Thread (8 messages) 8 messages, 4 authors, 2024-01-09

Re: [PATCH v7 1/1] mingw: give more details about unsafe directory's ownership

From: Johannes Sixt <hidden>
Date: 2024-01-09 19:27:51

Possibly related (same subject, not in this thread)

Am 08.01.24 um 18:38 schrieb Sören Krecker:
+static BOOL user_sid_to_user_name(PSID sid, LPSTR *str)
+{
+	SID_NAME_USE pe_use;
+	DWORD len_user = 0, len_domain = 0;
+	BOOL translate_sid_to_user;
+
+	/*
+	 * returns only FALSE, because the string pointers are NULL
+	 */
+	LookupAccountSidA(NULL, sid, NULL, &len_user, NULL, &len_domain,
+			  &pe_use); 
At this point, the function fails, so len_user and len_domain contain
the required buffer size (including the trailing NUL).
+	/*
+	 * Alloc needed space of the strings
+	 */
+	ALLOC_ARRAY((*str), (size_t)len_domain + (size_t)len_user); 
+	translate_sid_to_user = LookupAccountSidA(NULL, sid,
+	    (*str) + len_domain, &len_user, *str, &len_domain, &pe_use);
At this point, if the function is successful, len_user and len_domain
contain the lengths of the names (without the trailing NUL).
+	if (!translate_sid_to_user)
+		FREE_AND_NULL(*str);
+	else
+		(*str)[len_domain] = '/';
Therefore, this overwrites the NUL after the domain name and so
concatenates the two names. Good.

I found this by dumping the values of the variables, because the
documentation of LookupAccountSid is not clear about the values that the
variables receive in the success case.
+	return translate_sid_to_user;
+}
+
This patch looks good and works for me.

Acked-by: Johannes Sixt <redacted>

Thank you!

-- Hannes
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help