| 1608 | } |
| 1609 | |
| 1610 | static NTSTATUS DOKAN_CALLBACK CryptGetFileSecurity( |
| 1611 | LPCWSTR FileName, PSECURITY_INFORMATION SecurityInformation, |
| 1612 | PSECURITY_DESCRIPTOR SecurityDescriptor, ULONG BufferLength, |
| 1613 | PULONG LengthNeeded, PDOKAN_FILE_INFO DokanFileInfo) { |
| 1614 | FileNameEnc filePath(DokanFileInfo, FileName); |
| 1615 | |
| 1616 | BOOLEAN requestingSaclInfo; |
| 1617 | |
| 1618 | UNREFERENCED_PARAMETER(DokanFileInfo); |
| 1619 | |
| 1620 | DbgPrint(L"GetFileSecurity %s\n", FileName); |
| 1621 | |
| 1622 | CryptCheckFlag(*SecurityInformation, FILE_SHARE_READ); |
| 1623 | CryptCheckFlag(*SecurityInformation, OWNER_SECURITY_INFORMATION); |
| 1624 | CryptCheckFlag(*SecurityInformation, GROUP_SECURITY_INFORMATION); |
| 1625 | CryptCheckFlag(*SecurityInformation, DACL_SECURITY_INFORMATION); |
| 1626 | CryptCheckFlag(*SecurityInformation, SACL_SECURITY_INFORMATION); |
| 1627 | CryptCheckFlag(*SecurityInformation, LABEL_SECURITY_INFORMATION); |
| 1628 | CryptCheckFlag(*SecurityInformation, ATTRIBUTE_SECURITY_INFORMATION); |
| 1629 | CryptCheckFlag(*SecurityInformation, SCOPE_SECURITY_INFORMATION); |
| 1630 | CryptCheckFlag(*SecurityInformation, |
| 1631 | PROCESS_TRUST_LABEL_SECURITY_INFORMATION); |
| 1632 | CryptCheckFlag(*SecurityInformation, BACKUP_SECURITY_INFORMATION); |
| 1633 | CryptCheckFlag(*SecurityInformation, PROTECTED_DACL_SECURITY_INFORMATION); |
| 1634 | CryptCheckFlag(*SecurityInformation, PROTECTED_SACL_SECURITY_INFORMATION); |
| 1635 | CryptCheckFlag(*SecurityInformation, UNPROTECTED_DACL_SECURITY_INFORMATION); |
| 1636 | CryptCheckFlag(*SecurityInformation, UNPROTECTED_SACL_SECURITY_INFORMATION); |
| 1637 | |
| 1638 | requestingSaclInfo = ((*SecurityInformation & SACL_SECURITY_INFORMATION) || |
| 1639 | (*SecurityInformation & BACKUP_SECURITY_INFORMATION)); |
| 1640 | |
| 1641 | if (!g_HasSeSecurityPrivilege) { |
| 1642 | *SecurityInformation &= ~SACL_SECURITY_INFORMATION; |
| 1643 | *SecurityInformation &= ~BACKUP_SECURITY_INFORMATION; |
| 1644 | } |
| 1645 | |
| 1646 | DbgPrint(L" Opening new handle with READ_CONTROL access\n"); |
| 1647 | |
| 1648 | bool is_virtual = rt_is_virtual_file(GetContext(), FileName); |
| 1649 | |
| 1650 | wstring virt_path; |
| 1651 | |
| 1652 | if (is_virtual) { |
| 1653 | if (rt_is_dir_iv_file(GetContext(), FileName)) { |
| 1654 | if (!get_file_directory(filePath, virt_path)) { |
| 1655 | return ToNtStatus(ERROR_ACCESS_DENIED); |
| 1656 | } |
| 1657 | } else if (rt_is_name_file(GetContext(), FileName)) { |
| 1658 | |
| 1659 | wstring enc_path; |
| 1660 | |
| 1661 | remove_longname_suffix(FileName, enc_path); |
| 1662 | |
| 1663 | if (!decrypt_path(GetContext(), &enc_path[0], virt_path)) |
| 1664 | return ToNtStatus(ERROR_ACCESS_DENIED); |
| 1665 | } else { |
| 1666 | return ToNtStatus(ERROR_ACCESS_DENIED); |
| 1667 | } |
nothing calls this directly
no test coverage detected