
NTSTATUS (*GetSecurity)(FSP_FILE_SYSTEM *FileSystem, NTSTATUS (*GetSecurity)(FSP_FILE_SYSTEM *FileSystem,
PWSTR FileName, PDWORD PFileAttributes, PWSTR FileName, PDWORD PFileAttributes,
PSECURITY_DESCRIPTOR SecurityDescriptor, SIZE_T *PSecurityDescriptorSize); PSECURITY_DESCRIPTOR SecurityDescriptor, SIZE_T *PSecurityDescriptorSize);
@ -56,7 +56,7 @@ typedef struct _FSP_FILE_SYSTEM_INTERFACE
FSP_FSCTL_TRANSACT_REQ *Request, FSP_FILE_NODE **PFileNode); FSP_FSCTL_TRANSACT_REQ *Request, FSP_FILE_NODE **PFileNode);
NTSTATUS (*FileOverwrite)(FSP_FILE_SYSTEM *FileSystem, NTSTATUS (*FileOverwrite)(FSP_FILE_SYSTEM *FileSystem,
FSP_FSCTL_TRANSACT_REQ *Request, BOOLEAN Supersede, FSP_FILE_NODE **PFileNode); FSP_FSCTL_TRANSACT_REQ *Request, BOOLEAN Supersede, FSP_FILE_NODE **PFileNode);
NTSTATUS (*FileOpenTargetDirectory)(FSP_FILE_SYSTEM *FileSystem, NTSTATUS (*FileOpenParentDirectory)(FSP_FILE_SYSTEM *FileSystem,
FSP_FSCTL_TRANSACT_REQ *Request, FSP_FILE_NODE **PFileNode, PBOOLEAN PFileExists); FSP_FSCTL_TRANSACT_REQ *Request, FSP_FILE_NODE **PFileNode, PBOOLEAN PFileExists);
NTSTATUS (*FileClose)(FSP_FILE_SYSTEM *FileSystem, NTSTATUS (*FileClose)(FSP_FILE_SYSTEM *FileSystem,
FSP_FSCTL_TRANSACT_REQ *Request, FSP_FILE_NODE *FileNode); FSP_FSCTL_TRANSACT_REQ *Request, FSP_FILE_NODE *FileNode);
@ -154,8 +154,8 @@ FSP_API NTSTATUS FspFileSystemOpCreateSendSuccessResponse(FSP_FILE_SYSTEM *FileS
*/ */
FSP_API PGENERIC_MAPPING FspGetFileGenericMapping(VOID); FSP_API PGENERIC_MAPPING FspGetFileGenericMapping(VOID);
FSP_API NTSTATUS FspAccessCheck(FSP_FILE_SYSTEM *FileSystem, FSP_API NTSTATUS FspAccessCheck(FSP_FILE_SYSTEM *FileSystem,
FSP_FSCTL_TRANSACT_REQ *Request, BOOLEAN AllowTraverseCheck, DWORD DesiredAccess, FSP_FSCTL_TRANSACT_REQ *Request, BOOLEAN CheckParentDirectory, BOOLEAN AllowTraverseCheck,
PDWORD PGrantedAccess); DWORD DesiredAccess, PDWORD PGrantedAccess);
FSP_API NTSTATUS FspShareCheck(FSP_FILE_SYSTEM *FileSystem, FSP_API NTSTATUS FspShareCheck(FSP_FILE_SYSTEM *FileSystem,
DWORD GrantedAccess, DWORD ShareAccess, FSP_FILE_NODE *FileNode); DWORD GrantedAccess, DWORD ShareAccess, FSP_FILE_NODE *FileNode);

19
src/dll/access.c
View File

@ -38,12 +38,12 @@ static NTSTATUS FspGetSecurity(FSP_FILE_SYSTEM *FileSystem,
} }
FSP_API NTSTATUS FspAccessCheck(FSP_FILE_SYSTEM *FileSystem, FSP_API NTSTATUS FspAccessCheck(FSP_FILE_SYSTEM *FileSystem,
FSP_FSCTL_TRANSACT_REQ *Request, BOOLEAN AllowTraverseCheck, DWORD DesiredAccess, FSP_FSCTL_TRANSACT_REQ *Request, BOOLEAN CheckParentDirectory, BOOLEAN AllowTraverseCheck,
PDWORD PGrantedAccess) DWORD DesiredAccess, PDWORD PGrantedAccess)
{ {
if (0 != FileSystem->Interface->AccessCheck) if (0 != FileSystem->Interface->AccessCheck)
return FileSystem->Interface->AccessCheck(FileSystem, return FileSystem->Interface->AccessCheck(FileSystem,
Request, AllowTraverseCheck, DesiredAccess, PGrantedAccess); Request, CheckParentDirectory, AllowTraverseCheck, DesiredAccess, PGrantedAccess);
if (0 == FileSystem->Interface->GetSecurity) if (0 == FileSystem->Interface->GetSecurity)
{ {
@ -52,6 +52,7 @@ FSP_API NTSTATUS FspAccessCheck(FSP_FILE_SYSTEM *FileSystem,
} }
NTSTATUS Result; NTSTATUS Result;
PWSTR Parent, Suffix;
DWORD FileAttributes; DWORD FileAttributes;
PSECURITY_DESCRIPTOR SecurityDescriptor = 0; PSECURITY_DESCRIPTOR SecurityDescriptor = 0;
SIZE_T SecurityDescriptorSize; SIZE_T SecurityDescriptorSize;
@ -60,6 +61,9 @@ FSP_API NTSTATUS FspAccessCheck(FSP_FILE_SYSTEM *FileSystem,
*PGrantedAccess = 0; *PGrantedAccess = 0;
if (CheckParentDirectory)
FspPathSuffix((PWSTR)Request->Buffer, &Parent, &Suffix);
SecurityDescriptorSize = 1024; SecurityDescriptorSize = 1024;
SecurityDescriptor = MemAlloc(SecurityDescriptorSize); SecurityDescriptor = MemAlloc(SecurityDescriptorSize);
if (0 == SecurityDescriptor) if (0 == SecurityDescriptor)
@ -111,6 +115,12 @@ FSP_API NTSTATUS FspAccessCheck(FSP_FILE_SYSTEM *FileSystem,
if (!NT_SUCCESS(Result)) if (!NT_SUCCESS(Result))
goto exit; goto exit;
if (CheckParentDirectory)
{
if (0 == (FileAttributes && FILE_ATTRIBUTE_DIRECTORY))
return STATUS_NOT_A_DIRECTORY;
}
if (0 != (FileAttributes && FILE_ATTRIBUTE_READONLY)) if (0 != (FileAttributes && FILE_ATTRIBUTE_READONLY))
{ {
if (DesiredAccess & if (DesiredAccess &
@ -135,6 +145,9 @@ FSP_API NTSTATUS FspAccessCheck(FSP_FILE_SYSTEM *FileSystem,
exit: exit:
MemFree(SecurityDescriptor); MemFree(SecurityDescriptor);
if (CheckParentDirectory)
FspPathCombine((PWSTR)Request->Buffer, Suffix);
return Result; return Result;
} }

24
src/dll/create.c
View File

@ -21,15 +21,11 @@ NTSTATUS FspCreateCheck(FSP_FILE_SYSTEM *FileSystem,
PDWORD PGrantedAccess) PDWORD PGrantedAccess)
{ {
NTSTATUS Result; NTSTATUS Result;
PWSTR Path, Suffix;
FspPathSuffix((PWSTR)Request->Buffer, &Path, &Suffix); Result = FspAccessCheck(FileSystem, Request, TRUE, AllowTraverseCheck,
Result = FspAccessCheck(FileSystem, Request, TRUE,
(Request->Req.Create.CreateOptions & FILE_DIRECTORY_FILE) ? (Request->Req.Create.CreateOptions & FILE_DIRECTORY_FILE) ?
FILE_ADD_SUBDIRECTORY : FILE_ADD_FILE, FILE_ADD_SUBDIRECTORY : FILE_ADD_FILE,
PGrantedAccess); PGrantedAccess);
FspPathCombine((PWSTR)Request->Buffer, Suffix);
if (NT_SUCCESS(Result)) if (NT_SUCCESS(Result))
*PGrantedAccess = (MAXIMUM_ALLOWED & Request->Req.Create.DesiredAccess) ? *PGrantedAccess = (MAXIMUM_ALLOWED & Request->Req.Create.DesiredAccess) ?
FILE_ALL_ACCESS : Request->Req.Create.DesiredAccess; FILE_ALL_ACCESS : Request->Req.Create.DesiredAccess;
@ -71,7 +67,7 @@ static NTSTATUS FspFileSystemOpCreate_FileOpen(FSP_FILE_SYSTEM *FileSystem,
DWORD GrantedAccess; DWORD GrantedAccess;
FSP_FILE_NODE *FileNode; FSP_FILE_NODE *FileNode;
Result = FspAccessCheck(FileSystem, Request, TRUE, Result = FspAccessCheck(FileSystem, Request, FALSE, TRUE,
Request->Req.Create.DesiredAccess, &GrantedAccess); Request->Req.Create.DesiredAccess, &GrantedAccess);
if (!NT_SUCCESS(Result)) if (!NT_SUCCESS(Result))
return FspFileSystemSendResponseWithStatus(FileSystem, Request, Result); return FspFileSystemSendResponseWithStatus(FileSystem, Request, Result);
@ -100,7 +96,7 @@ static NTSTATUS FspFileSystemOpCreate_FileOpenIf(FSP_FILE_SYSTEM *FileSystem,
FSP_FILE_NODE *FileNode; FSP_FILE_NODE *FileNode;
BOOLEAN Create = FALSE; BOOLEAN Create = FALSE;
Result = FspAccessCheck(FileSystem, Request, TRUE, Result = FspAccessCheck(FileSystem, Request, FALSE, TRUE,
Request->Req.Create.DesiredAccess, &GrantedAccess); Request->Req.Create.DesiredAccess, &GrantedAccess);
if (!NT_SUCCESS(Result)) if (!NT_SUCCESS(Result))
{ {
@ -159,7 +155,7 @@ static NTSTATUS FspFileSystemOpCreate_FileOverwrite(FSP_FILE_SYSTEM *FileSystem,
DWORD GrantedAccess; DWORD GrantedAccess;
FSP_FILE_NODE *FileNode; FSP_FILE_NODE *FileNode;
Result = FspAccessCheck(FileSystem, Request, TRUE, Result = FspAccessCheck(FileSystem, Request, FALSE, TRUE,
Request->Req.Create.DesiredAccess | (Supersede ? DELETE : FILE_WRITE_DATA), Request->Req.Create.DesiredAccess | (Supersede ? DELETE : FILE_WRITE_DATA),
&GrantedAccess); &GrantedAccess);
if (!NT_SUCCESS(Result)) if (!NT_SUCCESS(Result))
@ -197,7 +193,7 @@ static NTSTATUS FspFileSystemOpCreate_FileOverwriteIf(FSP_FILE_SYSTEM *FileSyste
FSP_FILE_NODE *FileNode; FSP_FILE_NODE *FileNode;
BOOLEAN Create = FALSE; BOOLEAN Create = FALSE;
Result = FspAccessCheck(FileSystem, Request, TRUE, Result = FspAccessCheck(FileSystem, Request, FALSE, TRUE,
Request->Req.Create.DesiredAccess | FILE_WRITE_DATA, Request->Req.Create.DesiredAccess | FILE_WRITE_DATA,
&GrantedAccess); &GrantedAccess);
if (!NT_SUCCESS(Result)) if (!NT_SUCCESS(Result))
@ -259,17 +255,13 @@ static NTSTATUS FspFileSystemOpCreate_FileOpenTargetDirectory(FSP_FILE_SYSTEM *F
DWORD GrantedAccess; DWORD GrantedAccess;
FSP_FILE_NODE *FileNode; FSP_FILE_NODE *FileNode;
BOOLEAN FileExists; BOOLEAN FileExists;
PWSTR Path, Suffix;
FspPathSuffix((PWSTR)Request->Buffer, &Path, &Suffix); Result = FspAccessCheck(FileSystem, Request, TRUE, TRUE,
Result = FspAccessCheck(FileSystem, Request, TRUE,
Request->Req.Create.DesiredAccess, &GrantedAccess); Request->Req.Create.DesiredAccess, &GrantedAccess);
FspPathCombine((PWSTR)Request->Buffer, Suffix);
if (!NT_SUCCESS(Result)) if (!NT_SUCCESS(Result))
return FspFileSystemSendResponseWithStatus(FileSystem, Request, Result); return FspFileSystemSendResponseWithStatus(FileSystem, Request, Result);
Result = FileSystem->Interface->FileOpenTargetDirectory(FileSystem, Request, Result = FileSystem->Interface->FileOpenParentDirectory(FileSystem, Request,
&FileNode, &FileExists); &FileNode, &FileExists);
if (!NT_SUCCESS(Result)) if (!NT_SUCCESS(Result))
return FspFileSystemSendResponseWithStatus(FileSystem, Request, Result); return FspFileSystemSendResponseWithStatus(FileSystem, Request, Result);
@ -292,7 +284,7 @@ FSP_API NTSTATUS FspFileSystemOpCreate(FSP_FILE_SYSTEM *FileSystem,
if (0 == FileSystem->Interface->FileCreate || if (0 == FileSystem->Interface->FileCreate ||
0 == FileSystem->Interface->FileOpen || 0 == FileSystem->Interface->FileOpen ||
0 == FileSystem->Interface->FileOverwrite || 0 == FileSystem->Interface->FileOverwrite ||
0 == FileSystem->Interface->FileOpenTargetDirectory) 0 == FileSystem->Interface->FileOpenParentDirectory)
return FspFileSystemSendResponseWithStatus(FileSystem, Request, STATUS_INVALID_DEVICE_REQUEST); return FspFileSystemSendResponseWithStatus(FileSystem, Request, STATUS_INVALID_DEVICE_REQUEST);
if (Request->Req.Create.OpenTargetDirectory) if (Request->Req.Create.OpenTargetDirectory)