sid.c File Reference

#include <rtl.h>
#include <debug.h>

Include dependency graph for sid.c:

Go to the source code of this file.

Macros
#define	NDEBUG
#define	TAG_SID   'diSp'

Functions
BOOLEAN NTAPI	RtlValidSid (IN PSID Sid_)
ULONG NTAPI	RtlLengthRequiredSid (IN ULONG SubAuthorityCount)
NTSTATUS NTAPI	RtlInitializeSid (IN PSID Sid_, IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount)
PULONG NTAPI	RtlSubAuthoritySid (IN PSID Sid_, IN ULONG SubAuthority)
PUCHAR NTAPI	RtlSubAuthorityCountSid (IN PSID Sid_)
PSID_IDENTIFIER_AUTHORITY NTAPI	RtlIdentifierAuthoritySid (IN PSID Sid_)
BOOLEAN NTAPI	RtlEqualSid (IN PSID Sid1_, IN PSID Sid2_)
ULONG NTAPI	RtlLengthSid (IN PSID Sid_)
NTSTATUS NTAPI	RtlCopySid (IN ULONG BufferLength, IN PSID Dest, IN PSID Src)
PVOID NTAPI	RtlFreeSid (IN PSID Sid)
BOOLEAN NTAPI	RtlEqualPrefixSid (IN PSID Sid1_, IN PSID Sid2_)
NTSTATUS NTAPI	RtlCopySidAndAttributesArray (IN ULONG Count, IN PSID_AND_ATTRIBUTES Src, IN ULONG SidAreaSize, IN PSID_AND_ATTRIBUTES Dest, IN PSID SidArea, OUT PSID *RemainingSidArea, OUT PULONG RemainingSidAreaSize)
NTSTATUS NTAPI	RtlAllocateAndInitializeSid (IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
NTSTATUS NTAPI	RtlConvertSidToUnicodeString (IN PUNICODE_STRING String, IN PSID Sid_, IN BOOLEAN AllocateBuffer)

Macro Definition Documentation

NDEBUG

#define NDEBUG

Definition at line 12 of file sid.c.

TAG_SID

#define TAG_SID   'diSp'

Definition at line 15 of file sid.c.

Function Documentation

RtlAllocateAndInitializeSid()

NTSTATUS NTAPI RtlAllocateAndInitializeSid	(	IN PSID_IDENTIFIER_AUTHORITY	IdentifierAuthority,
		IN UCHAR	SubAuthorityCount,
		IN ULONG	SubAuthority0,
		IN ULONG	SubAuthority1,
		IN ULONG	SubAuthority2,
		IN ULONG	SubAuthority3,
		IN ULONG	SubAuthority4,
		IN ULONG	SubAuthority5,
		IN ULONG	SubAuthority6,
		IN ULONG	SubAuthority7,
		OUT PSID *	Sid
	)

Definition at line 290 of file sid.c.

{
    PISID pSid;
    PAGED_CODE_RTL();

    /* SIDs can only have up to 8 subauthorities */
    if (SubAuthorityCount > 8) return STATUS_INVALID_SID;

    /* Allocate memory to hold the SID */
    pSid = RtlpAllocateMemory(RtlLengthRequiredSid(SubAuthorityCount), TAG_SID);
    if (!pSid) return STATUS_NO_MEMORY;

    /* Fill out the header */
    pSid->Revision = SID_REVISION;
    pSid->SubAuthorityCount = SubAuthorityCount;
    pSid->IdentifierAuthority = *IdentifierAuthority;

    /* Iteraratively drop into each successive lower count */
    switch (SubAuthorityCount)
    {
        /* And copy the needed subahority */
        case 8: pSid->SubAuthority[7] = SubAuthority7;
        case 7: pSid->SubAuthority[6] = SubAuthority6;
        case 6: pSid->SubAuthority[5] = SubAuthority5;
        case 5: pSid->SubAuthority[4] = SubAuthority4;
        case 4: pSid->SubAuthority[3] = SubAuthority3;
        case 3: pSid->SubAuthority[2] = SubAuthority2;
        case 2: pSid->SubAuthority[1] = SubAuthority1;
        case 1: pSid->SubAuthority[0] = SubAuthority0;
        default: break;
    }

    /* Return the allocated SID */
    *Sid = pSid;
    return STATUS_SUCCESS;
}

Referenced by AllocateAndInitializeSid(), AppendRidToSid(), BuildTokenGroups(), CreateBaseAcls(), CSR_API(), CsrCreateLocalSystemSD(), CsrpConnectToServer(), DllMain(), GetDosDevicesProtection(), K32CreateDBMonMutex(), LogonUserExW(), LsapAppendRidToSid(), LsapCreateAccountSd(), LsapCreatePolicySd(), LsapCreateRandomDomainSid(), LsapCreateSecretSd(), LsapGetDomainInfo(), MyLogonUser(), RtlpSysVolCheckOwnerAndSecurity(), RtlpSysVolCreateSecurityDescriptor(), RtlpSysVolTakeOwnership(), SampCreateAccountDomainSD(), SampCreateAliasSD(), SampCreateBuiltinDomainSD(), SampCreateGroupSD(), SampCreateServerSD(), SampCreateUserSD(), and SmpCreateSecurityDescriptors().

RtlConvertSidToUnicodeString()

NTSTATUS NTAPI RtlConvertSidToUnicodeString	(	IN PUNICODE_STRING	String,
		IN PSID	Sid_,
		IN BOOLEAN	AllocateBuffer
	)

Definition at line 342 of file sid.c.

{
    WCHAR Buffer[256];
    PWSTR wcs;
    SIZE_T Length;
    ULONG i;
    PISID Sid = Sid_;
    PAGED_CODE_RTL();

    if (!RtlValidSid(Sid)) return STATUS_INVALID_SID;

    wcs = Buffer;
    wcs += swprintf(wcs, L"S-1-");

    if ((Sid->IdentifierAuthority.Value[0] == 0) &&
        (Sid->IdentifierAuthority.Value[1] == 0))
    {
        wcs += swprintf(wcs,
                        L"%lu",
                        (ULONG)Sid->IdentifierAuthority.Value[2] << 24 |
                        (ULONG)Sid->IdentifierAuthority.Value[3] << 16 |
                        (ULONG)Sid->IdentifierAuthority.Value[4] << 8 |
                        (ULONG)Sid->IdentifierAuthority.Value[5]);
    }
    else
    {
        wcs += swprintf(wcs,
                        L"0x%02hx%02hx%02hx%02hx%02hx%02hx",
                        Sid->IdentifierAuthority.Value[0],
                        Sid->IdentifierAuthority.Value[1],
                        Sid->IdentifierAuthority.Value[2],
                        Sid->IdentifierAuthority.Value[3],
                        Sid->IdentifierAuthority.Value[4],
                        Sid->IdentifierAuthority.Value[5]);
    }

    for (i = 0; i < Sid->SubAuthorityCount; i++)
    {
        wcs += swprintf(wcs, L"-%u", Sid->SubAuthority[i]);
    }

    if (AllocateBuffer)
    {
        if (!RtlCreateUnicodeString(String, Buffer)) return STATUS_NO_MEMORY;
    }
    else
    {
        Length = (wcs - Buffer) * sizeof(WCHAR);

        if (Length > String->MaximumLength) return STATUS_BUFFER_TOO_SMALL;

        String->Length = (USHORT)Length;
        RtlCopyMemory(String->Buffer, Buffer, Length);

        if (Length < String->MaximumLength)
        {
            String->Buffer[Length / sizeof(WCHAR)] = UNICODE_NULL;
        }
    }

    return STATUS_SUCCESS;
}

Referenced by GetUserSidStringFromToken().

RtlCopySid()

NTSTATUS NTAPI RtlCopySid	(	IN ULONG	BufferLength,
		IN PSID	Dest,
		IN PSID	Src
	)

Definition at line 165 of file sid.c.

{
    ULONG SidLength;
    PAGED_CODE_RTL();

    /* Make sure the buffer is large enough*/
    SidLength = RtlLengthSid(Src);
    if (SidLength > BufferLength) return STATUS_BUFFER_TOO_SMALL;

    /* And then copy the SID */
    RtlMoveMemory(Dest, Src, SidLength);
    return STATUS_SUCCESS;
}

Referenced by GetUserSid(), and RtlCopySidAndAttributesArray().

RtlCopySidAndAttributesArray()

NTSTATUS NTAPI RtlCopySidAndAttributesArray	(	IN ULONG	Count,
		IN PSID_AND_ATTRIBUTES	Src,
		IN ULONG	SidAreaSize,
		IN PSID_AND_ATTRIBUTES	Dest,
		IN PSID	SidArea,
		OUT PSID *	RemainingSidArea,
		OUT PULONG	RemainingSidAreaSize
	)

Definition at line 249 of file sid.c.

{
    ULONG SidLength, i;
    PAGED_CODE_RTL();

    /* Loop all the attributes */
    for (i = 0; i < Count; i++)
    {
        /* Make sure this SID can fit in the buffer */
        SidLength = RtlLengthSid(Src[i].Sid);
        if (SidLength > SidAreaSize) return STATUS_BUFFER_TOO_SMALL;

        /* Consume remaining buffer space for this SID */
        SidAreaSize -= SidLength;

        /* Copy the SID and attributes */
        Dest[i].Sid = SidArea;
        Dest[i].Attributes = Src[i].Attributes;
        RtlCopySid(SidLength, SidArea, Src[i].Sid);

        /* Push the buffer area where the SID will reset */
        SidArea = (PSID)((ULONG_PTR)SidArea + SidLength);
    }

    /* Return how much space is left, and where the buffer is at now */
    *RemainingSidArea = SidArea;
    *RemainingSidAreaSize = SidAreaSize;
    return STATUS_SUCCESS;
}

RtlEqualPrefixSid()

BOOLEAN NTAPI RtlEqualPrefixSid	(	IN PSID	Sid1_,
		IN PSID	Sid2_
	)

Definition at line 200 of file sid.c.

{
    PISID Sid1 = Sid1_, Sid2 = Sid2_;
    ULONG i;
    PAGED_CODE_RTL();

    /* Revisions have to match */
    if (Sid1->Revision != Sid2->Revision) return FALSE;

    /* The identifier authorities have to match */
    if ((Sid1->IdentifierAuthority.Value[0] == Sid2->IdentifierAuthority.Value[0]) &&
        (Sid1->IdentifierAuthority.Value[1] == Sid2->IdentifierAuthority.Value[1]) &&
        (Sid1->IdentifierAuthority.Value[2] == Sid2->IdentifierAuthority.Value[2]) &&
        (Sid1->IdentifierAuthority.Value[3] == Sid2->IdentifierAuthority.Value[3]) &&
        (Sid1->IdentifierAuthority.Value[4] == Sid2->IdentifierAuthority.Value[4]) &&
        (Sid1->IdentifierAuthority.Value[5] == Sid2->IdentifierAuthority.Value[5]))
    {
        /* The subauthority counts have to match */
        if (Sid1->SubAuthorityCount == Sid2->SubAuthorityCount)
        {
            /* If there aren't any in SID1, means none in SID2 either, so equal */
            if (!Sid1->SubAuthorityCount) return TRUE;

            /* Now compare all the subauthority values BUT the last one */
            for (i = 0; (i + 1) < Sid1->SubAuthorityCount; i++)
            {
                /* Does any mismatch? */
                if (Sid1->SubAuthority[i] != Sid2->SubAuthority[i])
                {
                    /* Prefix doesn't match, fail */
                    return FALSE;
                }
            }

            /* Everything that should matches, does, return success */
            return TRUE;
        }
    }

    /* Identifiers don't match, fail */
    return FALSE;
}

RtlEqualSid()

BOOLEAN NTAPI RtlEqualSid	(	IN PSID	Sid1_,
		IN PSID	Sid2_
	)

Definition at line 132 of file sid.c.

{
    PISID Sid1 = Sid1_, Sid2 = Sid2_;
    PAGED_CODE_RTL();

    /* Quick compare of the revision and the count */
    if (*(PUSHORT)&Sid1->Revision != *(PUSHORT)&Sid2->Revision) return FALSE;

    /* Get the length and compare it the long way */
    return RtlEqualMemory(Sid1, Sid2, RtlLengthSid(Sid1));
}

RtlFreeSid()

PVOID NTAPI RtlFreeSid

(

IN PSID

Sid

)

Definition at line 186 of file sid.c.

{
    PAGED_CODE_RTL();

    /* Free the SID and always return NULL */
    RtlpFreeMemory(Sid, TAG_SID);
    return NULL;
}

RtlIdentifierAuthoritySid()

PSID_IDENTIFIER_AUTHORITY NTAPI RtlIdentifierAuthoritySid

(

IN PSID

Sid_

)

Definition at line 118 of file sid.c.

{
    PISID Sid =  Sid_;
    PAGED_CODE_RTL();

    /* Return the offset to the identifier authority */
    return &Sid->IdentifierAuthority;
}

RtlInitializeSid()

NTSTATUS NTAPI RtlInitializeSid	(	IN PSID	Sid_,
		IN PSID_IDENTIFIER_AUTHORITY	IdentifierAuthority,
		IN UCHAR	SubAuthorityCount
	)

Definition at line 68 of file sid.c.

{
    PISID Sid = Sid_;
    PAGED_CODE_RTL();

    /* Fill out the header */
    Sid->Revision = SID_REVISION;
    Sid->SubAuthorityCount = SubAuthorityCount;
    Sid->IdentifierAuthority = *IdentifierAuthority;

    /* All good */
    return STATUS_SUCCESS;
}

Referenced by SepInitSecurityIDs().

RtlLengthRequiredSid()

ULONG NTAPI RtlLengthRequiredSid

(

IN ULONG

SubAuthorityCount

)

Definition at line 54 of file sid.c.

{
    PAGED_CODE_RTL();

    /* Return the required length */
    return (ULONG)FIELD_OFFSET(SID,
                               SubAuthority[SubAuthorityCount]);
}

Referenced by AppendRidToSid(), BuildSidFromSidAndRid(), CmpHiveRootSecurityDescriptor(), CreateDomainSidFromAccountSid(), CreateSidFromSidAndRid(), DetermineSIDSize(), GetBuiltinDomainSid(), GetNtAuthorityDomainSid(), GetSidLengthRequired(), LsapCopyLocalGroups(), LsapCopySid(), LsapCreateSid(), RtlAllocateAndInitializeSid(), RtlDefaultNpAcl(), SampInitializeSAM(), ScAllocateAndInitializeSid(), ScDomainIdToSid(), ScmCreateSids(), SeCaptureSidAndAttributesArray(), SepCaptureSid(), SepInitSecurityIDs(), and START_TEST().

RtlLengthSid()

ULONG NTAPI RtlLengthSid

(

IN PSID

Sid_

)

Definition at line 150 of file sid.c.

{
    PISID Sid = Sid_;
    PAGED_CODE_RTL();

    /* The offset to the last index + 1 (since it's a count) is the length */
    return (ULONG)FIELD_OFFSET(SID,
                               SubAuthority[Sid->SubAuthorityCount]);
}

Referenced by _IRQL_requires_max_(), BuildUserInfoBuffer(), CheckSid__(), CheckTokenMembership(), CmpQuerySecurityDescriptor(), CopySystemProfile(), CreateBaseAcls(), CsrCreateLocalSystemSD(), CsrSetProcessSecurity(), DsEnumerateDomainTrustsA(), GetAccountDomainSid(), GetDosDevicesProtection(), GetLengthSid(), GetSiteSidFromToken(), GetUserSid(), GetUserSidStringFromToken(), K32CreateDBMonMutex(), LsapAddDefaultGroups(), LsapAddDomainToDomainsList(), LsapAddTokenDefaultDacl(), LsapCopyLocalGroups(), LsapCreateAccountSd(), LsapCreateDatabaseObjects(), LsapCreatePolicySd(), LsapCreateSecretSd(), LsapGetLogonSessionData(), LsapSetLogonSessionData(), LsapSetTokenOwner(), LsarSetAccountDomain(), LsarSetPrimaryDomain(), MiCreateMemoryEvent(), NetLocalGroupGetMembers(), NetUserModalsGet(), NtCreatePagingFile(), NtQueryInformationToken(), ObpCreateKernelObjectsSD(), ObpGetDosDevicesProtection(), RtlCopySid(), RtlCopySidAndAttributesArray(), RtlDefaultNpAcl(), RtlEqualSid(), RtlLengthSecurityDescriptor(), RtlLengthSidAndAttributes(), RtlpAddKnownAce(), RtlpAddKnownObjectAce(), RtlpQuerySecurityDescriptor(), RtlpSetSecurityObject(), RtlpSysVolCreateSecurityDescriptor(), RtlSelfRelativeToAbsoluteSD(), RtlValidAcl(), RtlValidRelativeSecurityDescriptor(), RtlxAddAuditAccessAceEx(), RtlxAddMandatoryLabelAceEx(), SampAddMemberToAlias(), SampCreateAccountDomainSD(), SampCreateAliasSD(), SampCreateBuiltinDomainSD(), SampCreateGroupSD(), SampCreateServerSD(), SampCreateUserSD(), SampSetupAddMemberToAlias(), SampSetupCreateDomain(), ScmCreateAcls(), SeCaptureSidAndAttributesArray(), SepCreateImpersonationTokenDacl(), SepCreateToken(), SepInitDACLs(), SepInitializationPhase1(), SepPropagateAcl(), SeQueryInformationToken(), SeSetWorldSecurityDescriptor(), SmpCreateSecurityDescriptors(), TestSeAssignSecurity(), and uid_to_sid().

RtlSubAuthorityCountSid()

PUCHAR NTAPI RtlSubAuthorityCountSid

(

IN PSID

Sid_

)

Definition at line 104 of file sid.c.

{
    PISID Sid =  Sid_;
    PAGED_CODE_RTL();

    /* Return the offset to the count */
    return &Sid->SubAuthorityCount;
}

Referenced by AppendRidToSid(), BuildSidFromSidAndRid(), CopySidFromSidAndRid(), CreateDomainSidFromAccountSid(), CreateSidFromSidAndRid(), GetSidSubAuthorityCount(), LsapAppendRidToSid(), LsapCopySid(), SampGetRidFromSid(), and ScDomainIdToSid().

RtlSubAuthoritySid()

PULONG NTAPI RtlSubAuthoritySid	(	IN PSID	Sid_,
		IN ULONG	SubAuthority
	)

Definition at line 89 of file sid.c.

{
    PISID Sid = Sid_;
    PAGED_CODE_RTL();

    /* Return the offset */
    return (PULONG)&Sid->SubAuthority[SubAuthority];
}

Referenced by SepInitSecurityIDs().

RtlValidSid()

BOOLEAN NTAPI RtlValidSid

(

IN PSID

Sid_

)

Definition at line 21 of file sid.c.

{
    PISID Sid = Sid_;
    PAGED_CODE_RTL();

    /* Use SEH in case any pointer is invalid */
    _SEH2_TRY
    {
        /* Validate the revision and subauthority count */
        if ((Sid) &&
            (((Sid->Revision & 0xF) != SID_REVISION) ||
             (Sid->SubAuthorityCount > SID_MAX_SUB_AUTHORITIES)))
        {
            /* It's not, fail */
            _SEH2_YIELD(return FALSE);
        }
    }
    _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
    {
        /* Access violation, SID is not valid */
        _SEH2_YIELD(return FALSE);
    }
    _SEH2_END;

    /* All good */
    return TRUE;
}

Referenced by CheckSid__(), CmpHiveRootSecurityDescriptor(), ConvertSidToStringSidW(), IsValidSid(), LsarAddAccountRights(), LsarCreateAccount(), LsarOpenAccount(), LsarRemoveAccountRights(), pSetSecurityInfoCheck(), RtlConvertSidToUnicodeString(), RtlpAddKnownAce(), RtlpAddKnownObjectAce(), RtlpSetSecurityObject(), RtlValidRelativeSecurityDescriptor(), RtlValidSecurityDescriptor(), SeCaptureSecurityDescriptor(), SeCaptureSidAndAttributesArray(), SeReportSecurityEvent(), and TestsSeQueryInformationToken().