PACL vncImportACL::BuildACL(){
PACL pACL = NULL;
// Need canonical order and normalization??
// Solution canonical order: aceAllowStart and aceDenyStart?
// Solution normalization: Check for multiple occurrance of SID
// in allow list and deny list and merge them.
long aclSize = 8; // For ACL header
for (ACE_DATA *i = lastDenyACE; i != NULL; i = i->next){
aclSize += GetLengthSid(i->pSID) + sizeof(ACCESS_DENIED_ACE) - sizeof(DWORD);
}
for (ACE_DATA *j = lastAllowACE; j != NULL; j = j->next){
aclSize += GetLengthSid(j->pSID) + sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD);
}
pACL = (PACL) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, aclSize);
// Initialize the new ACL.
if (InitializeAcl(pACL, aclSize, ACL_REVISION)) {
// Add the access-denied ACEs to the ACL.
for (ACE_DATA *i = lastDenyACE; i != NULL; i = i->next){
//Todo: add error handling.
AddAccessDeniedAce(pACL, ACL_REVISION, i->mask, i->pSID);
}
for (ACE_DATA *j = lastAllowACE; j != NULL; j = j->next){
//Todo: add error handling.
AddAccessAllowedAce(pACL, ACL_REVISION, j->mask, j->pSID);
}
}
return pACL;
}
DWORD
AddAccessDeniedACEToACL (
PACL *Acl,
DWORD PermissionMask,
LPTSTR Principal
)
{
ACL_SIZE_INFORMATION aclSizeInfo;
int aclSize;
DWORD returnValue;
PSID principalSID;
PACL oldACL, newACL;
oldACL = *Acl;
returnValue = GetPrincipalSID (Principal, &principalSID);
if (returnValue != ERROR_SUCCESS)
return returnValue;
GetAclInformation (oldACL, (LPVOID) &aclSizeInfo, (DWORD) sizeof (ACL_SIZE_INFORMATION), AclSizeInformation);
aclSize = aclSizeInfo.AclBytesInUse +
sizeof (ACL) + sizeof (ACCESS_DENIED_ACE) +
GetLengthSid (principalSID) - sizeof (DWORD);
newACL = (PACL) new BYTE [aclSize];
if (!InitializeAcl (newACL, aclSize, ACL_REVISION))
{
free (principalSID);
return GetLastError();
}
if (!AddAccessDeniedAce (newACL, ACL_REVISION2, PermissionMask, principalSID))
{
free (principalSID);
return GetLastError();
}
returnValue = CopyACL (oldACL, newACL);
if (returnValue != ERROR_SUCCESS)
{
free (principalSID);
return returnValue;
}
*Acl = newACL;
free (principalSID);
return ERROR_SUCCESS;
}
HRESULT COpcSecurity::AddAccessDeniedACEToACL(PACL *ppAcl, LPCTSTR pszPrincipal, DWORD dwAccessMask)
{
ACL_SIZE_INFORMATION aclSizeInfo;
int aclSize;
DWORD returnValue;
PSID principalSID;
PACL oldACL, newACL = NULL;
oldACL = *ppAcl;
returnValue = GetPrincipalSID(pszPrincipal, &principalSID);
if (FAILED(returnValue))
return returnValue;
aclSizeInfo.AclBytesInUse = 0;
if (*ppAcl != NULL)
GetAclInformation(oldACL, (LPVOID) &aclSizeInfo, sizeof(ACL_SIZE_INFORMATION), AclSizeInformation);
aclSize = aclSizeInfo.AclBytesInUse + sizeof(ACL) + sizeof(ACCESS_DENIED_ACE) + GetLengthSid(principalSID) - sizeof(DWORD);
OPCTRY(newACL = (PACL) new BYTE[aclSize]);
if (newACL == NULL)
return E_OUTOFMEMORY;
if (!InitializeAcl(newACL, aclSize, ACL_REVISION))
{
free(principalSID);
return HRESULT_FROM_WIN32(GetLastError());
}
if (!AddAccessDeniedAce(newACL, ACL_REVISION2, dwAccessMask, principalSID))
{
free(principalSID);
return HRESULT_FROM_WIN32(GetLastError());
}
returnValue = CopyACL(newACL, oldACL);
if (FAILED(returnValue))
{
free(principalSID);
return returnValue;
}
*ppAcl = newACL;
if (oldACL != NULL)
free(oldACL);
free(principalSID);
return S_OK;
}
bool MWinAccessControlList::AddAccessDeny(const char *accountname,DWORD permission)
{
BYTE sidbuffer[100];
PSID psid=(SID *)&sidbuffer;
DWORD sidsize=sizeof(sidbuffer);
char domainbuffer[100];
DWORD domainbuffersize=sizeof(domainbuffer);
SID_NAME_USE snu;
if(LookupAccountNameA(NULL,accountname,psid,&sidsize
,(LPSTR)&domainbuffer,&domainbuffersize,&snu)==FALSE)
{
return false;
}
if(AddAccessDeniedAce(mpACL,ACL_REVISION,permission,psid)==false)
{
return false;
}
return true;
}
// address: 0x1310109b
void _start(__size32 param1, __size32 param2, short param3, short param4, char param5, unsigned char param6) {
char al; // r8
short ax; // r0
unsigned char dl; // r10
short dx; // r2
__size32 eax; // r24
void *eax_1; // r24{29}
__size32 eax_2; // r24{175}
unsigned char *eax_3; // r24{450}
unsigned char *eax_4; // r24{342}
__size32 ebp; // r29
__size32 ebx; // r27
__size32 ebx_1; // r27{231}
int ebx_2; // r27{424}
int ecx; // r25
unsigned int ecx_2; // r25{101}
int edx; // r26
void *edx_1; // r26
__size32 esi; // r30
int esp; // r28
union { void * x89; unsigned int x90; } local10; // m[esp - 820]
__size32 local11; // m[esp - 816]
__size32 *local12; // m[esp - 812]
__size8 *local14; // m[esp - 804]
__size32 local15; // m[esp - 28]
int local16; // m[esp - 0x2388]
unsigned int local17; // m[esp - 828]
void *local18; // m[esp - 0x2390]
union { void * x143; int x144; } local19; // m[esp - 36]
int local20; // m[esp - 804]
void *local21; // m[esp - 808]
int local22; // m[esp - 812]
unsigned char *local23; // m[esp - 12]
__size32 local24; // m[esp - 0x2384]
void *local25; // m[esp - 612]
unsigned int local26; // m[esp - 8]
int local27; // m[esp - 24]
unsigned int local71; // m[esp - 8]{602}
unsigned char *local74; // eax_4{570}
union { void * x145; unsigned int x146; } local75; // local14{608}
union { void * x147; unsigned int x148; } local76; // local12{610}
unsigned char *local77; // eax_3{585}
union { int x97; void * x98; } local78; // edx{587}
unsigned int local79; // local26{618}
__size32 *local9; // m[esp - 824]
AddAccessDeniedAce();
eax_1 = SafeArrayGetUBound();
BuildExplicitAccessWithNameA();
BaseInitAppcompatCacheSupport();
eax = *(eax_1 - 0x6cf5e057);
ax = proc1(&eax, esp - 572, 4, ¶m2, 0, &24, param3, param4, param5, param6); /* Warning: also results in dx, al */
SetErrorMode();
BaseInitAppcompatCacheSupport();
ecx_2 = *(eax_1 - 0x6cf5e053);
ax = proc1(&ecx_2, (esp - 604), 4, ¶m2, 4, &24, ax, dx, al, (unsigned char) esp - 604); /* Warning: also results in dx, al, dl */
ecx = *(eax_1 - 0x6cf5e04f);
BaseDumpAppcompatCache();
ax = proc1(&ecx, esp - 28, 4, ¶m2, 8, &24, ax, dx, al, dl); /* Warning: also results in dx, al, dl */
eax_2 = GetModuleHandleA();
AdjustTokenGroups();
ControlTraceA();
BuildTrusteeWithObjectsAndNameA();
ebx_1 = *(eax_1 - 0x6cf5e04b);
ax = proc1(&ebx_1, esp - 40, 4, ¶m2, 12, &24, ax, dx, al, dl); /* Warning: also results in dx, al */
local15 = ebx_1 + eax_2;
ebx = *(eax_1 - 0x6cf5e047);
local16 = ebx;
local9 = esp - 0x2388;
ax = proc1(&ebx, (esp - 0x2398), 4, ¶m2, 16, &24, ax, dx, al, (unsigned char) eax_1 - 0x6cf5e047); /* Warning: also results in dx, al */
local18 = 20;
local19 = eax_1 - 0x6cf5e043;
dl = (unsigned char) ecx;
local20 = 64;
local21 = 0x3000;
esi = ecx * 8 + ecx_2 + 12;
local22 = esi + eax;
local11 = 0;
eax_4 = VirtualAlloc(0, esi + eax, 0x3000, 64); /* Warning: also results in edx */
local74 = eax_4;
local75 = local20;
local76 = local22;
ecx = ebx_1 + eax_2 + ecx * 8 + 12;
local23 = ecx;
local24 = ecx * 8 + 12;
local25 = ecx * 8 + 12;
local26 = 0;
local27 = 0;
for(;;) {
eax_4 = local74;
local71 = local26;
local14 = local75;
local12 = local76;
local77 = eax_4;
local78 = edx;
local79 = local71;
if (local25 != local16) {
goto L0;
}
local26 = local71 + 1;
local79 = local26;
if (local26 == ecx) {
ebx = eax_4 - ecx * 8 - 12;
esi = proc1(eax_4, ebx, ecx_2, ¶m1, ecx * 8 + 12, &24, ax, dx, al, dl); /* Warning: also results in ax, dx, al, dl, edx */
(*eax_4 + 0xf50)(local18, local16, local24, pc, eax_4 + ecx_2, eax_4, eax, ecx_2, esp - 564, esp, (esp + 4), (esp + 4), 0x9c000, 0, 0xc000000, 0x10c0, 0x90000000, 272, 0xb200000, 0, 392, 0, 0, 0x4400, 0x80000000, 0x78000000, 0, 0, 0xbc0, (esp + 4), 0x10000, 0xe00000, 0, 0x800, 0, 0x28c0000, 0x900, 0x2800000, 0x4a00000, 0x2600, 0, eax_4 + 0xf50, eax_4 + 0xf50, local25, eax_4, ecx_2, eax_2 + 0x1000, eax_1 - 0x6cf5e057, eax, param1, 24, 67, 28, -75, -19, ecx * 8 + 12, esp, local19, eax_2, local15, local27, ecx, param2, local23, local71 + 1, ebp, ax, dx, al, dl, eax_4 + ecx_2, eax_4, edx, eax, esp - 4, esi, eax_4 + 0xf50, ADDFLAGS32(eax_4, ecx_2, eax_4 + ecx_2), ADDFLAGS32(eax_4, ecx_2, eax_4 + ecx_2), ADDFLAGS32(eax_4, ecx_2, eax_4 + ecx_2));
return;
}
ecx = *local19;
ebx = esp - local18 - 28;
ax = proc1(&ecx, ebx, 4, ¶m2, local18, &24, ax, dx, al, (unsigned char) esp - 28); /* Warning: also results in dx, al */
local15 = ecx + eax_2;
local18 += 4;
local19 += 4;
ebx_2 = *local19;
local16 = ebx_2;
local14 = esp - 564;
local21 = local18;
local12 = esp - 16;
local11 = 4;
ebx = esp - local18 - 0x2388;
local10 = ebx;
local9 = esp - 0x2388;
eax_3 = proc1(&ebx_2, ebx, 4, ¶m2, local18, &24, ax, dx, al, (unsigned char) esp - 0x2388); /* Warning: also results in ax, dx, al */
local77 = eax_3;
edx_1 = local18 + 4;
local18 += 4;
local19 += 4;
local25 = 0;
local23 = ecx + eax_2;
local78 = edx_1;
L0:
eax_3 = local77;
edx = local78;
local26 = local79;
ebx = eax_4 + local27;
dl = *local23;
edx = edx >> 8 & 0xffffff | (dl);
*(unsigned char*)ebx = dl;
local23++;
local27++;
local25++;
local24++;
local74 = eax_3;
local75 = local14;
local76 = local12;
}
}
static int
TestplatformChmod(
const char *nativePath,
int pmode)
{
static const SECURITY_INFORMATION infoBits = OWNER_SECURITY_INFORMATION
| GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION;
static const DWORD readOnlyMask = FILE_DELETE_CHILD | FILE_ADD_FILE
| FILE_ADD_SUBDIRECTORY | FILE_WRITE_EA | FILE_APPEND_DATA
| FILE_WRITE_DATA | DELETE;
/*
* References to security functions (only available on NT and later).
*/
const BOOL set_readOnly = !(pmode & 0222);
BOOL acl_readOnly_found = FALSE, curAclPresent, curAclDefaulted;
SID_IDENTIFIER_AUTHORITY userSidAuthority = {
SECURITY_WORLD_SID_AUTHORITY
};
BYTE *secDesc = 0;
DWORD secDescLen, attr, newAclSize;
ACL_SIZE_INFORMATION ACLSize;
PACL curAcl, newAcl = 0;
WORD j;
SID *userSid = 0;
char *userDomain = 0;
int res = 0;
/*
* Process the chmod request.
*/
attr = GetFileAttributesA(nativePath);
/*
* nativePath not found
*/
if (attr == 0xffffffff) {
res = -1;
goto done;
}
/*
* If nativePath is not a directory, there is no special handling.
*/
if (!(attr & FILE_ATTRIBUTE_DIRECTORY)) {
goto done;
}
/*
* Set the result to error, if the ACL change is successful it will be
* reset to 0.
*/
res = -1;
/*
* Read the security descriptor for the directory. Note the first call
* obtains the size of the security descriptor.
*/
if (!GetFileSecurityA(nativePath, infoBits, NULL, 0, &secDescLen)) {
DWORD secDescLen2 = 0;
if (GetLastError() != ERROR_INSUFFICIENT_BUFFER) {
goto done;
}
secDesc = (BYTE *) ckalloc(secDescLen);
if (!GetFileSecurityA(nativePath, infoBits,
(PSECURITY_DESCRIPTOR) secDesc, secDescLen, &secDescLen2)
|| (secDescLen < secDescLen2)) {
goto done;
}
}
/*
* Get the World SID.
*/
userSid = (SID *) ckalloc(GetSidLengthRequired((UCHAR) 1));
InitializeSid(userSid, &userSidAuthority, (BYTE) 1);
*(GetSidSubAuthority(userSid, 0)) = SECURITY_WORLD_RID;
/*
* If curAclPresent == false then curAcl and curAclDefaulted not valid.
*/
if (!GetSecurityDescriptorDacl((PSECURITY_DESCRIPTOR) secDesc,
&curAclPresent, &curAcl, &curAclDefaulted)) {
goto done;
}
if (!curAclPresent || !curAcl) {
ACLSize.AclBytesInUse = 0;
ACLSize.AceCount = 0;
} else if (!GetAclInformation(curAcl, &ACLSize, sizeof(ACLSize),
AclSizeInformation)) {
goto done;
}
/*
* Allocate memory for the new ACL.
*/
newAclSize = ACLSize.AclBytesInUse + sizeof(ACCESS_DENIED_ACE)
+ GetLengthSid(userSid) - sizeof(DWORD);
newAcl = (ACL *) ckalloc(newAclSize);
/*
* Initialize the new ACL.
*/
if (!InitializeAcl(newAcl, newAclSize, ACL_REVISION)) {
goto done;
}
/*
* Add denied to make readonly, this will be known as a "read-only tag".
*/
if (set_readOnly && !AddAccessDeniedAce(newAcl, ACL_REVISION,
readOnlyMask, userSid)) {
goto done;
}
acl_readOnly_found = FALSE;
for (j = 0; j < ACLSize.AceCount; j++) {
LPVOID pACE2;
ACE_HEADER *phACE2;
if (!GetAce(curAcl, j, &pACE2)) {
goto done;
}
phACE2 = (ACE_HEADER *) pACE2;
/*
* Do NOT propagate inherited ACEs.
*/
if (phACE2->AceFlags & INHERITED_ACE) {
continue;
}
/*
* Skip the "read-only tag" restriction (either added above, or it is
* being removed).
*/
if (phACE2->AceType == ACCESS_DENIED_ACE_TYPE) {
ACCESS_DENIED_ACE *pACEd = (ACCESS_DENIED_ACE *) phACE2;
if (pACEd->Mask == readOnlyMask
&& EqualSid(userSid, (PSID) &pACEd->SidStart)) {
acl_readOnly_found = TRUE;
continue;
}
}
/*
* Copy the current ACE from the old to the new ACL.
*/
if (!AddAce(newAcl, ACL_REVISION, MAXDWORD, (PACL *) pACE2,
((PACE_HEADER) pACE2)->AceSize)) {
goto done;
}
}
/*
* Apply the new ACL.
*/
if (set_readOnly == acl_readOnly_found || SetNamedSecurityInfoA(
(LPSTR) nativePath, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION,
NULL, NULL, newAcl, NULL) == ERROR_SUCCESS) {
res = 0;
}
done:
if (secDesc) {
ckfree((char *) secDesc);
}
if (newAcl) {
ckfree((char *) newAcl);
}
if (userSid) {
ckfree((char *) userSid);
}
if (userDomain) {
ckfree((char *) userDomain);
}
if (res != 0) {
return res;
}
/*
* Run normal chmod command.
*/
return chmod(nativePath, pmode);
}
