Crash in elevation, cache for LookupPrivilegeValue

far/changelog

@@ -1,3 +1,9 @@
+drkns 26.10.2017 20:06:28 +0100 - build 5076
+
+1. С форума: падение на операции удаления с повышением прав.
+
+2. Кеширование результатов LookupPrivilegeValue.
+
 drkns 26.10.2017 00:01:39 +0100 - build 5075
 
 1. Продолжение 3503: передача состояния LastError / LastNtStatus в Message напрямую, а не через глобальные пременные.

far/elevation.cpp

@@ -539,7 +539,7 @@ bool elevation::delete_file(const string& Object)
 		false,
 		[&]
 		{
-			return delete_file(Object.data()) != FALSE;
+			return os::fs::low::delete_file(Object.data());
 		},
 		[&]
 		{
@@ -573,7 +573,7 @@ bool elevation::copy_file(const string& From, const string& To, LPPROGRESS_ROUTI
 		false,
 		[&]
 		{
-			return os::fs::low::copy_file(From.data(), To.data(), ProgressRoutine, Data, Cancel, Flags) != FALSE;
+			return os::fs::low::copy_file(From.data(), To.data(), ProgressRoutine, Data, Cancel, Flags);
 		},
 		[&]
 		{
@@ -625,7 +625,7 @@ bool elevation::set_file_attributes(const string& Object, DWORD FileAttributes)
 		false,
 		[&]
 		{
-			return os::fs::low::set_file_attributes(Object.data(), FileAttributes) != FALSE;
+			return os::fs::low::set_file_attributes(Object.data(), FileAttributes);
 		},
 		[&]
 		{
@@ -640,7 +640,7 @@ bool elevation::create_hard_link(const string& Object, const string& Target, SEC
 		false,
 		[&]
 		{
-			return os::fs::low::create_hard_link(Object.data(), Target.data(), SecurityAttributes) != FALSE;
+			return os::fs::low::create_hard_link(Object.data(), Target.data(), SecurityAttributes);
 		},
 		[&]
 		{

far/privilege.cpp

@@ -36,29 +36,49 @@ THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 #include "privilege.hpp"
 #include "lasterror.hpp"
 
-namespace os { namespace security {
+
+namespace os::security {
 
 static handle OpenCurrentProcessToken(DWORD DesiredAccess)
 {
 	HANDLE Handle;
 	return handle(OpenProcessToken(GetCurrentProcess(), DesiredAccess, &Handle)? Handle : nullptr);
 }
 
+static bool lookup_privilege_value(const wchar_t* Name, LUID& Value)
+{
+	using value_type = std::pair<LUID, bool>;
+	static std::unordered_map<string, value_type> sCache;
+	auto Result = sCache.emplace(Name, value_type{});
+
+	const auto& MapKey = Result.first->first;
+	auto& MapValue = Result.first->second;
+
+	if (Result.second)
+	{
+		MapValue.second = LookupPrivilegeValue(nullptr, MapKey.data(), &MapValue.first) != FALSE;
+	}
+
+	Value = MapValue.first;
+	return MapValue.second;
+}
 privilege::privilege(const range<const wchar_t* const*>& Names)
 {
 	if (Names.empty())
 		return;
 
 	block_ptr<TOKEN_PRIVILEGES> NewState(sizeof(TOKEN_PRIVILEGES) + sizeof(LUID_AND_ATTRIBUTES) * (Names.size() - 1));
-	NewState->PrivilegeCount = static_cast<DWORD>(Names.size());
+	NewState->PrivilegeCount = 0;
 
-	std::transform(ALL_CONST_RANGE(Names), std::begin(NewState->Privileges), [](const auto& i)
+	for (const auto& i : Names)
 	{
 		LUID_AND_ATTRIBUTES laa = { {}, SE_PRIVILEGE_ENABLED };
-		LookupPrivilegeValue(nullptr, i, &laa.Luid);
+		if (lookup_privilege_value(i, laa.Luid))
+		{
+			NewState->Privileges[NewState->PrivilegeCount++] = laa;
+		}
 		// TODO: log if failed
-		return laa;
-	});
+	}
 
 	m_SavedState.reset(NewState.size());
 
@@ -112,7 +132,7 @@ bool privilege::check(const range<const wchar_t* const*>& Names)
 	for (const auto& Name: Names)
 	{
 		LUID Luid;
-		if (!LookupPrivilegeValue(nullptr, Name, &Luid))
+		if (!lookup_privilege_value(Name, Luid))
 			return false;
 
 		const auto ItemIterator = std::find_if(ALL_CONST_RANGE(Privileges), [&](const auto& Item) { return Item.Luid == Luid; });
@@ -123,4 +143,4 @@ bool privilege::check(const range<const wchar_t* const*>& Names)
 	return true;
 }
 
-}}
+}

far/vbuild.m4

@@ -1 +1 @@
-m4_define(BUILD,5075)m4_dnl
+m4_define(BUILD,5076)m4_dnl