* flock.cc (allow_others_to_sync): Define MAX_PROCESS_SD_SIZE. Use

instead of ACL_DEFAULT_SIZE.
	* sec_acl.cc (setacl): Use TLS buffer to allow maximum ACL size.
	* security.h (ACL_DEFAULT_SIZE): Drop definition.
	(ACL_MAXIMUM_SIZE): Define.
	(SD_MAXIMUM_SIZE): Define.
	* security.cc (get_file_sd): Allocate security_decscriptor with size
	SD_MAXIMUM_SIZE.
	(alloc_sd): Use TLS buffer to allow maximum ACL size.
This commit is contained in:
Corinna Vinschen
2010-09-10 14:53:44 +00:00
parent f65c5a0a2b
commit 4e8f539f15
5 changed files with 26 additions and 8 deletions

View File

@@ -155,10 +155,11 @@ allow_others_to_sync ()
should be more than sufficient for process ACLs. Can't use tls functions
at this point because this gets called during initialization when the tls
is not really available. */
PSECURITY_DESCRIPTOR sd = (PSECURITY_DESCRIPTOR) alloca (ACL_DEFAULT_SIZE);
#define MAX_PROCESS_SD_SIZE 3072
PSECURITY_DESCRIPTOR sd = (PSECURITY_DESCRIPTOR) alloca (MAX_PROCESS_SD_SIZE);
status = NtQuerySecurityObject (NtCurrentProcess (),
DACL_SECURITY_INFORMATION, sd,
ACL_DEFAULT_SIZE, &len);
MAX_PROCESS_SD_SIZE, &len);
if (!NT_SUCCESS (status))
{
debug_printf ("NtQuerySecurityObject: %p", status);