mirrors/reactos
0
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-12-04 00:43:32 +08:00
Code Issues Packages Projects Releases Wiki Activity

[NTOSKRNL] Properly handle "big" security descriptors in ObpCaptureObjectCreateInformation()

Browse Source
This commit is contained in:
Pierre Schweitzer 2018-10-27 19:35:45 +02:00
parent 2ce071d19a
commit 07e6af6aa1
No known key found for this signature in database
GPG Key ID: 7545556C3D585B0B
1 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
ntoskrnl/ob/oblife.c
View File

@ -460,6 +460,7 @@ ObpCaptureObjectCreateInformation(IN POBJECT_ATTRIBUTES ObjectAttributes,
IN POBJECT_CREATE_INFORMATION ObjectCreateInfo,
OUT PUNICODE_STRING ObjectName)
{
ULONG SdCharge, QuotaInfoSize;
NTSTATUS Status = STATUS_SUCCESS;
PSECURITY_DESCRIPTOR SecurityDescriptor;
PSECURITY_QUALITY_OF_SERVICE SecurityQos;
@ -518,8 +519,21 @@ ObpCaptureObjectCreateInformation(IN POBJECT_ATTRIBUTES ObjectAttributes,
_SEH2_YIELD(return Status);
}
/*
* By default, assume a SD size of 1024 and allow twice its
* size.
* If SD size happen to be bigger than that, then allow it
*/
SdCharge = 2048;
SeComputeQuotaInformationSize(ObjectCreateInfo->SecurityDescriptor,
&QuotaInfoSize);
if ((2 * QuotaInfoSize) > 2048)
{
SdCharge = 2 * QuotaInfoSize;
}
/* Save the probe mode and security descriptor size */
ObjectCreateInfo->SecurityDescriptorCharge = 2048; /* FIXME */
ObjectCreateInfo->SecurityDescriptorCharge = SdCharge;
ObjectCreateInfo->ProbeMode = AccessMode;
}