ReactOS  0.4.15-dev-3291-gea4c1a0
sid.c
Go to the documentation of this file.
1 /*
2  * PROJECT: ReactOS Kernel
3  * LICENSE: GPL-2.0-or-later (https://spdx.org/licenses/GPL-2.0-or-later)
4  * PURPOSE: Security Identifier (SID) implementation support and handling
5  * COPYRIGHT: Copyright David Welch <welch@cwcom.net>
6  */
7 
8 /* INCLUDES *******************************************************************/
9 
10 #include <ntoskrnl.h>
11 #define NDEBUG
12 #include <debug.h>
13 
14 /* GLOBALS ********************************************************************/
15 
16 #define SE_MAXIMUM_GROUP_LIMIT 0x1000
17 
18 SID_IDENTIFIER_AUTHORITY SeNullSidAuthority = {SECURITY_NULL_SID_AUTHORITY};
19 SID_IDENTIFIER_AUTHORITY SeWorldSidAuthority = {SECURITY_WORLD_SID_AUTHORITY};
20 SID_IDENTIFIER_AUTHORITY SeLocalSidAuthority = {SECURITY_LOCAL_SID_AUTHORITY};
21 SID_IDENTIFIER_AUTHORITY SeCreatorSidAuthority = {SECURITY_CREATOR_SID_AUTHORITY};
22 SID_IDENTIFIER_AUTHORITY SeNtSidAuthority = {SECURITY_NT_AUTHORITY};
23 
24 PSID SeNullSid = NULL;
25 PSID SeWorldSid = NULL;
26 PSID SeLocalSid = NULL;
27 PSID SeCreatorOwnerSid = NULL;
28 PSID SeCreatorGroupSid = NULL;
29 PSID SeCreatorOwnerServerSid = NULL;
30 PSID SeCreatorGroupServerSid = NULL;
31 PSID SeNtAuthoritySid = NULL;
32 PSID SeDialupSid = NULL;
33 PSID SeNetworkSid = NULL;
34 PSID SeBatchSid = NULL;
35 PSID SeInteractiveSid = NULL;
36 PSID SeServiceSid = NULL;
37 PSID SePrincipalSelfSid = NULL;
38 PSID SeLocalSystemSid = NULL;
39 PSID SeAuthenticatedUserSid = NULL;
40 PSID SeRestrictedCodeSid = NULL;
41 PSID SeAliasAdminsSid = NULL;
42 PSID SeAliasUsersSid = NULL;
43 PSID SeAliasGuestsSid = NULL;
44 PSID SeAliasPowerUsersSid = NULL;
45 PSID SeAliasAccountOpsSid = NULL;
46 PSID SeAliasSystemOpsSid = NULL;
47 PSID SeAliasPrintOpsSid = NULL;
48 PSID SeAliasBackupOpsSid = NULL;
49 PSID SeAuthenticatedUsersSid = NULL;
50 PSID SeRestrictedSid = NULL;
51 PSID SeAnonymousLogonSid = NULL;
52 PSID SeLocalServiceSid = NULL;
53 PSID SeNetworkServiceSid = NULL;
54 
55 /* FUNCTIONS ******************************************************************/
56 
64 VOID
65 NTAPI
66 FreeInitializedSids(VOID)
67 {
68  if (SeNullSid) ExFreePoolWithTag(SeNullSid, TAG_SID);
69  if (SeWorldSid) ExFreePoolWithTag(SeWorldSid, TAG_SID);
70  if (SeLocalSid) ExFreePoolWithTag(SeLocalSid, TAG_SID);
71  if (SeCreatorOwnerSid) ExFreePoolWithTag(SeCreatorOwnerSid, TAG_SID);
72  if (SeCreatorGroupSid) ExFreePoolWithTag(SeCreatorGroupSid, TAG_SID);
73  if (SeCreatorOwnerServerSid) ExFreePoolWithTag(SeCreatorOwnerServerSid, TAG_SID);
74  if (SeCreatorGroupServerSid) ExFreePoolWithTag(SeCreatorGroupServerSid, TAG_SID);
75  if (SeNtAuthoritySid) ExFreePoolWithTag(SeNtAuthoritySid, TAG_SID);
76  if (SeDialupSid) ExFreePoolWithTag(SeDialupSid, TAG_SID);
77  if (SeNetworkSid) ExFreePoolWithTag(SeNetworkSid, TAG_SID);
78  if (SeBatchSid) ExFreePoolWithTag(SeBatchSid, TAG_SID);
79  if (SeInteractiveSid) ExFreePoolWithTag(SeInteractiveSid, TAG_SID);
80  if (SeServiceSid) ExFreePoolWithTag(SeServiceSid, TAG_SID);
81  if (SePrincipalSelfSid) ExFreePoolWithTag(SePrincipalSelfSid, TAG_SID);
82  if (SeLocalSystemSid) ExFreePoolWithTag(SeLocalSystemSid, TAG_SID);
83  if (SeAuthenticatedUserSid) ExFreePoolWithTag(SeAuthenticatedUserSid, TAG_SID);
84  if (SeRestrictedCodeSid) ExFreePoolWithTag(SeRestrictedCodeSid, TAG_SID);
85  if (SeAliasAdminsSid) ExFreePoolWithTag(SeAliasAdminsSid, TAG_SID);
86  if (SeAliasUsersSid) ExFreePoolWithTag(SeAliasUsersSid, TAG_SID);
87  if (SeAliasGuestsSid) ExFreePoolWithTag(SeAliasGuestsSid, TAG_SID);
88  if (SeAliasPowerUsersSid) ExFreePoolWithTag(SeAliasPowerUsersSid, TAG_SID);
89  if (SeAliasAccountOpsSid) ExFreePoolWithTag(SeAliasAccountOpsSid, TAG_SID);
90  if (SeAliasSystemOpsSid) ExFreePoolWithTag(SeAliasSystemOpsSid, TAG_SID);
91  if (SeAliasPrintOpsSid) ExFreePoolWithTag(SeAliasPrintOpsSid, TAG_SID);
92  if (SeAliasBackupOpsSid) ExFreePoolWithTag(SeAliasBackupOpsSid, TAG_SID);
93  if (SeAuthenticatedUsersSid) ExFreePoolWithTag(SeAuthenticatedUsersSid, TAG_SID);
94  if (SeRestrictedSid) ExFreePoolWithTag(SeRestrictedSid, TAG_SID);
95  if (SeAnonymousLogonSid) ExFreePoolWithTag(SeAnonymousLogonSid, TAG_SID);
96 }
97 
106 CODE_SEG("INIT")
107 BOOLEAN
108 NTAPI
109 SepInitSecurityIDs(VOID)
110 {
111  ULONG SidLength0;
112  ULONG SidLength1;
113  ULONG SidLength2;
114  PULONG SubAuthority;
115 
116  SidLength0 = RtlLengthRequiredSid(0);
117  SidLength1 = RtlLengthRequiredSid(1);
118  SidLength2 = RtlLengthRequiredSid(2);
119 
120  /* create NullSid */
121  SeNullSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
122  SeWorldSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
123  SeLocalSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
124  SeCreatorOwnerSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
125  SeCreatorGroupSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
126  SeCreatorOwnerServerSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
127  SeCreatorGroupServerSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
128  SeNtAuthoritySid = ExAllocatePoolWithTag(PagedPool, SidLength0, TAG_SID);
129  SeDialupSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
130  SeNetworkSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
131  SeBatchSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
132  SeInteractiveSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
133  SeServiceSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
134  SePrincipalSelfSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
135  SeLocalSystemSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
136  SeAuthenticatedUserSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
137  SeRestrictedCodeSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
138  SeAliasAdminsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
139  SeAliasUsersSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
140  SeAliasGuestsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
141  SeAliasPowerUsersSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
142  SeAliasAccountOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
143  SeAliasSystemOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
144  SeAliasPrintOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
145  SeAliasBackupOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
146  SeAuthenticatedUsersSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
147  SeRestrictedSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
148  SeAnonymousLogonSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
149  SeLocalServiceSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
150  SeNetworkServiceSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
151 
152  if (SeNullSid == NULL || SeWorldSid == NULL ||
153  SeLocalSid == NULL || SeCreatorOwnerSid == NULL ||
154  SeCreatorGroupSid == NULL || SeCreatorOwnerServerSid == NULL ||
155  SeCreatorGroupServerSid == NULL || SeNtAuthoritySid == NULL ||
156  SeDialupSid == NULL || SeNetworkSid == NULL || SeBatchSid == NULL ||
157  SeInteractiveSid == NULL || SeServiceSid == NULL ||
158  SePrincipalSelfSid == NULL || SeLocalSystemSid == NULL ||
159  SeAuthenticatedUserSid == NULL || SeRestrictedCodeSid == NULL ||
160  SeAliasAdminsSid == NULL || SeAliasUsersSid == NULL ||
161  SeAliasGuestsSid == NULL || SeAliasPowerUsersSid == NULL ||
162  SeAliasAccountOpsSid == NULL || SeAliasSystemOpsSid == NULL ||
163  SeAliasPrintOpsSid == NULL || SeAliasBackupOpsSid == NULL ||
164  SeAuthenticatedUsersSid == NULL || SeRestrictedSid == NULL ||
165  SeAnonymousLogonSid == NULL || SeLocalServiceSid == NULL ||
166  SeNetworkServiceSid == NULL)
167  {
168  FreeInitializedSids();
169  return FALSE;
170  }
171 
172  RtlInitializeSid(SeNullSid, &SeNullSidAuthority, 1);
173  RtlInitializeSid(SeWorldSid, &SeWorldSidAuthority, 1);
174  RtlInitializeSid(SeLocalSid, &SeLocalSidAuthority, 1);
175  RtlInitializeSid(SeCreatorOwnerSid, &SeCreatorSidAuthority, 1);
176  RtlInitializeSid(SeCreatorGroupSid, &SeCreatorSidAuthority, 1);
177  RtlInitializeSid(SeCreatorOwnerServerSid, &SeCreatorSidAuthority, 1);
178  RtlInitializeSid(SeCreatorGroupServerSid, &SeCreatorSidAuthority, 1);
179  RtlInitializeSid(SeNtAuthoritySid, &SeNtSidAuthority, 0);
180  RtlInitializeSid(SeDialupSid, &SeNtSidAuthority, 1);
181  RtlInitializeSid(SeNetworkSid, &SeNtSidAuthority, 1);
182  RtlInitializeSid(SeBatchSid, &SeNtSidAuthority, 1);
183  RtlInitializeSid(SeInteractiveSid, &SeNtSidAuthority, 1);
184  RtlInitializeSid(SeServiceSid, &SeNtSidAuthority, 1);
185  RtlInitializeSid(SePrincipalSelfSid, &SeNtSidAuthority, 1);
186  RtlInitializeSid(SeLocalSystemSid, &SeNtSidAuthority, 1);
187  RtlInitializeSid(SeAuthenticatedUserSid, &SeNtSidAuthority, 1);
188  RtlInitializeSid(SeRestrictedCodeSid, &SeNtSidAuthority, 1);
189  RtlInitializeSid(SeAliasAdminsSid, &SeNtSidAuthority, 2);
190  RtlInitializeSid(SeAliasUsersSid, &SeNtSidAuthority, 2);
191  RtlInitializeSid(SeAliasGuestsSid, &SeNtSidAuthority, 2);
192  RtlInitializeSid(SeAliasPowerUsersSid, &SeNtSidAuthority, 2);
193  RtlInitializeSid(SeAliasAccountOpsSid, &SeNtSidAuthority, 2);
194  RtlInitializeSid(SeAliasSystemOpsSid, &SeNtSidAuthority, 2);
195  RtlInitializeSid(SeAliasPrintOpsSid, &SeNtSidAuthority, 2);
196  RtlInitializeSid(SeAliasBackupOpsSid, &SeNtSidAuthority, 2);
197  RtlInitializeSid(SeAuthenticatedUsersSid, &SeNtSidAuthority, 1);
198  RtlInitializeSid(SeRestrictedSid, &SeNtSidAuthority, 1);
199  RtlInitializeSid(SeAnonymousLogonSid, &SeNtSidAuthority, 1);
200  RtlInitializeSid(SeLocalServiceSid, &SeNtSidAuthority, 1);
201  RtlInitializeSid(SeNetworkServiceSid, &SeNtSidAuthority, 1);
202 
203  SubAuthority = RtlSubAuthoritySid(SeNullSid, 0);
204  *SubAuthority = SECURITY_NULL_RID;
205  SubAuthority = RtlSubAuthoritySid(SeWorldSid, 0);
206  *SubAuthority = SECURITY_WORLD_RID;
207  SubAuthority = RtlSubAuthoritySid(SeLocalSid, 0);
208  *SubAuthority = SECURITY_LOCAL_RID;
209  SubAuthority = RtlSubAuthoritySid(SeCreatorOwnerSid, 0);
210  *SubAuthority = SECURITY_CREATOR_OWNER_RID;
211  SubAuthority = RtlSubAuthoritySid(SeCreatorGroupSid, 0);
212  *SubAuthority = SECURITY_CREATOR_GROUP_RID;
213  SubAuthority = RtlSubAuthoritySid(SeCreatorOwnerServerSid, 0);
214  *SubAuthority = SECURITY_CREATOR_OWNER_SERVER_RID;
215  SubAuthority = RtlSubAuthoritySid(SeCreatorGroupServerSid, 0);
216  *SubAuthority = SECURITY_CREATOR_GROUP_SERVER_RID;
217  SubAuthority = RtlSubAuthoritySid(SeDialupSid, 0);
218  *SubAuthority = SECURITY_DIALUP_RID;
219  SubAuthority = RtlSubAuthoritySid(SeNetworkSid, 0);
220  *SubAuthority = SECURITY_NETWORK_RID;
221  SubAuthority = RtlSubAuthoritySid(SeBatchSid, 0);
222  *SubAuthority = SECURITY_BATCH_RID;
223  SubAuthority = RtlSubAuthoritySid(SeInteractiveSid, 0);
224  *SubAuthority = SECURITY_INTERACTIVE_RID;
225  SubAuthority = RtlSubAuthoritySid(SeServiceSid, 0);
226  *SubAuthority = SECURITY_SERVICE_RID;
227  SubAuthority = RtlSubAuthoritySid(SePrincipalSelfSid, 0);
228  *SubAuthority = SECURITY_PRINCIPAL_SELF_RID;
229  SubAuthority = RtlSubAuthoritySid(SeLocalSystemSid, 0);
230  *SubAuthority = SECURITY_LOCAL_SYSTEM_RID;
231  SubAuthority = RtlSubAuthoritySid(SeAuthenticatedUserSid, 0);
232  *SubAuthority = SECURITY_AUTHENTICATED_USER_RID;
233  SubAuthority = RtlSubAuthoritySid(SeRestrictedCodeSid, 0);
234  *SubAuthority = SECURITY_RESTRICTED_CODE_RID;
235  SubAuthority = RtlSubAuthoritySid(SeAliasAdminsSid, 0);
236  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
237  SubAuthority = RtlSubAuthoritySid(SeAliasAdminsSid, 1);
238  *SubAuthority = DOMAIN_ALIAS_RID_ADMINS;
239  SubAuthority = RtlSubAuthoritySid(SeAliasUsersSid, 0);
240  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
241  SubAuthority = RtlSubAuthoritySid(SeAliasUsersSid, 1);
242  *SubAuthority = DOMAIN_ALIAS_RID_USERS;
243  SubAuthority = RtlSubAuthoritySid(SeAliasGuestsSid, 0);
244  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
245  SubAuthority = RtlSubAuthoritySid(SeAliasGuestsSid, 1);
246  *SubAuthority = DOMAIN_ALIAS_RID_GUESTS;
247  SubAuthority = RtlSubAuthoritySid(SeAliasPowerUsersSid, 0);
248  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
249  SubAuthority = RtlSubAuthoritySid(SeAliasPowerUsersSid, 1);
250  *SubAuthority = DOMAIN_ALIAS_RID_POWER_USERS;
251  SubAuthority = RtlSubAuthoritySid(SeAliasAccountOpsSid, 0);
252  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
253  SubAuthority = RtlSubAuthoritySid(SeAliasAccountOpsSid, 1);
254  *SubAuthority = DOMAIN_ALIAS_RID_ACCOUNT_OPS;
255  SubAuthority = RtlSubAuthoritySid(SeAliasSystemOpsSid, 0);
256  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
257  SubAuthority = RtlSubAuthoritySid(SeAliasSystemOpsSid, 1);
258  *SubAuthority = DOMAIN_ALIAS_RID_SYSTEM_OPS;
259  SubAuthority = RtlSubAuthoritySid(SeAliasPrintOpsSid, 0);
260  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
261  SubAuthority = RtlSubAuthoritySid(SeAliasPrintOpsSid, 1);
262  *SubAuthority = DOMAIN_ALIAS_RID_PRINT_OPS;
263  SubAuthority = RtlSubAuthoritySid(SeAliasBackupOpsSid, 0);
264  *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
265  SubAuthority = RtlSubAuthoritySid(SeAliasBackupOpsSid, 1);
266  *SubAuthority = DOMAIN_ALIAS_RID_BACKUP_OPS;
267  SubAuthority = RtlSubAuthoritySid(SeAuthenticatedUsersSid, 0);
268  *SubAuthority = SECURITY_AUTHENTICATED_USER_RID;
269  SubAuthority = RtlSubAuthoritySid(SeRestrictedSid, 0);
270  *SubAuthority = SECURITY_RESTRICTED_CODE_RID;
271  SubAuthority = RtlSubAuthoritySid(SeAnonymousLogonSid, 0);
272  *SubAuthority = SECURITY_ANONYMOUS_LOGON_RID;
273  SubAuthority = RtlSubAuthoritySid(SeLocalServiceSid, 0);
274  *SubAuthority = SECURITY_LOCAL_SERVICE_RID;
275  SubAuthority = RtlSubAuthoritySid(SeNetworkServiceSid, 0);
276  *SubAuthority = SECURITY_NETWORK_SERVICE_RID;
277 
278  return TRUE;
279 }
280 
306 NTSTATUS
307 NTAPI
308 SepCaptureSid(
309  _In_ PSID InputSid,
310  _In_ KPROCESSOR_MODE AccessMode,
311  _In_ POOL_TYPE PoolType,
312  _In_ BOOLEAN CaptureIfKernel,
313  _Out_ PSID *CapturedSid)
314 {
315  ULONG SidSize = 0;
316  PISID NewSid, Sid = (PISID)InputSid;
317 
318  PAGED_CODE();
319 
320  if (AccessMode != KernelMode)
321  {
322  _SEH2_TRY
323  {
324  ProbeForRead(Sid, FIELD_OFFSET(SID, SubAuthority), sizeof(UCHAR));
325  SidSize = RtlLengthRequiredSid(Sid->SubAuthorityCount);
326  ProbeForRead(Sid, SidSize, sizeof(UCHAR));
327  }
328  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
329  {
330  /* Return the exception code */
331  _SEH2_YIELD(return _SEH2_GetExceptionCode());
332  }
333  _SEH2_END;
334 
335  /* Allocate a SID and copy it */
336  NewSid = ExAllocatePoolWithTag(PoolType, SidSize, TAG_SID);
337  if (!NewSid)
338  return STATUS_INSUFFICIENT_RESOURCES;
339 
340  _SEH2_TRY
341  {
342  RtlCopyMemory(NewSid, Sid, SidSize);
343 
344  *CapturedSid = NewSid;
345  }
346  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
347  {
348  /* Free the SID and return the exception code */
349  ExFreePoolWithTag(NewSid, TAG_SID);
350  _SEH2_YIELD(return _SEH2_GetExceptionCode());
351  }
352  _SEH2_END;
353  }
354  else if (!CaptureIfKernel)
355  {
356  *CapturedSid = InputSid;
357  }
358  else
359  {
360  SidSize = RtlLengthRequiredSid(Sid->SubAuthorityCount);
361 
362  /* Allocate a SID and copy it */
363  NewSid = ExAllocatePoolWithTag(PoolType, SidSize, TAG_SID);
364  if (NewSid == NULL)
365  return STATUS_INSUFFICIENT_RESOURCES;
366 
367  RtlCopyMemory(NewSid, Sid, SidSize);
368 
369  *CapturedSid = NewSid;
370  }
371 
372  return STATUS_SUCCESS;
373 }
374 
392 VOID
393 NTAPI
394 SepReleaseSid(
395  _In_ PSID CapturedSid,
396  _In_ KPROCESSOR_MODE AccessMode,
397  _In_ BOOLEAN CaptureIfKernel)
398 {
399  PAGED_CODE();
400 
401  if (CapturedSid != NULL &&
402  (AccessMode != KernelMode ||
403  (AccessMode == KernelMode && CaptureIfKernel)))
404  {
405  ExFreePoolWithTag(CapturedSid, TAG_SID);
406  }
407 }
408 
456 NTSTATUS
457 NTAPI
458 SeCaptureSidAndAttributesArray(
459  _In_ PSID_AND_ATTRIBUTES SrcSidAndAttributes,
460  _In_ ULONG AttributeCount,
461  _In_ KPROCESSOR_MODE PreviousMode,
462  _In_opt_ PVOID AllocatedMem,
463  _In_ ULONG AllocatedLength,
464  _In_ POOL_TYPE PoolType,
465  _In_ BOOLEAN CaptureIfKernel,
466  _Out_ PSID_AND_ATTRIBUTES *CapturedSidAndAttributes,
467  _Out_ PULONG ResultLength)
468 {
469  ULONG ArraySize, RequiredLength, SidLength, i;
470  PSID_AND_ATTRIBUTES SidAndAttributes;
471  PUCHAR CurrentDest;
472  PISID Sid;
473  NTSTATUS Status;
474  PAGED_CODE();
475 
476  *CapturedSidAndAttributes = NULL;
477  *ResultLength = 0;
478 
479  if (AttributeCount == 0)
480  {
481  return STATUS_SUCCESS;
482  }
483 
484  if (AttributeCount > SE_MAXIMUM_GROUP_LIMIT)
485  {
486  return STATUS_INVALID_PARAMETER;
487  }
488 
489  if ((PreviousMode == KernelMode) && !CaptureIfKernel)
490  {
491  *CapturedSidAndAttributes = SrcSidAndAttributes;
492  return STATUS_SUCCESS;
493  }
494 
495  ArraySize = AttributeCount * sizeof(SID_AND_ATTRIBUTES);
496  RequiredLength = ALIGN_UP_BY(ArraySize, sizeof(ULONG));
497 
498  /* Check for user mode data */
499  if (PreviousMode != KernelMode)
500  {
501  _SEH2_TRY
502  {
503  /* First probe the whole array */
504  ProbeForRead(SrcSidAndAttributes, ArraySize, sizeof(ULONG));
505 
506  /* Loop the array elements */
507  for (i = 0; i < AttributeCount; i++)
508  {
509  /* Get the SID and probe the minimal structure */
510  Sid = SrcSidAndAttributes[i].Sid;
511  ProbeForRead(Sid, sizeof(*Sid), sizeof(ULONG));
512 
513  /* Verify that the SID is valid */
514  if (((Sid->Revision & 0xF) != SID_REVISION) ||
515  (Sid->SubAuthorityCount > SID_MAX_SUB_AUTHORITIES))
516  {
517  _SEH2_YIELD(return STATUS_INVALID_SID);
518  }
519 
520  /* Calculate the SID length and probe the full SID */
521  SidLength = RtlLengthRequiredSid(Sid->SubAuthorityCount);
522  ProbeForRead(Sid, SidLength, sizeof(ULONG));
523 
524  /* Add the aligned length to the required length */
525  RequiredLength += ALIGN_UP_BY(SidLength, sizeof(ULONG));
526  }
527  }
528  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
529  {
530  _SEH2_YIELD(return _SEH2_GetExceptionCode());
531  }
532  _SEH2_END;
533  }
534  else
535  {
536  /* Loop the array elements */
537  for (i = 0; i < AttributeCount; i++)
538  {
539  /* Get the SID and it's length */
540  Sid = SrcSidAndAttributes[i].Sid;
541  SidLength = RtlLengthRequiredSid(Sid->SubAuthorityCount);
542 
543  /* Add the aligned length to the required length */
544  RequiredLength += ALIGN_UP_BY(SidLength, sizeof(ULONG));
545  }
546  }
547 
548  /* Assume success */
549  Status = STATUS_SUCCESS;
550  *ResultLength = RequiredLength;
551 
552  /* Check if we have no buffer */
553  if (AllocatedMem == NULL)
554  {
555  /* Allocate a new buffer */
556  SidAndAttributes = ExAllocatePoolWithTag(PoolType,
557  RequiredLength,
558  TAG_SID_AND_ATTRIBUTES);
559  if (SidAndAttributes == NULL)
560  {
561  return STATUS_INSUFFICIENT_RESOURCES;
562  }
563  }
564  /* Otherwise check if the buffer is large enough */
565  else if (AllocatedLength >= RequiredLength)
566  {
567  /* Buffer is large enough, use it */
568  SidAndAttributes = AllocatedMem;
569  }
570  else
571  {
572  /* Buffer is too small, fail */
573  return STATUS_BUFFER_TOO_SMALL;
574  }
575 
576  *CapturedSidAndAttributes = SidAndAttributes;
577 
578  /* Check again for user mode */
579  if (PreviousMode != KernelMode)
580  {
581  _SEH2_TRY
582  {
583  /* The rest of the data starts after the array */
584  CurrentDest = (PUCHAR)SidAndAttributes;
585  CurrentDest += ALIGN_UP_BY(ArraySize, sizeof(ULONG));
586 
587  /* Loop the array elements */
588  for (i = 0; i < AttributeCount; i++)
589  {
590  /* Get the SID and it's length */
591  Sid = SrcSidAndAttributes[i].Sid;
592  SidLength = RtlLengthRequiredSid(Sid->SubAuthorityCount);
593 
594  /* Copy attributes */
595  SidAndAttributes[i].Attributes = SrcSidAndAttributes[i].Attributes;
596 
597  /* Copy the SID to the current destination address */
598  SidAndAttributes[i].Sid = (PSID)CurrentDest;
599  RtlCopyMemory(CurrentDest, SrcSidAndAttributes[i].Sid, SidLength);
600 
601  /* Sanity checks */
602  ASSERT(RtlLengthSid(SidAndAttributes[i].Sid) == SidLength);
603  ASSERT(RtlValidSid(SidAndAttributes[i].Sid));
604 
605  /* Update the current destination address */
606  CurrentDest += ALIGN_UP_BY(SidLength, sizeof(ULONG));
607  }
608  }
609  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
610  {
611  Status = _SEH2_GetExceptionCode();
612  }
613  _SEH2_END;
614  }
615  else
616  {
617  /* The rest of the data starts after the array */
618  CurrentDest = (PUCHAR)SidAndAttributes;
619  CurrentDest += ALIGN_UP_BY(ArraySize, sizeof(ULONG));
620 
621  /* Loop the array elements */
622  for (i = 0; i < AttributeCount; i++)
623  {
624  /* Get the SID and it's length */
625  Sid = SrcSidAndAttributes[i].Sid;
626  SidLength = RtlLengthRequiredSid(Sid->SubAuthorityCount);
627 
628  /* Copy attributes */
629  SidAndAttributes[i].Attributes = SrcSidAndAttributes[i].Attributes;
630 
631  /* Copy the SID to the current destination address */
632  SidAndAttributes[i].Sid = (PSID)CurrentDest;
633  RtlCopyMemory(CurrentDest, SrcSidAndAttributes[i].Sid, SidLength);
634 
635  /* Update the current destination address */
636  CurrentDest += ALIGN_UP_BY(SidLength, sizeof(ULONG));
637  }
638  }
639 
640  /* Check for failure */
641  if (!NT_SUCCESS(Status))
642  {
643  /* Check if we allocated a new array */
644  if (SidAndAttributes != AllocatedMem)
645  {
646  /* Free the array */
647  ExFreePoolWithTag(SidAndAttributes, TAG_SID_AND_ATTRIBUTES);
648  }
649 
650  /* Set returned address to NULL */
651  *CapturedSidAndAttributes = NULL ;
652  }
653 
654  return Status;
655 }
656 
674 VOID
675 NTAPI
676 SeReleaseSidAndAttributesArray(
677  _In_ _Post_invalid_ PSID_AND_ATTRIBUTES CapturedSidAndAttributes,
678  _In_ KPROCESSOR_MODE AccessMode,
679  _In_ BOOLEAN CaptureIfKernel)
680 {
681  PAGED_CODE();
682 
683  if ((CapturedSidAndAttributes != NULL) &&
684  ((AccessMode != KernelMode) || CaptureIfKernel))
685  {
686  ExFreePoolWithTag(CapturedSidAndAttributes, TAG_SID_AND_ATTRIBUTES);
687  }
688 }
689 
690 /* EOF */
SeLocalServiceSid
PSID SeLocalServiceSid
Definition: sid.c:52
SECURITY_BATCH_RID
#define SECURITY_BATCH_RID
Definition: setypes.h:545
SE_MAXIMUM_GROUP_LIMIT
#define SE_MAXIMUM_GROUP_LIMIT
Definition: sid.c:16
SECURITY_AUTHENTICATED_USER_RID
#define SECURITY_AUTHENTICATED_USER_RID
Definition: setypes.h:555
SECURITY_LOCAL_SYSTEM_RID
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:561
TAG_SID_AND_ATTRIBUTES
#define TAG_SID_AND_ATTRIBUTES
Definition: tag.h:188
DOMAIN_ALIAS_RID_GUESTS
#define DOMAIN_ALIAS_RID_GUESTS
Definition: setypes.h:641
SeAliasPrintOpsSid
PSID SeAliasPrintOpsSid
Definition: sid.c:47
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_SID_AND_ATTRIBUTES::Sid
PSID Sid
Definition: setypes.h:493
_In_opt_
#define _In_opt_
Definition: ms_sal.h:309
FreeInitializedSids
VOID NTAPI FreeInitializedSids(VOID)
Frees all the known initialized SIDs in the system from the memory.
Definition: sid.c:66
_SID
Definition: ms-dtyp.idl:198
SeAnonymousLogonSid
PSID SeAnonymousLogonSid
Definition: sid.c:51
_Out_
#define _Out_
Definition: ms_sal.h:345
SeBatchSid
PSID SeBatchSid
Definition: sid.c:34
TRUE
#define TRUE
Definition: types.h:120
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
SeLocalSystemSid
PSID SeLocalSystemSid
Definition: sid.c:38
SeAliasAdminsSid
PSID SeAliasAdminsSid
Definition: sid.c:41
DOMAIN_ALIAS_RID_ACCOUNT_OPS
#define DOMAIN_ALIAS_RID_ACCOUNT_OPS
Definition: setypes.h:644
SeDialupSid
PSID SeDialupSid
Definition: sid.c:32
SECURITY_DIALUP_RID
#define SECURITY_DIALUP_RID
Definition: setypes.h:543
PUCHAR
unsigned char * PUCHAR
Definition: retypes.h:3
SID_REVISION
#define SID_REVISION
Definition: setypes.h:468
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
SeReleaseSidAndAttributesArray
VOID NTAPI SeReleaseSidAndAttributesArray(_In_ _Post_invalid_ PSID_AND_ATTRIBUTES CapturedSidAndAttributes, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
Releases a captured SID with attributes.
Definition: sid.c:676
SECURITY_NETWORK_RID
#define SECURITY_NETWORK_RID
Definition: setypes.h:544
TAG_SID
#define TAG_SID
Definition: sid.c:15
DOMAIN_ALIAS_RID_POWER_USERS
#define DOMAIN_ALIAS_RID_POWER_USERS
Definition: setypes.h:642
SECURITY_INTERACTIVE_RID
#define SECURITY_INTERACTIVE_RID
Definition: setypes.h:546
SECURITY_NULL_SID_AUTHORITY
#define SECURITY_NULL_SID_AUTHORITY
Definition: setypes.h:511
SeAliasBackupOpsSid
PSID SeAliasBackupOpsSid
Definition: sid.c:48
STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
_SEH2_TRY
_SEH2_TRY
Definition: create.c:4226
SePrincipalSelfSid
PSID SePrincipalSelfSid
Definition: sid.c:37
RtlSubAuthoritySid
PULONG NTAPI RtlSubAuthoritySid(IN PSID Sid_, IN ULONG SubAuthority)
Definition: sid.c:89
SECURITY_PRINCIPAL_SELF_RID
#define SECURITY_PRINCIPAL_SELF_RID
Definition: setypes.h:554
SeCreatorOwnerServerSid
PSID SeCreatorOwnerServerSid
Definition: sid.c:29
NTAPI
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
FALSE
#define FALSE
Definition: types.h:117
SepCaptureSid
NTSTATUS NTAPI SepCaptureSid(_In_ PSID InputSid, _In_ KPROCESSOR_MODE AccessMode, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSID *CapturedSid)
Captures a SID.
Definition: sid.c:308
SeCreatorSidAuthority
SID_IDENTIFIER_AUTHORITY SeCreatorSidAuthority
Definition: sid.c:21
SECURITY_LOCAL_SID_AUTHORITY
#define SECURITY_LOCAL_SID_AUTHORITY
Definition: setypes.h:517
PISID
struct _SID * PISID
SepInitSecurityIDs
BOOLEAN NTAPI SepInitSecurityIDs(VOID)
Initializes all the SIDs known in the system.
Definition: sid.c:109
AccessMode
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:395
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
SID_MAX_SUB_AUTHORITIES
#define SID_MAX_SUB_AUTHORITIES
Definition: setypes.h:469
RtlLengthSid
ULONG NTAPI RtlLengthSid(IN PSID Sid_)
Definition: sid.c:150
_In_
#define _In_
Definition: ms_sal.h:308
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
STATUS_INVALID_SID
#define STATUS_INVALID_SID
Definition: ntstatus.h:356
SECURITY_LOCAL_SERVICE_RID
#define SECURITY_LOCAL_SERVICE_RID
Definition: setypes.h:562
SECURITY_NT_AUTHORITY
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:541
RtlValidSid
BOOLEAN NTAPI RtlValidSid(IN PSID Sid_)
Definition: sid.c:21
Status
Status
Definition: gdiplustypes.h:24
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
SECURITY_CREATOR_GROUP_SERVER_RID
#define SECURITY_CREATOR_GROUP_SERVER_RID
Definition: setypes.h:535
SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:568
ASSERT
#define ASSERT(a)
Definition: mode.c:44
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
DOMAIN_ALIAS_RID_BACKUP_OPS
#define DOMAIN_ALIAS_RID_BACKUP_OPS
Definition: setypes.h:647
SECURITY_WORLD_SID_AUTHORITY
#define SECURITY_WORLD_SID_AUTHORITY
Definition: setypes.h:514
POOL_TYPE
INT POOL_TYPE
Definition: typedefs.h:78
SeServiceSid
PSID SeServiceSid
Definition: sid.c:36
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
_SID_AND_ATTRIBUTES
Definition: setypes.h:489
SID_AND_ATTRIBUTES
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
DOMAIN_ALIAS_RID_SYSTEM_OPS
#define DOMAIN_ALIAS_RID_SYSTEM_OPS
Definition: setypes.h:645
SECURITY_LOCAL_RID
#define SECURITY_LOCAL_RID
Definition: setypes.h:529
SeWorldSidAuthority
SID_IDENTIFIER_AUTHORITY SeWorldSidAuthority
Definition: sid.c:19
KPROCESSOR_MODE
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
SECURITY_WORLD_RID
#define SECURITY_WORLD_RID
Definition: setypes.h:528
SeCaptureSidAndAttributesArray
NTSTATUS NTAPI SeCaptureSidAndAttributesArray(_In_ PSID_AND_ATTRIBUTES SrcSidAndAttributes, _In_ ULONG AttributeCount, _In_ KPROCESSOR_MODE PreviousMode, _In_opt_ PVOID AllocatedMem, _In_ ULONG AllocatedLength, _In_ POOL_TYPE PoolType, _In_ BOOLEAN CaptureIfKernel, _Out_ PSID_AND_ATTRIBUTES *CapturedSidAndAttributes, _Out_ PULONG ResultLength)
Captures a SID with attributes.
Definition: sid.c:458
SECURITY_ANONYMOUS_LOGON_RID
#define SECURITY_ANONYMOUS_LOGON_RID
Definition: setypes.h:550
SeAliasUsersSid
PSID SeAliasUsersSid
Definition: sid.c:42
SeAliasGuestsSid
PSID SeAliasGuestsSid
Definition: sid.c:43
PSID
struct _SID * PSID
Definition: eventlog.c:35
SECURITY_CREATOR_OWNER_RID
#define SECURITY_CREATOR_OWNER_RID
Definition: setypes.h:532
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
SECURITY_NULL_RID
#define SECURITY_NULL_RID
Definition: setypes.h:527
SepReleaseSid
VOID NTAPI SepReleaseSid(_In_ PSID CapturedSid, _In_ KPROCESSOR_MODE AccessMode, _In_ BOOLEAN CaptureIfKernel)
Releases a captured SID.
Definition: sid.c:394
UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181
SeAuthenticatedUserSid
PSID SeAuthenticatedUserSid
Definition: sid.c:39
ProbeForRead
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
SeWorldSid
PSID SeWorldSid
Definition: sid.c:25
RtlLengthRequiredSid
ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54
SeLocalSid
PSID SeLocalSid
Definition: sid.c:26
_SID_IDENTIFIER_AUTHORITY
Definition: ms-dtyp.idl:194
SeAuthenticatedUsersSid
PSID SeAuthenticatedUsersSid
Definition: sid.c:49
SeAliasPowerUsersSid
PSID SeAliasPowerUsersSid
Definition: sid.c:44
_Post_invalid_
#define _Post_invalid_
Definition: ms_sal.h:695
SECURITY_NETWORK_SERVICE_RID
#define SECURITY_NETWORK_SERVICE_RID
Definition: setypes.h:563
SeNetworkSid
PSID SeNetworkSid
Definition: sid.c:33
SeNullSidAuthority
SID_IDENTIFIER_AUTHORITY SeNullSidAuthority
Definition: sid.c:18
SECURITY_CREATOR_GROUP_RID
#define SECURITY_CREATOR_GROUP_RID
Definition: setypes.h:533
_SEH2_END
_SEH2_END
Definition: create.c:4400
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
RtlInitializeSid
NTSTATUS NTAPI RtlInitializeSid(IN PSID Sid_, IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount)
Definition: sid.c:68
DOMAIN_ALIAS_RID_USERS
#define DOMAIN_ALIAS_RID_USERS
Definition: setypes.h:640
_SID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:495
FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
RequiredLength
_In_ ULONG _Out_opt_ PULONG RequiredLength
Definition: wmifuncs.h:29
_SID::SubAuthorityCount
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200
PULONG
unsigned int * PULONG
Definition: retypes.h:1
SECURITY_RESTRICTED_CODE_RID
#define SECURITY_RESTRICTED_CODE_RID
Definition: setypes.h:556
NULL
#define NULL
Definition: types.h:112
SeCreatorGroupSid
PSID SeCreatorGroupSid
Definition: sid.c:28
SeRestrictedSid
PSID SeRestrictedSid
Definition: sid.c:50
SeCreatorGroupServerSid
PSID SeCreatorGroupServerSid
Definition: sid.c:30
SeNetworkServiceSid
PSID SeNetworkServiceSid
Definition: sid.c:53
SECURITY_CREATOR_OWNER_SERVER_RID
#define SECURITY_CREATOR_OWNER_SERVER_RID
Definition: setypes.h:534
SeRestrictedCodeSid
PSID SeRestrictedCodeSid
Definition: sid.c:40
DOMAIN_ALIAS_RID_PRINT_OPS
#define DOMAIN_ALIAS_RID_PRINT_OPS
Definition: setypes.h:646
SECURITY_SERVICE_RID
#define SECURITY_SERVICE_RID
Definition: setypes.h:549
PoolType
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3810
ULONG
unsigned int ULONG
Definition: retypes.h:1
ALIGN_UP_BY
#define ALIGN_UP_BY(size, align)
Definition: GetWindowPlacement.c:13
SeLocalSidAuthority
SID_IDENTIFIER_AUTHORITY SeLocalSidAuthority
Definition: sid.c:20
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
ResultLength
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG _Out_ PULONG ResultLength
Definition: wdfdevice.h:3776
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
_SID::Revision
BYTE Revision
Definition: ms-dtyp.idl:199
SeCreatorOwnerSid
PSID SeCreatorOwnerSid
Definition: sid.c:27
SeAliasSystemOpsSid
PSID SeAliasSystemOpsSid
Definition: sid.c:46
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165
SeInteractiveSid
PSID SeInteractiveSid
Definition: sid.c:35
_SEH2_YIELD
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:168
SeNullSid
PSID SeNullSid
Definition: sid.c:24
SeNtSidAuthority
SID_IDENTIFIER_AUTHORITY SeNtSidAuthority
Definition: sid.c:22
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099
NewSid
_In_ PSID _In_ PSID NewSid
Definition: rtlfuncs.h:2813
DOMAIN_ALIAS_RID_ADMINS
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:639
CODE_SEG
static CODE_SEG("PAGE")
Definition: isapnp.c:1482
SECURITY_CREATOR_SID_AUTHORITY
#define SECURITY_CREATOR_SID_AUTHORITY
Definition: setypes.h:520
SeNtAuthoritySid
PSID SeNtAuthoritySid
Definition: sid.c:31
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89
SeAliasAccountOpsSid
PSID SeAliasAccountOpsSid
Definition: sid.c:45