This is the mail archive of the
cygwin-cvs@cygwin.com
mailing list for the Cygwin project.
[newlib-cygwin] Better workaround owner/group SIDs being NULL
- From: Corinna Vinschen <corinna at sourceware dot org>
- To: cygwin-cvs at sourceware dot org
- Date: 16 Apr 2015 20:45:18 -0000
- Subject: [newlib-cygwin] Better workaround owner/group SIDs being NULL
https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=ea503bf4c955857d9969d9896e98c7729b3ea845
commit ea503bf4c955857d9969d9896e98c7729b3ea845
Author: Corinna Vinschen <corinna@vinschen.de>
Date: Thu Apr 16 22:19:57 2015 +0200
Better workaround owner/group SIDs being NULL
* sec_acl.cc (set_posix_access): Replace previous patch. Return
EINVAL if uid and/or guid is invalid and not backed by an actual
Windows account.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Diff:
---
winsup/cygwin/ChangeLog | 6 ++++++
winsup/cygwin/sec_acl.cc | 12 ++++++++----
2 files changed, 14 insertions(+), 4 deletions(-)
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index f645031..ce198e2 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,5 +1,11 @@
2015-04-16 Corinna Vinschen <corinna@vinschen.de>
+ * sec_acl.cc (set_posix_access): Replace previous patch. Return
+ EINVAL if uid and/or guid is invalid and not backed by an actual
+ Windows account.
+
+2015-04-16 Corinna Vinschen <corinna@vinschen.de>
+
* sec_acl.cc (set_posix_access): Workaround owner/group SIDs being NULL.
2015-04-15 Corinna Vinschen <corinna@vinschen.de>
diff --git a/winsup/cygwin/sec_acl.cc b/winsup/cygwin/sec_acl.cc
index 6c96977..58683cf 100644
--- a/winsup/cygwin/sec_acl.cc
+++ b/winsup/cygwin/sec_acl.cc
@@ -154,6 +154,11 @@ set_posix_access (mode_t attr, uid_t uid, gid_t gid,
/* Fetch owner and group and set in security descriptor. */
owner = sidfromuid (uid, &cldap);
group = sidfromgid (gid, &cldap);
+ if (!owner || !group)
+ {
+ set_errno (EINVAL);
+ return NULL;
+ }
status = RtlSetOwnerSecurityDescriptor (&sd, owner, FALSE);
if (!NT_SUCCESS (status))
{
@@ -166,10 +171,9 @@ set_posix_access (mode_t attr, uid_t uid, gid_t gid,
__seterrno_from_nt_status (status);
return NULL;
}
- /* If the account DBs are broken, we might end up without SIDs. Better
- check them here. */
- if (owner && group)
- owner_eq_group = RtlEqualSid (owner, group);
+ owner_eq_group = RtlEqualSid (owner, group);
+
+
/* No POSIX ACL? Use attr to generate one from scratch. */
if (!aclbufp)