Skip to content
Permalink
Browse files

privilege checking fix

  • Loading branch information...
alabuzhev committed Jun 23, 2017
1 parent 531b867 commit ad17bb2a187ef0d0e93b3f8fb2b93f7bae992291
Showing with 19 additions and 17 deletions.
  1. +4 −0 far/changelog
  2. +12 −13 far/privilege.cpp
  3. +2 −3 far/privilege.hpp
  4. +1 −1 far/vbuild.m4
@@ -1,3 +1,7 @@
drkns 23.06.2017 16:48:00 +0000 - build 4978

1. С форума: ненужный запрос привилегий

drkns 22.06.2017 23:26:01 +0000 - build 4977

1. Рефакторинг.
@@ -82,14 +82,20 @@ privilege::~privilege()
AdjustTokenPrivileges(m_Token.native_handle(), FALSE, m_SavedState.get(), static_cast<DWORD>(m_SavedState.size()), nullptr, nullptr);
}

bool privilege::check(const wchar_t* const* Names, size_t Size)
bool operator==(const LUID& a, const LUID& b)
{
return a.LowPart == b.LowPart && a.HighPart == b.HighPart;
}

bool privilege::check(const range<const wchar_t* const*>& Names)
{
const auto Token{ OpenCurrentProcessToken(TOKEN_QUERY) };
if (!Token)
return false;

DWORD TokenInformationLength{};
if (!GetTokenInformation(Token.native_handle(), TokenPrivileges, nullptr, 0, &TokenInformationLength) || !TokenInformationLength)
GetTokenInformation(Token.native_handle(), TokenPrivileges, nullptr, 0, &TokenInformationLength);
if (!TokenInformationLength)
return false;

block_ptr<TOKEN_PRIVILEGES> TokenInformation{ TokenInformationLength };
@@ -98,20 +104,13 @@ bool privilege::check(const wchar_t* const* Names, size_t Size)

const auto PrivilegesEnd{ TokenInformation->Privileges + TokenInformation->PrivilegeCount };

TOKEN_PRIVILEGES State{ static_cast<DWORD>(Size) };

for (size_t i = 0; i != Size; ++i)
for (const auto& Name: Names)
{
auto& Luid = State.Privileges[i].Luid;

if (!LookupPrivilegeValue(nullptr, Names[i], &Luid))
LUID Luid;
if (!LookupPrivilegeValue(nullptr, Name, &Luid))
return false;

const auto ItemIterator = std::find_if(TokenInformation->Privileges, PrivilegesEnd, [&Luid](const auto& Item)
{
return Item.Luid.LowPart == Luid.LowPart && Item.Luid.HighPart == Luid.HighPart;
});

const auto ItemIterator = std::find_if(TokenInformation->Privileges, PrivilegesEnd, [&](const auto& Item) { return Item.Luid == Luid; });
if (ItemIterator == PrivilegesEnd || !(ItemIterator->Attributes & (SE_PRIVILEGE_ENABLED | SE_PRIVILEGE_ENABLED_BY_DEFAULT)))
return false;
}
@@ -51,9 +51,8 @@ namespace os

template<class... args>
static bool check(args&&... Args) { return check({ std::forward<args>(Args)... }); }
static bool check(const std::initializer_list<const wchar_t*>& Names) { return check(Names.begin(), Names.size()); }
static bool check(const std::vector<const wchar_t*>& Names) { return check(Names.data(), Names.size()); }
static bool check(const wchar_t* const* Names, size_t Size);
static bool check(const std::initializer_list<const wchar_t*>& Names) { return check(make_range(Names.begin(), Names.size())); }
static bool check(const range<const wchar_t* const*>& Names);

private:
handle m_Token;
@@ -1 +1 @@
m4_define(BUILD,4977)m4_dnl
m4_define(BUILD,4978)m4_dnl

0 comments on commit ad17bb2

Please sign in to comment.
You can’t perform that action at this time.