ReactOS 0.4.15-dev-7924-g5949c20
Functions
NtFilterToken.c File Reference
#include "precomp.h"
Include dependency graph for NtFilterToken.c:

Go to the source code of this file.

Functions

static HANDLE GetTokenProcess (VOID)
 
 START_TEST (NtFilterToken)
 

Function Documentation

◆ GetTokenProcess()

static HANDLE GetTokenProcess ( VOID  )
static

Definition at line 12 of file NtFilterToken.c.

13{
14 BOOL Success;
15 HANDLE Token;
16
17 Success = OpenProcessToken(GetCurrentProcess(),
18 TOKEN_DUPLICATE | TOKEN_QUERY,
19 &Token);
20 if (!Success)
21 {
22 skip("GetTokenProcess() has failed to get the process' token (error code: %lu)!\n", GetLastError());
23 return NULL;
24 }
25
26 return Token;
27}
skip
#define skip(...)
Definition: atltest.h:64
NULL
#define NULL
Definition: types.h:112
OpenProcessToken
BOOL WINAPI OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle)
Definition: security.c:294
GetCurrentProcess
#define GetCurrentProcess()
Definition: compat.h:759
Success
@ Success
Definition: eventcreate.c:712
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
GetLastError
DWORD WINAPI GetLastError(void)
Definition: except.c:1042
TOKEN_DUPLICATE
#define TOKEN_DUPLICATE
Definition: setypes.h:926
TOKEN_QUERY
#define TOKEN_QUERY
Definition: setypes.h:928

Referenced by START_TEST().

◆ START_TEST()

START_TEST ( NtFilterToken  )

Definition at line 29 of file NtFilterToken.c.

30{
31 NTSTATUS Status;
32 HANDLE FilteredToken, Token;
33 TOKEN_PRIVILEGES Priv;
34 LUID PrivLuid;
35 ULONG Size;
36 PTOKEN_STATISTICS TokenStats;
37
38 /* We don't give a token */
39 Status = NtFilterToken(NULL,
40 0,
41 NULL,
42 NULL,
43 NULL,
44 &FilteredToken);
45 ok_hex(Status, STATUS_INVALID_HANDLE);
46
47 /* Get the token from process now */
48 Token = GetTokenProcess();
49
50 /* We don't give any privileges to delete */
51 Status = NtFilterToken(Token,
52 0,
53 NULL,
54 NULL,
55 NULL,
56 &FilteredToken);
57 ok_hex(Status, STATUS_SUCCESS);
58
59 /* Query the total size to hold the statistics */
60 Status = NtQueryInformationToken(Token, TokenStatistics, NULL, 0, &Size);
61 if (!NT_SUCCESS(Status) && Status != STATUS_BUFFER_TOO_SMALL)
62 {
63 skip("Failed to query the total size for token statistics structure! (Status -> 0x%lx)\n", Status);
64 return;
65 }
66
67 /* Total size queried, time to allocate our buffer based on that size */
68 TokenStats = RtlAllocateHeap(RtlGetProcessHeap(), 0, Size);
69 if (TokenStats == NULL)
70 {
71 skip("Failed to allocate our token statistics buffer!\n");
72 return;
73 }
74
75 /* Time to query our token statistics, prior disabling token's privileges */
76 Status = NtQueryInformationToken(Token, TokenStatistics, TokenStats, Size, &Size);
77 if (!NT_SUCCESS(Status))
78 {
79 skip("Failed to query the token statistics! (Status -> 0x%lx)\n", Status);
80 return;
81 }
82
83 trace("Number of privileges before token filtering -- %lu\n\n", TokenStats->PrivilegeCount);
84
85 /* Disable the privileges and make the token a safer inert one */
86 Status = NtFilterToken(Token,
87 DISABLE_MAX_PRIVILEGE | SANDBOX_INERT,
88 NULL,
89 NULL,
90 NULL,
91 &FilteredToken);
92 ok_hex(Status, STATUS_SUCCESS);
93
94 /* We've disabled privileges, query the stats again */
95 Status = NtQueryInformationToken(FilteredToken, TokenStatistics, TokenStats, Size, &Size);
96 if (!NT_SUCCESS(Status))
97 {
98 skip("Failed to query the token statistics! (Status -> 0x%lx)\n", Status);
99 return;
100 }
101
102 trace("Number of privileges after token filtering (privileges disabled with DISABLE_MAX_PRIVILEGE) -- %lu\n\n", TokenStats->PrivilegeCount);
103
104 /* Close the filtered token and do another test */
105 CloseHandle(FilteredToken);
106
107 /* Fill in a privilege to delete */
108 Priv.PrivilegeCount = 1;
109
110 ConvertPrivLongToLuid(SE_BACKUP_PRIVILEGE, &PrivLuid);
111 Priv.Privileges[0].Luid = PrivLuid;
112 Priv.Privileges[0].Attributes = 0;
113
114 /* Delete the privileges */
115 Status = NtFilterToken(Token,
116 0,
117 NULL,
118 &Priv,
119 NULL,
120 &FilteredToken);
121 ok_hex(Status, STATUS_SUCCESS);
122
123 /* We've deleted a privilege, query the stats again */
124 Status = NtQueryInformationToken(FilteredToken, TokenStatistics, TokenStats, Size, &Size);
125 if (!NT_SUCCESS(Status))
126 {
127 skip("Failed to query the token statistics! (Status -> 0x%lx)\n", Status);
128 return;
129 }
130
131 trace("Number of privileges after token filtering (manually deleted privilege) -- %lu\n\n", TokenStats->PrivilegeCount);
132
133 /* We're done */
134 RtlFreeHeap(RtlGetProcessHeap(), 0, TokenStats);
135 CloseHandle(Token);
136 CloseHandle(FilteredToken);
137}
GetTokenProcess
static HANDLE GetTokenProcess(VOID)
Definition: NtFilterToken.c:12
ok_hex
#define ok_hex(expression, result)
Definition: atltest.h:94
trace
#define trace
Definition: atltest.h:70
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:590
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:608
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
CloseHandle
#define CloseHandle
Definition: compat.h:739
Status
Status
Definition: gdiplustypes.h:25
ConvertPrivLongToLuid
#define ConvertPrivLongToLuid(PrivilegeVal, ConvertedPrivLuid)
Definition: precomp.h:44
SE_BACKUP_PRIVILEGE
#define SE_BACKUP_PRIVILEGE
Definition: security.c:671
DISABLE_MAX_PRIVILEGE
#define DISABLE_MAX_PRIVILEGE
Definition: setypes.h:114
SANDBOX_INERT
#define SANDBOX_INERT
Definition: setypes.h:115
STATUS_INVALID_HANDLE
#define STATUS_INVALID_HANDLE
Definition: ntstatus.h:245
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
_LUID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:75
_LUID_AND_ATTRIBUTES::Luid
LUID Luid
Definition: setypes.h:74
_LUID
Definition: devicetopology.idl:137
_TOKEN_PRIVILEGES
Definition: setypes.h:1022
_TOKEN_PRIVILEGES::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:1023
_TOKEN_PRIVILEGES::Privileges
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY]
Definition: setypes.h:1024
_TOKEN_STATISTICS
Definition: setypes.h:1085
_TOKEN_STATISTICS::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:1094
NtQueryInformationToken
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength)
Queries a specific type of information in regard of an access token based upon the information class....
Definition: tokencls.c:473
NtFilterToken
NTSTATUS NTAPI NtFilterToken(_In_ HANDLE ExistingTokenHandle, _In_ ULONG Flags, _In_opt_ PTOKEN_GROUPS SidsToDisable, _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete, _In_opt_ PTOKEN_GROUPS RestrictedSids, _Out_ PHANDLE NewTokenHandle)
Creates an access token in a restricted form from the original existing token, that is,...
Definition: tokenlif.c:2075
ULONG
uint32_t ULONG
Definition: typedefs.h:59
Size
_Must_inspect_result_ _In_ WDFDEVICE _In_ PWDF_DEVICE_PROPERTY_DATA _In_ DEVPROPTYPE _In_ ULONG Size
Definition: wdfdevice.h:4533
TokenStatistics
@ TokenStatistics
Definition: setypes.h:975