Piotr Caban : advapi: Don' t use CreateFile when opening file with possibly empty DACL. - wine-commits

27 Mar 2015

Module: wine
Branch: master
Commit: f956bb4caa442ccde1ddaf483c5cb619bbf4049a
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=f956bb4caa442ccde1ddaf483c...
Author: Piotr Caban piotr@codeweavers.com
Date:   Fri Mar 27 11:11:31 2015 +0100
advapi: Don't use CreateFile when opening file with possibly empty DACL.
---
dlls/advapi32/security.c | 22 +++++++++++++---------
 1 file changed, 13 insertions(+), 9 deletions(-)

diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
index 097b0da..e8cdcc5 100644
--- a/dlls/advapi32/security.c
+++ b/dlls/advapi32/security.c
@@ -397,7 +397,7 @@ static inline BOOL set_ntstatus( NTSTATUS status )
 }
/* helper function for SE_FILE_OBJECT objects in [Get|Set]NamedSecurityInfo */
-static inline DWORD get_security_file( LPWSTR full_file_name, DWORD access, HANDLE *file )
+static inline DWORD get_security_file( LPCWSTR full_file_name, DWORD access, HANDLE *file )
 {
     UNICODE_STRING file_nameW;
     OBJECT_ATTRIBUTES attr;
@@ -2029,7 +2029,7 @@ GetFileSecurityW( LPCWSTR lpFileName,
 {
     HANDLE hfile;
     NTSTATUS status;
-    DWORD access = 0;
+    DWORD access = 0, err;
TRACE("(%s,%d,%p,%d,%p)\n", debugstr_w(lpFileName),
           RequestedInformation, pSecurityDescriptor,
@@ -2041,10 +2041,12 @@ GetFileSecurityW( LPCWSTR lpFileName,
     if (RequestedInformation & SACL_SECURITY_INFORMATION)
         access |= ACCESS_SYSTEM_SECURITY;
-    hfile = CreateFileW( lpFileName, access, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
-                         NULL, OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS, 0 );
-    if ( hfile == INVALID_HANDLE_VALUE )
+    err = get_security_file( lpFileName, access, &hfile);
+    if (err)
+    {
+        SetLastError(err);
         return FALSE;
+    }
status = NtQuerySecurityObject( hfile, RequestedInformation, pSecurityDescriptor,
                                     nLength, lpnLengthNeeded );
@@ -2325,7 +2327,7 @@ SetFileSecurityW( LPCWSTR lpFileName,
                     PSECURITY_DESCRIPTOR pSecurityDescriptor )
 {
     HANDLE file;
-    DWORD access = 0;
+    DWORD access = 0, err;
     NTSTATUS status;
TRACE("(%s, 0x%x, %p)\n", debugstr_w(lpFileName), RequestedInformation,
@@ -2339,10 +2341,12 @@ SetFileSecurityW( LPCWSTR lpFileName,
     if (RequestedInformation & DACL_SECURITY_INFORMATION)
         access |= WRITE_DAC;
-    file = CreateFileW( lpFileName, access, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
-                        NULL, OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS, NULL );
-    if (file == INVALID_HANDLE_VALUE)
+    err = get_security_file( lpFileName, access, &file);
+    if (err)
+    {
+        SetLastError(err);
         return FALSE;
+    }
status = NtSetSecurityObject( file, RequestedInformation, pSecurityDescriptor );
     CloseHandle( file );

    