22 ok(
FALSE,
"OpenProcessToken() has failed to get the process' token (error code: %lu)!\n",
GetLastError());
55 ok(
FALSE,
"Failed to allocate from heap for token user (required buffer length %lu)!\n",
BufferLength);
68 trace(
"=============== TokenUser ===============\n");
70 trace(
"=========================================\n\n");
101 ok(
FALSE,
"Failed to allocate from heap for token groups (required buffer length %lu)!\n",
BufferLength);
115 ok(Groups->
GroupCount == 10,
"The number of groups must be 10 (current number %lu)!\n", Groups->
GroupCount);
145 ok(
FALSE,
"Failed to allocate from heap for token privileges (required buffer length %lu)!\n",
BufferLength);
159 ok(
Privileges->PrivilegeCount == 20,
"The number of privileges must be 20 (current number %lu)!\n",
Privileges->PrivilegeCount);
190 ok(
FALSE,
"Failed to allocate from heap for token owner (required buffer length %lu)!\n",
BufferLength);
238 ok(
FALSE,
"Failed to allocate from heap for token primary group (required buffer length %lu)!\n",
BufferLength);
251 trace(
"=============== TokenPrimaryGroup ===============\n");
253 trace(
"=========================================\n\n");
284 ok(
FALSE,
"Failed to allocate from heap for token default DACL (required buffer length %lu)!\n",
BufferLength);
298 ok(
Dacl->DefaultDacl->AclRevision == 2,
"The ACL revision of token default DACL must be 2 (current revision %u)!\n",
Dacl->DefaultDacl->AclRevision);
299 ok(
Dacl->DefaultDacl->AceCount == 2,
"The ACL's ACE count must be 2 (current ACE count %u)!\n",
Dacl->DefaultDacl->AceCount);
330 ok(
FALSE,
"Failed to allocate from heap for token source (required buffer length %lu)!\n",
BufferLength);
426 ok(
FALSE,
"Failed to duplicate token (Status code %lx)!\n",
Status);
466 ok(
FALSE,
"Failed to allocate from heap for token statistics (required buffer length %lu)!\n",
BufferLength);
478 trace(
"=============== TokenStatistics ===============\n");
484 trace(
"=========================================\n\n");
513 ok(
FALSE,
"Failed to allocate World SID (Status code %lx)!\n",
Status);
529 ok(
FALSE,
"Failed to filter the current token (Status code %lx)!\n",
Status);
550 ok(
FALSE,
"Failed to allocate from heap for token privileges and groups (required buffer length %lu)!\n",
BufferLength);
564 trace(
"=============== TokenGroupsAndPrivileges ===============\n");
572 trace(
"=========================================\n\n");
574 RtlFreeHeap(RtlGetProcessHeap(), 0, PrivsAndGroups);
606 if (!RestrictedGroups)
608 ok(
FALSE,
"Failed to allocate from heap for restricted SIDs (required buffer length %lu)!\n",
BufferLength);
622 ok(RestrictedGroups->
GroupCount == 0,
"There mustn't be any restricted SIDs before filtering (number of restricted SIDs %lu)!\n", RestrictedGroups->
GroupCount);
624 RtlFreeHeap(RtlGetProcessHeap(), 0, RestrictedGroups);
625 RestrictedGroups =
NULL;
634 ok(
FALSE,
"Failed to allocate World SID (Status code %lx)!\n",
Status);
650 ok(
FALSE,
"Failed to filter the current token (Status code %lx)!\n",
Status);
663 if (!RestrictedGroups)
665 ok(
FALSE,
"Failed to allocate from heap for restricted SIDs (required buffer length %lu)!\n",
BufferLength);
680 ok(RestrictedGroups->
GroupCount == 1,
"There must be only one restricted SID added in token (number of restricted SIDs %lu)!\n", RestrictedGroups->
GroupCount);
682 RtlFreeHeap(RtlGetProcessHeap(), 0, RestrictedGroups);
707 ok(
SessionId == 0,
"The session ID of current token must be 0 (current session %lu)!\n",
SessionId);
730 ok(IsTokenInert ==
FALSE,
"The token must not be a sandbox inert one!\n");
744 ok(
FALSE,
"Failed to filter the current token (Status code %lx)!\n",
Status);
758 ok(IsTokenInert ==
TRUE,
"The token must be a sandbox inert one after filtering!\n");
790 ULONG DummyReturnLength;
#define ok_ntstatus(status, expected)
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
#define STATUS_INVALID_HANDLE
#define NT_SUCCESS(StatCode)
BOOL WINAPI OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle)
#define GetCurrentProcess()
static SID_IDENTIFIER_AUTHORITY WorldAuthority
enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL
#define InitializeObjectAttributes(p, n, a, r, s)
_In_ UINT _In_ UINT _In_ PNDIS_PACKET Source
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID Owner
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID _Inout_ PULONG _Out_writes_bytes_to_opt_ PrimaryGroupSize PSID PrimaryGroup
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
NTSYSAPI NTSTATUS NTAPI RtlConvertSidToUnicodeString(OUT PUNICODE_STRING DestinationString, IN PVOID Sid, IN BOOLEAN AllocateDestinationString)
#define STATUS_ACCESS_VIOLATION
#define STATUS_INVALID_INFO_CLASS
#define STATUS_BUFFER_TOO_SMALL
$ULONG RestrictedSidLength
$ULONG RestrictedSidCount
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
LUID OriginatingLogonSession
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength)
Queries a specific type of information in regard of an access token based upon the information class....
NTSTATUS NTAPI NtFilterToken(_In_ HANDLE ExistingTokenHandle, _In_ ULONG Flags, _In_opt_ PTOKEN_GROUPS SidsToDisable, _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete, _In_opt_ PTOKEN_GROUPS RestrictedSids, _Out_ PHANDLE NewTokenHandle)
Creates an access token in a restricted form from the original existing token, that is,...
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtDuplicateToken(_In_ HANDLE ExistingTokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _Out_ PHANDLE NewTokenHandle)
Duplicates a token.
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
DWORD WINAPI GetLastError(void)
_IRQL_requires_same_ typedef _In_ ULONG _In_ UCHAR Level
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
#define TOKEN_QUERY_SOURCE
#define SECURITY_WORLD_SID_AUTHORITY
#define SECURITY_WORLD_RID
@ TokenGroupsAndPrivileges
@ TokenImpersonationLevel