Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
W
wine-cw
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
wine
wine-cw
Commits
9032eeec
Commit
9032eeec
authored
3 years ago
by
Esme Povirk
Committed by
Alexandre Julliard
3 years ago
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
sechost: Reject string SIDs with too many characters.
Signed-off-by:
Esme Povirk
<
esme@codeweavers.com
>
Signed-off-by:
Alexandre Julliard
<
julliard@winehq.org
>
parent
ce94c78b
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
51 additions
and
24 deletions
+51
-24
security.c
dlls/advapi32/tests/security.c
+16
-1
security.c
dlls/sechost/security.c
+35
-23
No files found.
dlls/advapi32/tests/security.c
View file @
9032eeec
...
...
@@ -338,6 +338,20 @@ static void test_ConvertStringSidToSid(void)
"expected GetLastError() is ERROR_INVALID_SID, got %d
\n
"
,
GetLastError
()
);
r
=
ConvertStringSidToSidA
(
"WDandmorecharacters"
,
&
psid
);
ok
(
!
r
,
"expected failure with too many characters
\n
"
);
ok
(
GetLastError
()
==
ERROR_INVALID_SID
,
"expected GetLastError() is ERROR_INVALID_SID, got %d
\n
"
,
GetLastError
()
);
r
=
ConvertStringSidToSidA
(
"WD)"
,
&
psid
);
ok
(
!
r
,
"expected failure with too many characters
\n
"
);
ok
(
GetLastError
()
==
ERROR_INVALID_SID
,
"expected GetLastError() is ERROR_INVALID_SID, got %d
\n
"
,
GetLastError
()
);
ok
(
ConvertStringSidToSidA
(
"S-1-5-21-93476-23408-4576"
,
&
psid
),
"ConvertStringSidToSidA failed
\n
"
);
pisid
=
psid
;
ok
(
pisid
->
SubAuthorityCount
==
4
,
"Invalid sub authority count - expected 4, got %d
\n
"
,
pisid
->
SubAuthorityCount
);
...
...
@@ -4237,7 +4251,8 @@ static void test_ConvertStringSecurityDescriptor(void)
{
""
,
SDDL_REVISION_1
,
TRUE
},
/* test ACE string SID */
{
"D:(D;;GA;;;S-1-0-0)"
,
SDDL_REVISION_1
,
TRUE
},
{
"D:(D;;GA;;;Nonexistent account)"
,
SDDL_REVISION_1
,
FALSE
,
ERROR_INVALID_ACL
,
ERROR_INVALID_SID
}
/* W2K */
{
"D:(D;;GA;;;WDANDSUCH)"
,
SDDL_REVISION_1
,
FALSE
,
ERROR_INVALID_ACL
},
{
"D:(D;;GA;;;Nonexistent account)"
,
SDDL_REVISION_1
,
FALSE
,
ERROR_INVALID_ACL
,
ERROR_INVALID_SID
},
/* W2K */
};
for
(
i
=
0
;
i
<
ARRAY_SIZE
(
cssd
);
i
++
)
...
...
This diff is collapsed.
Click to expand it.
dlls/sechost/security.c
View file @
9032eeec
...
...
@@ -18,6 +18,7 @@
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
*/
#include <assert.h>
#include <stdarg.h>
#include "windef.h"
#include "winbase.h"
...
...
@@ -593,18 +594,22 @@ static BOOL get_computer_sid( PSID sid )
return
TRUE
;
}
static
DWORD
get_sid_size
(
const
WCHAR
*
string
)
static
DWORD
get_sid_size
(
const
WCHAR
*
string
,
const
WCHAR
**
end
)
{
if
(
string
[
0
]
==
'S'
&&
string
[
1
]
==
'-'
)
/* S-R-I(-S)+ */
{
int
token_count
=
0
;
while
(
*
string
)
string
++
;
while
(
*
string
==
'-'
||
iswdigit
(
*
string
))
{
if
(
*
string
==
'-'
)
token_count
++
;
string
++
;
}
if
(
end
)
*
end
=
string
;
if
(
token_count
>=
3
)
return
GetSidLengthRequired
(
token_count
-
2
);
}
...
...
@@ -612,6 +617,9 @@ static DWORD get_sid_size( const WCHAR *string )
{
unsigned
int
i
;
if
(
end
)
*
end
=
string
+
2
;
for
(
i
=
0
;
i
<
ARRAY_SIZE
(
well_known_sids
);
i
++
)
{
if
(
!
wcsncmp
(
well_known_sids
[
i
].
str
,
string
,
2
))
...
...
@@ -632,12 +640,12 @@ static DWORD get_sid_size( const WCHAR *string )
return
GetSidLengthRequired
(
0
);
}
static
BOOL
parse_sid
(
const
WCHAR
*
string
,
SID
*
pisid
,
DWORD
*
size
)
static
BOOL
parse_sid
(
const
WCHAR
*
string
,
const
WCHAR
**
end
,
SID
*
pisid
,
DWORD
*
size
)
{
while
(
*
string
==
' '
)
string
++
;
*
size
=
get_sid_size
(
string
);
*
size
=
get_sid_size
(
string
,
end
);
if
(
!
pisid
)
/* Simply compute the size */
return
TRUE
;
...
...
@@ -647,7 +655,7 @@ static BOOL parse_sid( const WCHAR *string, SID *pisid, DWORD *size )
DWORD
csubauth
=
((
*
size
-
GetSidLengthRequired
(
0
))
/
sizeof
(
DWORD
));
string
+=
2
;
/* Advance to Revision */
pisid
->
Revision
=
wcstoul
(
string
,
NULL
,
10
);
pisid
->
Revision
=
wcstoul
(
string
,
(
WCHAR
**
)
&
string
,
10
);
if
(
pisid
->
Revision
!=
SDDL_REVISION
)
{
...
...
@@ -665,8 +673,6 @@ static BOOL parse_sid( const WCHAR *string, SID *pisid, DWORD *size )
pisid
->
SubAuthorityCount
=
csubauth
;
/* Advance to identifier authority */
while
(
*
string
&&
*
string
!=
'-'
)
string
++
;
if
(
*
string
==
'-'
)
string
++
;
...
...
@@ -675,24 +681,20 @@ static BOOL parse_sid( const WCHAR *string, SID *pisid, DWORD *size )
*/
pisid
->
IdentifierAuthority
.
Value
[
0
]
=
0
;
pisid
->
IdentifierAuthority
.
Value
[
1
]
=
0
;
identAuth
=
wcstoul
(
string
,
NULL
,
10
);
identAuth
=
wcstoul
(
string
,
(
WCHAR
**
)
&
string
,
10
);
pisid
->
IdentifierAuthority
.
Value
[
5
]
=
identAuth
&
0xff
;
pisid
->
IdentifierAuthority
.
Value
[
4
]
=
(
identAuth
&
0xff00
)
>>
8
;
pisid
->
IdentifierAuthority
.
Value
[
3
]
=
(
identAuth
&
0xff0000
)
>>
16
;
pisid
->
IdentifierAuthority
.
Value
[
2
]
=
(
identAuth
&
0xff000000
)
>>
24
;
/* Advance to first sub authority */
while
(
*
string
&&
*
string
!=
'-'
)
string
++
;
if
(
*
string
==
'-'
)
string
++
;
while
(
*
string
)
while
(
iswdigit
(
*
string
)
||
*
string
==
'-'
)
{
pisid
->
SubAuthority
[
i
++
]
=
wcstoul
(
string
,
NULL
,
10
);
pisid
->
SubAuthority
[
i
++
]
=
wcstoul
(
string
,
(
WCHAR
**
)
&
string
,
10
);
while
(
*
string
&&
*
string
!=
'-'
)
string
++
;
if
(
*
string
==
'-'
)
string
++
;
}
...
...
@@ -703,6 +705,9 @@ static BOOL parse_sid( const WCHAR *string, SID *pisid, DWORD *size )
return
FALSE
;
}
if
(
end
)
assert
(
*
end
==
string
);
return
TRUE
;
}
else
/* String constant format - Only available in winxp and above */
...
...
@@ -746,6 +751,7 @@ static BOOL parse_sid( const WCHAR *string, SID *pisid, DWORD *size )
BOOL
WINAPI
DECLSPEC_HOTPATCH
ConvertStringSidToSidW
(
const
WCHAR
*
string
,
PSID
*
sid
)
{
DWORD
size
;
const
WCHAR
*
string_end
;
TRACE
(
"%s, %p
\n
"
,
debugstr_w
(
string
),
sid
);
...
...
@@ -761,12 +767,18 @@ BOOL WINAPI DECLSPEC_HOTPATCH ConvertStringSidToSidW( const WCHAR *string, PSID
return
FALSE
;
}
if
(
!
parse_sid
(
string
,
NULL
,
&
size
))
if
(
!
parse_sid
(
string
,
&
string_end
,
NULL
,
&
size
))
return
FALSE
;
if
(
*
string_end
)
{
SetLastError
(
ERROR_INVALID_SID
);
return
FALSE
;
}
*
sid
=
LocalAlloc
(
0
,
size
);
if
(
!
parse_sid
(
string
,
*
sid
,
&
size
))
if
(
!
parse_sid
(
string
,
NULL
,
*
sid
,
&
size
))
{
LocalFree
(
*
sid
);
return
FALSE
;
...
...
@@ -996,11 +1008,11 @@ static BOOL parse_acl( const WCHAR *string, DWORD *flags, ACL *acl, DWORD *ret_s
string
++
;
/* Parse ACE account sid */
if
(
parse_sid
(
string
,
ace
?
(
SID
*
)
&
ace
->
SidStart
:
NULL
,
&
sidlen
))
{
while
(
*
string
&&
*
string
!=
')'
)
string
++
;
}
if
(
!
parse_sid
(
string
,
&
string
,
ace
?
(
SID
*
)
&
ace
->
SidStart
:
NULL
,
&
sidlen
))
goto
err
;
while
(
*
string
==
' '
)
string
++
;
if
(
*
string
!=
')'
)
goto
err
;
...
...
@@ -1095,7 +1107,7 @@ static BOOL parse_sd( const WCHAR *string, SECURITY_DESCRIPTOR_RELATIVE *sd, DWO
{
DWORD
bytes
;
if
(
!
parse_sid
(
tok
,
(
SID
*
)
next
,
&
bytes
))
if
(
!
parse_sid
(
tok
,
NULL
,
(
SID
*
)
next
,
&
bytes
))
goto
out
;
if
(
sd
)
...
...
@@ -1113,7 +1125,7 @@ static BOOL parse_sd( const WCHAR *string, SECURITY_DESCRIPTOR_RELATIVE *sd, DWO
{
DWORD
bytes
;
if
(
!
parse_sid
(
tok
,
(
SID
*
)
next
,
&
bytes
))
if
(
!
parse_sid
(
tok
,
NULL
,
(
SID
*
)
next
,
&
bytes
))
goto
out
;
if
(
sd
)
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment