ReactOS 0.4.15-dev-5672-gf73ac17
NtSetInformationToken.c
Go to the documentation of this file.
1/*
2 * PROJECT: ReactOS API tests
3 * LICENSE: GPL-2.0-or-later (https://spdx.org/licenses/GPL-2.0-or-later)
4 * PURPOSE: Tests for the NtSetInformationToken API
5 * COPYRIGHT: Copyright 2022 George Bișoc <george.bisoc@reactos.org>
6 */
7
8#include "precomp.h"
9
10static
13{
16
19 &Token);
20 if (!Success)
21 {
22 ok(0, "OpenProcessToken() has failed to get the process' token (error code: %lu)!\n", GetLastError());
23 return NULL;
24 }
25
26 return Token;
27}
28
29static
33 _Out_ PULONG DaclLength)
34{
38
39 *DaclLength = 0;
40
43 NULL,
44 0,
47 {
48 ok(0, "Failed to query buffer length, STATUS_BUFFER_TOO_SMALL has to be expected (Status code %lx)!\n", Status);
49 return NULL;
50 }
51
52 Dacl = RtlAllocateHeap(RtlGetProcessHeap(), 0, BufferLength);
53 if (!Dacl)
54 {
55 ok(0, "Failed to allocate from heap for token default DACL (required buffer length %lu)!\n", BufferLength);
56 return NULL;
57 }
58
61 Dacl,
64 if (!NT_SUCCESS(Status))
65 {
66 ok(0, "Failed to query default DACL (Status code %lx)!\n", Status);
67 RtlFreeHeap(RtlGetProcessHeap(), 0, Dacl);
68 return NULL;
69 }
70
71 *DaclLength = BufferLength;
72 return Dacl;
73}
74
75static
76PACL
78 _Out_ PULONG DaclLength)
79{
81 PACL Dacl;
85
86 *DaclLength = 0;
87
89 1,
91 0, 0, 0, 0, 0, 0, 0,
93 if (!NT_SUCCESS(Status))
94 {
95 ok(0, "Failed to allocate Local System SID (Status code %lx)!\n", Status);
96 return NULL;
97 }
98
99 Length = sizeof(ACL) +
101
102 Dacl = RtlAllocateHeap(RtlGetProcessHeap(),
104 Length);
105 if (!Dacl)
106 {
107 ok(0, "Failed to allocate from heap for DACL!\n");
108 RtlFreeHeap(RtlGetProcessHeap(), 0, LocalSystemSid);
109 return NULL;
110 }
111
113 Length,
115 if (!NT_SUCCESS(Status))
116 {
117 ok(0, "Failed to create ACL (Status code %lx)!\n", Status);
118 RtlFreeHeap(RtlGetProcessHeap(), 0, LocalSystemSid);
119 RtlFreeHeap(RtlGetProcessHeap(), 0, Dacl);
120 return NULL;
121 }
122
127 if (!NT_SUCCESS(Status))
128 {
129 ok(0, "Failed to add access allowed ACE (Status code %lx)!\n", Status);
130 RtlFreeHeap(RtlGetProcessHeap(), 0, LocalSystemSid);
131 RtlFreeHeap(RtlGetProcessHeap(), 0, Dacl);
132 return NULL;
133 }
134
135 *DaclLength = Length;
136 RtlFreeHeap(RtlGetProcessHeap(), 0, LocalSystemSid);
137 return Dacl;
138}
139
140static
141VOID
144{
146 PACL NewDacl;
147 TOKEN_DEFAULT_DACL NewDefaultDacl;
148 PTOKEN_DEFAULT_DACL DefaultDacl;
149 ULONG OriginalDaclLength, NewDaclLength;
150
151 /*
152 * Query the original DACL of the token first,
153 * we don't want to leave the token tampered
154 * later on.
155 */
156 DefaultDacl = QueryOriginalDefaultDacl(Token, &OriginalDaclLength);
157 if (!DefaultDacl)
158 {
159 ok(0, "Failed to query token's default DACL!\n");
160 return;
161 }
162
163 /* Allocate new DACL */
164 NewDacl = CreateNewDefaultDacl(&NewDaclLength);
165 if (!DefaultDacl)
166 {
167 ok(0, "Failed to allocate buffer for new DACL!\n");
168 RtlFreeHeap(RtlGetProcessHeap(), 0, DefaultDacl);
169 return;
170 }
171
172 NewDefaultDacl.DefaultDacl = NewDacl;
173
174 /*
175 * Set a new DACL for the token.
176 */
179 &NewDefaultDacl,
180 NewDaclLength);
182
183 /* Now set the original DACL */
186 DefaultDacl,
187 OriginalDaclLength);
189
190 RtlFreeHeap(RtlGetProcessHeap(), 0, DefaultDacl);
191 RtlFreeHeap(RtlGetProcessHeap(), 0, NewDacl);
192}
193
194static
195VOID
198{
200 ULONG SessionId = 1;
201
202 /*
203 * We're not allowed to set a session ID
204 * because we don't have the TCB privilege.
205 */
208 &SessionId,
209 sizeof(ULONG));
211}
212
214{
216 ULONG DummyReturnLength = 0;
218
219 /* Everything else is NULL */
222 NULL,
223 0);
225
226 /* We don't give a token */
229 NULL,
230 DummyReturnLength);
232
234
235 /* We give a bogus token class */
237 0xa0a,
238 NULL,
239 DummyReturnLength);
241
242 /* Now perform tests for each class */
245
247}
#define STATUS_PRIVILEGE_NOT_HELD
Definition: DriverTester.h:9
static VOID SetTokenDefaultDaclTests(_In_ HANDLE Token)
static PACL CreateNewDefaultDacl(_Out_ PULONG DaclLength)
static HANDLE OpenCurrentToken(VOID)
static VOID SetTokenSessionIdTests(_In_ HANDLE Token)
static PTOKEN_DEFAULT_DACL QueryOriginalDefaultDacl(_In_ HANDLE Token, _Out_ PULONG DaclLength)
#define ok_ntstatus(status, expected)
Definition: atltest.h:135
#define ok(value,...)
Definition: atltest.h:57
#define START_TEST(x)
Definition: atltest.h:75
LONG NTSTATUS
Definition: precomp.h:26
PSID LocalSystemSid
Definition: globals.c:16
static SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: security.c:40
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
#define NULL
Definition: types.h:112
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
BOOL WINAPI OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle)
Definition: security.c:296
#define CloseHandle
Definition: compat.h:739
#define GetCurrentProcess()
Definition: compat.h:759
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
ULONG SessionId
Definition: dllmain.c:28
@ Success
Definition: eventcreate.c:712
unsigned int BOOL
Definition: ntddk_ex.h:94
Status
Definition: gdiplustypes.h:25
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
struct _ACL ACL
#define _Out_
Definition: ms_sal.h:345
#define _In_
Definition: ms_sal.h:308
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1593
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
#define GENERIC_ALL
Definition: nt_native.h:92
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
#define STATUS_INVALID_HANDLE
Definition: ntstatus.h:245
#define STATUS_INVALID_INFO_CLASS
Definition: ntstatus.h:240
#define STATUS_SUCCESS
Definition: shellext.h:65
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength)
Queries a specific type of information in regard of an access token based upon the information class....
Definition: tokencls.c:473
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtSetInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _In_reads_bytes_(TokenInformationLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength)
Sets (modifies) some specific information in regard of an access token. The calling thread must have ...
Definition: tokencls.c:1125
uint32_t * PULONG
Definition: typedefs.h:59
uint32_t ULONG
Definition: typedefs.h:59
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3771
DWORD WINAPI GetLastError(void)
Definition: except.c:1040
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:574
#define TOKEN_ADJUST_SESSIONID
Definition: setypes.h:929
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:554
@ TokenDefaultDacl
Definition: setypes.h:967
@ TokenSessionId
Definition: setypes.h:973
@ TokenOwner
Definition: setypes.h:965
#define TOKEN_ADJUST_DEFAULT
Definition: setypes.h:928
#define TOKEN_READ
Definition: setypes.h:947
#define ACL_REVISION
Definition: setypes.h:39