wine/wine-staging
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-staging.git synced 2025-01-28 22:04:43 -08:00
Code Issues Packages Projects Releases Wiki Activity

Rebase against 6e3f39a4c59fd529c7b532dcde1bb8c37c467b35.

Browse Source
This commit is contained in:
Zebediah Figura 2019-04-26 16:21:57 -05:00
parent a9282e6425
commit 2e99ff1d6e
6 changed files with 2 additions and 313 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

95
patches/advapi32-LsaLookupSids/0005-advapi32-tests-Test-prefix-and-use-of-TokenPrimaryGr.patch
View File

@ -1,95 +0,0 @@
From f0290aad953e988b1a15e214ecfc57f21dc136af Mon Sep 17 00:00:00 2001
From: Qian Hong <qhong@codeweavers.com>
Date: Tue, 28 Apr 2015 23:28:50 +0800
Subject: advapi32/tests: Test prefix and use of TokenPrimaryGroup Sid.
---
dlls/advapi32/tests/security.c | 35 ++++++++++++++++++++++++++++++-----
1 file changed, 30 insertions(+), 5 deletions(-)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index f3fc682..6a716d6 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -2514,19 +2514,21 @@ static void test_granted_access(HANDLE handle, ACCESS_MASK access,
static void test_process_security(void)
{
BOOL res;
+ PTOKEN_USER user;
PTOKEN_OWNER owner;
PTOKEN_PRIMARY_GROUP group;
- PSID AdminSid = NULL, UsersSid = NULL;
+ PSID AdminSid = NULL, UsersSid = NULL, UserSid = NULL;
PACL Acl = NULL, ThreadAcl = NULL;
SECURITY_DESCRIPTOR *SecurityDescriptor = NULL, *ThreadSecurityDescriptor = NULL;
- char buffer[MAX_PATH];
+ char buffer[MAX_PATH], account[MAX_PATH], domain[MAX_PATH];
PROCESS_INFORMATION info;
STARTUPINFOA startup;
SECURITY_ATTRIBUTES psa, tsa;
HANDLE token, event;
- DWORD size;
+ DWORD size, acc_size, dom_size, ret;
SID_IDENTIFIER_AUTHORITY SIDAuthWorld = { SECURITY_WORLD_SID_AUTHORITY };
PSID EveryoneSid = NULL;
+ SID_NAME_USE use;
Acl = HeapAlloc(GetProcessHeap(), 0, 256);
res = InitializeAcl(Acl, 256, ACL_REVISION);
@@ -2558,7 +2560,8 @@ static void test_process_security(void)
owner = HeapAlloc(GetProcessHeap(), 0, size);
res = GetTokenInformation( token, TokenOwner, owner, size, &size );
ok(res, "GetTokenInformation failed with error %d\n", GetLastError());
- AdminSid = ((TOKEN_OWNER*)owner)->Owner;
+ AdminSid = owner->Owner;
+ test_sid_str(AdminSid);
res = GetTokenInformation( token, TokenPrimaryGroup, NULL, 0, &size );
ok(!res, "Expected failure, got %d\n", res);
@@ -2568,13 +2571,34 @@ static void test_process_security(void)
group = HeapAlloc(GetProcessHeap(), 0, size);
res = GetTokenInformation( token, TokenPrimaryGroup, group, size, &size );
ok(res, "GetTokenInformation failed with error %d\n", GetLastError());
- UsersSid = ((TOKEN_PRIMARY_GROUP*)group)->PrimaryGroup;
+ UsersSid = group->PrimaryGroup;
+ test_sid_str(UsersSid);
+
+ acc_size = sizeof(account);
+ dom_size = sizeof(domain);
+ ret = LookupAccountSidA( NULL, UsersSid, account, &acc_size, domain, &dom_size, &use );
+ ok(ret, "LookupAccountSid failed with %d\n", ret);
+ todo_wine ok(use == SidTypeGroup, "expect SidTypeGroup, got %d\n", use);
+ todo_wine ok(!strcmp(account, "None"), "expect None, got %s\n", account);
+
+ res = GetTokenInformation( token, TokenUser, NULL, 0, &size );
+ ok(!res, "Expected failure, got %d\n", res);
+ ok(GetLastError() == ERROR_INSUFFICIENT_BUFFER,
+ "Expected ERROR_INSUFFICIENT_BUFFER, got %d\n", GetLastError());
+
+ user = HeapAlloc(GetProcessHeap(), 0, size);
+ res = GetTokenInformation( token, TokenUser, user, size, &size );
+ ok(res, "GetTokenInformation failed with error %d\n", GetLastError());
+ UserSid = user->User.Sid;
+ test_sid_str(UserSid);
+ todo_wine ok(EqualPrefixSid(UsersSid, UserSid), "TokenPrimaryGroup Sid and TokenUser Sid don't match.\n");
CloseHandle( token );
if (!res)
{
HeapFree(GetProcessHeap(), 0, group);
HeapFree(GetProcessHeap(), 0, owner);
+ HeapFree(GetProcessHeap(), 0, user);
HeapFree(GetProcessHeap(), 0, Acl);
return;
}
@@ -2681,6 +2705,7 @@ static void test_process_security(void)
CloseHandle( event );
HeapFree(GetProcessHeap(), 0, group);
HeapFree(GetProcessHeap(), 0, owner);
+ HeapFree(GetProcessHeap(), 0, user);
HeapFree(GetProcessHeap(), 0, Acl);
HeapFree(GetProcessHeap(), 0, SecurityDescriptor);
HeapFree(GetProcessHeap(), 0, ThreadAcl);
--
2.3.5

110
patches/advapi32-SetSecurityInfo/0001-advapi32-Move-the-DACL-combining-code-into-a-separat.patch
View File

@ -1,110 +0,0 @@
From 646388b696afda85dccc76678af6a8955bf0b627 Mon Sep 17 00:00:00 2001
From: "Erich E. Hoover" <erich.e.hoover@wine-staging.com>
Date: Fri, 16 Oct 2015 16:03:00 -0600
Subject: advapi32: Move the DACL combining code into a separate routine.
---
dlls/advapi32/security.c | 79 +++++++++++++++++++++++++++---------------------
1 file changed, 45 insertions(+), 34 deletions(-)
diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
index 00dafe8..dad8b22 100644
--- a/dlls/advapi32/security.c
+++ b/dlls/advapi32/security.c
@@ -5805,6 +5805,48 @@ BOOL WINAPI FileEncryptionStatusA(LPCSTR lpFileName, LPDWORD lpStatus)
return TRUE;
}
+static NTSTATUS combine_dacls(ACL *parent, ACL *child, ACL **result)
+{
+ ACL *combined;
+ int i;
+
+ /* initialize a combined DACL containing both inherited and new ACEs */
+ combined = heap_alloc_zero(child->AclSize+parent->AclSize);
+ if (!combined)
+ return STATUS_NO_MEMORY;
+
+ memcpy(combined, child, child->AclSize);
+ combined->AclSize = child->AclSize+parent->AclSize;
+
+ /* copy the inherited ACEs */
+ for (i=0; i<parent->AceCount; i++)
+ {
+ ACE_HEADER *ace;
+
+ if (!GetAce(parent, i, (void*)&ace))
+ continue;
+ if (!(ace->AceFlags & (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE)))
+ continue;
+ if ((ace->AceFlags & (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE)) !=
+ (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE))
+ {
+ FIXME("unsupported flags: %x\n", ace->AceFlags);
+ continue;
+ }
+
+ if (ace->AceFlags & NO_PROPAGATE_INHERIT_ACE)
+ ace->AceFlags &= ~(OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE|NO_PROPAGATE_INHERIT_ACE);
+ ace->AceFlags &= ~INHERIT_ONLY_ACE;
+ ace->AceFlags |= INHERITED_ACE;
+
+ if (!AddAce(combined, ACL_REVISION, MAXDWORD, ace, ace->AceSize))
+ WARN("error adding inherited ACE\n");
+ }
+
+ *result = combined;
+ return STATUS_SUCCESS;
+}
+
/******************************************************************************
* SetSecurityInfo [ADVAPI32.@]
*/
@@ -5904,41 +5946,10 @@ DWORD WINAPI SetSecurityInfo(HANDLE handle, SE_OBJECT_TYPE ObjectType,
if (!err)
{
- int i;
-
- dacl = heap_alloc_zero(pDacl->AclSize+parent_dacl->AclSize);
- if (!dacl)
- {
- LocalFree(parent_sd);
- return ERROR_NOT_ENOUGH_MEMORY;
- }
- memcpy(dacl, pDacl, pDacl->AclSize);
- dacl->AclSize = pDacl->AclSize+parent_dacl->AclSize;
-
- for (i=0; i<parent_dacl->AceCount; i++)
- {
- ACE_HEADER *ace;
-
- if (!GetAce(parent_dacl, i, (void*)&ace))
- continue;
- if (!(ace->AceFlags & (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE)))
- continue;
- if ((ace->AceFlags & (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE)) !=
- (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE))
- {
- FIXME("unsupported flags: %x\n", ace->AceFlags);
- continue;
- }
-
- if (ace->AceFlags & NO_PROPAGATE_INHERIT_ACE)
- ace->AceFlags &= ~(OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE|NO_PROPAGATE_INHERIT_ACE);
- ace->AceFlags &= ~INHERIT_ONLY_ACE;
- ace->AceFlags |= INHERITED_ACE;
-
- if(!AddAce(dacl, ACL_REVISION, MAXDWORD, ace, ace->AceSize))
- WARN("error adding inherited ACE\n");
- }
+ status = combine_dacls(parent_dacl, pDacl, &dacl);
LocalFree(parent_sd);
+ if (status != STATUS_SUCCESS)
+ return RtlNtStatusToDosError(status);
}
}
else
--
2.6.1

54
patches/advapi32-SetSecurityInfo/0002-advapi32-Fix-the-initialization-of-combined-DACLs-wh.patch
View File

@ -1,54 +0,0 @@
From d1accafbe8e52b6b2c84e9fe5d08303fc05858af Mon Sep 17 00:00:00 2001
From: "Erich E. Hoover" <erich.e.hoover@wine-staging.com>
Date: Fri, 16 Oct 2015 13:58:38 -0600
Subject: advapi32: Fix the initialization of combined DACLs when the new DACL
is empty.
---
dlls/advapi32/security.c | 23 +++++++++++++++++++++--
1 file changed, 21 insertions(+), 2 deletions(-)
diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
index dad8b22..11ae487 100644
--- a/dlls/advapi32/security.c
+++ b/dlls/advapi32/security.c
@@ -5807,6 +5807,7 @@ BOOL WINAPI FileEncryptionStatusA(LPCSTR lpFileName, LPDWORD lpStatus)
static NTSTATUS combine_dacls(ACL *parent, ACL *child, ACL **result)
{
+ NTSTATUS status;
ACL *combined;
int i;
@@ -5815,8 +5816,26 @@ static NTSTATUS combine_dacls(ACL *parent, ACL *child, ACL **result)
if (!combined)
return STATUS_NO_MEMORY;
- memcpy(combined, child, child->AclSize);
- combined->AclSize = child->AclSize+parent->AclSize;
+ status = RtlCreateAcl(combined, parent->AclSize+child->AclSize, ACL_REVISION);
+ if (status != STATUS_SUCCESS)
+ {
+ heap_free(combined);
+ return status;
+ }
+
+ /* copy the new ACEs */
+ for (i=0; i<child->AceCount; i++)
+ {
+ ACE_HEADER *ace;
+
+ if (!GetAce(child, i, (void*)&ace))
+ {
+ WARN("error obtaining new ACE\n");
+ continue;
+ }
+ if (!AddAce(combined, ACL_REVISION, MAXDWORD, ace, ace->AceSize))
+ WARN("error adding new ACE\n");
+ }
/* copy the inherited ACEs */
for (i=0; i<parent->AceCount; i++)
--
2.6.1

1
patches/advapi32-SetSecurityInfo/definition
View File

@ -1 +0,0 @@
Fixes: [38423] Fix the initialization of combined DACLs when the new DACL is empty

26
patches/kernel32-NeedCurrentDirectoryForExePath/0002-kernel32-NeedCurrentDirectoryForExePath-does-not-use.patch
View File

@ -1,26 +0,0 @@
From c500701514fb08730e881285b75fb000c97d1c15 Mon Sep 17 00:00:00 2001
From: "Erich E. Hoover" <erich.e.hoover@gmail.com>
Date: Sat, 3 Jan 2015 20:57:27 -0700
Subject: kernel32: NeedCurrentDirectoryForExePath does not use the registry.
---
dlls/kernel32/path.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/dlls/kernel32/path.c b/dlls/kernel32/path.c
index bb167a0..dc90e58 100644
--- a/dlls/kernel32/path.c
+++ b/dlls/kernel32/path.c
@@ -1872,8 +1872,7 @@ BOOL WINAPI NeedCurrentDirectoryForExePathW( LPCWSTR name )
'I','n','E','x','e','P','a','t','h',0};
WCHAR env_val;
- /* MSDN mentions some 'registry location'. We do not use registry. */
- FIXME("(%s): partial stub\n", debugstr_w(name));
+ TRACE("(%s)\n", debugstr_w(name));
if (strchrW(name, '\\'))
return TRUE;
--
1.9.1

29
patches/patchinstall.sh
View File

@ -52,7 +52,7 @@ usage()
# Get the upstream commit sha
upstream_commit()
{
echo "85826158947637f790b68742a5448c483f47234f"
echo "6e3f39a4c59fd529c7b532dcde1bb8c37c467b35"
}
# Show version information
@ -89,7 +89,6 @@ patch_enable_all ()
enable_advapi32_CreateRestrictedToken="$1"
enable_advapi32_LsaLookupPrivilegeName="$1"
enable_advapi32_LsaLookupSids="$1"
enable_advapi32_SetSecurityInfo="$1"
enable_advapi32_Token_Integrity_Level="$1"
enable_api_ms_win_Stub_DLLs="$1"
enable_atl_AtlAxDialogBox="$1"
@ -404,9 +403,6 @@ patch_enable ()
advapi32-LsaLookupSids)
enable_advapi32_LsaLookupSids="$2"
;;
advapi32-SetSecurityInfo)
enable_advapi32_SetSecurityInfo="$2"
;;
advapi32-Token_Integrity_Level)
enable_advapi32_Token_Integrity_Level="$2"
;;
@ -2186,7 +2182,6 @@ if test "$enable_advapi32_LsaLookupSids" -eq 1; then
patch_apply advapi32-LsaLookupSids/0002-advapi32-Prepend-a-hidden-LSA_TRUST_INFORMATION-in-L.patch
patch_apply advapi32-LsaLookupSids/0003-advapi32-Prepend-a-hidden-LSA_TRUST_INFORMATION-in-L.patch
patch_apply advapi32-LsaLookupSids/0004-advapi32-Fallback-to-Sid-string-when-LookupAccountSi.patch
patch_apply advapi32-LsaLookupSids/0005-advapi32-tests-Test-prefix-and-use-of-TokenPrimaryGr.patch
patch_apply advapi32-LsaLookupSids/0006-server-Create-primary-group-using-DOMAIN_GROUP_RID_U.patch
patch_apply advapi32-LsaLookupSids/0007-advapi32-Fix-name-and-use-of-DOMAIN_GROUP_RID_USERS.patch
(
@ -2194,29 +2189,11 @@ if test "$enable_advapi32_LsaLookupSids" -eq 1; then
printf '%s\n' '+ { "Qian Hong", "advapi32: Prepend a hidden LSA_TRUST_INFORMATION in LsaLookupSids to avoid crash when Domains[-1] incorrectly accessed by application.", 2 },';
printf '%s\n' '+ { "Qian Hong", "advapi32: Prepend a hidden LSA_TRUST_INFORMATION in LsaLookupNames2 to avoid crash when Domains[-1] incorrectly accessed by application.", 2 },';
printf '%s\n' '+ { "Qian Hong", "advapi32: Fallback to Sid string when LookupAccountSid fails.", 1 },';
printf '%s\n' '+ { "Qian Hong", "advapi32/tests: Test prefix and use of TokenPrimaryGroup Sid.", 1 },';
printf '%s\n' '+ { "Qian Hong", "server: Create primary group using DOMAIN_GROUP_RID_USERS.", 1 },';
printf '%s\n' '+ { "Qian Hong", "advapi32: Fix name and use of DOMAIN_GROUP_RID_USERS.", 1 },';
) >> "$patchlist"
fi
# Patchset advapi32-SetSecurityInfo
# |
# | This patchset fixes the following Wine bugs:
# | * [#38423] Fix the initialization of combined DACLs when the new DACL is empty
# |
# | Modified files:
# | * dlls/advapi32/security.c
# |
if test "$enable_advapi32_SetSecurityInfo" -eq 1; then
patch_apply advapi32-SetSecurityInfo/0001-advapi32-Move-the-DACL-combining-code-into-a-separat.patch
patch_apply advapi32-SetSecurityInfo/0002-advapi32-Fix-the-initialization-of-combined-DACLs-wh.patch
(
printf '%s\n' '+ { "Erich E. Hoover", "advapi32: Move the DACL combining code into a separate routine.", 1 },';
printf '%s\n' '+ { "Erich E. Hoover", "advapi32: Fix the initialization of combined DACLs when the new DACL is empty.", 1 },';
) >> "$patchlist"
fi
# Patchset advapi32-Token_Integrity_Level
# |
# | This patchset has the following (direct or indirect) dependencies:
@ -4261,15 +4238,13 @@ fi
# | * [#23934] CreateProcess does not prioritize the working directory over the system search path
# |
# | Modified files:
# | * dlls/kernel32/path.c, dlls/kernel32/process.c, dlls/kernel32/tests/path.c
# | * dlls/kernel32/process.c, dlls/kernel32/tests/path.c
# |
if test "$enable_kernel32_NeedCurrentDirectoryForExePath" -eq 1; then
patch_apply kernel32-NeedCurrentDirectoryForExePath/0001-kernel32-Add-SearchPath-test-demonstrating-the-prior.patch
patch_apply kernel32-NeedCurrentDirectoryForExePath/0002-kernel32-NeedCurrentDirectoryForExePath-does-not-use.patch
patch_apply kernel32-NeedCurrentDirectoryForExePath/0003-kernel32-Consider-the-working-directory-first-when-l.patch
(
printf '%s\n' '+ { "Erich E. Hoover", "kernel32: Add SearchPath test demonstrating the priority of the working directory.", 1 },';
printf '%s\n' '+ { "Erich E. Hoover", "kernel32: NeedCurrentDirectoryForExePath does not use the registry.", 1 },';
printf '%s\n' '+ { "Erich E. Hoover", "kernel32: Consider the working directory first when launching executables with CreateProcess.", 1 },';
) >> "$patchlist"
fi