ReactOS 0.4.16-dev-334-g4d9f67c
SeQueryInfoToken.c File Reference
#include <kmt_test.h>
#include <ntifs.h>
#include <debug.h>
Include dependency graph for SeQueryInfoToken.c:

Go to the source code of this file.

Macros

#define NDEBUG
 

Functions

void TestsSeQueryInformationToken (PACCESS_TOKEN Token)
 
 START_TEST (SeQueryInfoToken)
 

Variables

static GENERIC_MAPPING ProcessGenericMapping
 

Macro Definition Documentation

◆ NDEBUG

#define NDEBUG

Definition at line 13 of file SeQueryInfoToken.c.

Function Documentation

◆ START_TEST()

START_TEST ( SeQueryInfoToken  )

Definition at line 224 of file SeQueryInfoToken.c.

225{
230 PAUX_ACCESS_DATA AuxData = NULL;
231 PPRIVILEGE_SET NewPrivilegeSet;
232 ULONG InitialPrivilegeCount;
233 BOOLEAN Checker;
237 PTOKEN_PRIVILEGES TPrivileges;
239 ULONG i;
240
242
246
247 // Testing SQIT with current Token
249
250 //----------------------------------------------------------------//
251 // Creating an ACCESS_STATE structure //
252 //----------------------------------------------------------------//
253
255 // AUX_ACCESS_DATA gets larger in newer Windows version.
256 // This is the largest known size, found in Windows 10/11.
257 AuxData = ExAllocatePoolZero(PagedPool, 0xE0, 'QSmK');
258
260 AuxData,
263 );
264
265 ok((Status == STATUS_SUCCESS), "SeCreateAccessState failed with Status 0x%08X\n", Status);
266
267 SeCaptureSubjectContext(&AccessState->SubjectSecurityContext);
268 SeLockSubjectContext(&AccessState->SubjectSecurityContext);
269 Token = SeQuerySubjectContextToken(&AccessState->SubjectSecurityContext);
270
271 // Testing SQIT with AccessState Token
273
274 //----------------------------------------------------------------//
275 // Testing other functions //
276 //----------------------------------------------------------------//
277
278 //----------------------------------------------------------------//
279 // Testing SeAppendPrivileges //
280 //----------------------------------------------------------------//
281
282 InitialPrivilegeCount = AuxData->PrivilegesUsed->PrivilegeCount;
283 trace("Initial privilege count = %lu\n", InitialPrivilegeCount);
284
285 // Testing SeAppendPrivileges. Must change PrivilegeCount to 2 (1 + 1)
286
287 NewPrivilegeSet = ExAllocatePoolZero(PagedPool,
289 'QSmK');
290 NewPrivilegeSet->PrivilegeCount = 1;
291
292 Status = SeAppendPrivileges(AccessState, NewPrivilegeSet);
293 ok(Status == STATUS_SUCCESS, "SeAppendPrivileges failed\n");
294 ok_eq_ulong(AuxData->PrivilegesUsed->PrivilegeCount, InitialPrivilegeCount + 1);
295 ExFreePoolWithTag(NewPrivilegeSet, 'QSmK');
296
297 //----------------------------------------------------------------//
298
299 // Testing SeAppendPrivileges. Must change PrivilegeCount to 6 (2 + 4)
300
301 NewPrivilegeSet = ExAllocatePoolZero(PagedPool,
303 'QSmK');
304 NewPrivilegeSet->PrivilegeCount = 4;
305
306 Status = SeAppendPrivileges(AccessState, NewPrivilegeSet);
307 ok(Status == STATUS_SUCCESS, "SeAppendPrivileges failed\n");
308 ok_eq_ulong(AuxData->PrivilegesUsed->PrivilegeCount, InitialPrivilegeCount + 5);
309 ExFreePoolWithTag(NewPrivilegeSet, 'QSmK');
310
311 //----------------------------------------------------------------//
312 // Testing SePrivilegeCheck //
313 //----------------------------------------------------------------//
314
315 // KPROCESSOR_MODE is set to KernelMode ===> Always return TRUE
316 ok(SePrivilegeCheck(AuxData->PrivilegesUsed, &(AccessState->SubjectSecurityContext), KernelMode), "SePrivilegeCheck failed with KernelMode mode arg\n");
317 // and call it again
318 ok(SePrivilegeCheck(AuxData->PrivilegesUsed, &(AccessState->SubjectSecurityContext), KernelMode), "SePrivilegeCheck failed with KernelMode mode arg\n");
319
320 //----------------------------------------------------------------//
321
322 // KPROCESSOR_MODE is set to UserMode. Expect false
323 ok(!SePrivilegeCheck(AuxData->PrivilegesUsed, &(AccessState->SubjectSecurityContext), UserMode), "SePrivilegeCheck unexpected success with UserMode arg\n");
324
325 //----------------------------------------------------------------//
326
327 //----------------------------------------------------------------//
328 // Testing SeFreePrivileges //
329 //----------------------------------------------------------------//
330
331 // FIXME: KernelMode will automatically get all access granted without
332 // getting Privileges filled in. For UserMode, Privileges will only get
333 // filled if either WRITE_OWNER or ACCESS_SYSTEM_SECURITY is requested
334 // and granted. So this doesn't really test SeFreePrivileges.
336 Checker = SeAccessCheck(
337 AccessState->SecurityDescriptor,
338 &AccessState->SubjectSecurityContext,
339 FALSE,
340 AccessState->OriginalDesiredAccess,
341 AccessState->PreviouslyGrantedAccess,
342 &Privileges,
345 &AccessMask,
346 &Status
347 );
348 ok(Checker, "Checker is NULL\n");
349 ok(Privileges == NULL, "Privileges is not NULL\n");
350 if (Privileges)
351 {
352 trace("AuxData->PrivilegesUsed->PrivilegeCount = %d ; Privileges->PrivilegeCount = %d\n",
353 AuxData->PrivilegesUsed->PrivilegeCount, Privileges->PrivilegeCount);
354 }
356
357
358 //----------------------------------------------------------------//
359 // Testing SePrivilegeCheck //
360 //----------------------------------------------------------------//
361 // I'm trying to make success call of SePrivilegeCheck from UserMode
362 // If we sets Privileges properly, can we expect true from SePrivilegeCheck?
363 // answer: yes
364 // This test demonstrates it
365
366 Buffer = NULL;
368 if (Status == STATUS_SUCCESS)
369 {
370 ok(Buffer != NULL, "Wrong. SQIT call was successful with TokenPrivileges arg. But Buffer == NULL\n");
371 if (Buffer)
372 {
373 TPrivileges = (PTOKEN_PRIVILEGES)(Buffer);
374 //trace("TPCount = %u\n\n", TPrivileges->PrivilegeCount);
375
376 NewPrivilegeSet = ExAllocatePoolZero(PagedPool,
378 'QSmK');
379 NewPrivilegeSet->PrivilegeCount = 14;
380
381 ok((SeAppendPrivileges(AccessState, NewPrivilegeSet)) == STATUS_SUCCESS, "SeAppendPrivileges failed\n");
382 ok_eq_ulong(AuxData->PrivilegesUsed->PrivilegeCount, InitialPrivilegeCount + 19);
383 ExFreePoolWithTag(NewPrivilegeSet, 'QSmK');
384 for (i = 0; i < AuxData->PrivilegesUsed->PrivilegeCount; i++)
385 {
386 AuxData->PrivilegesUsed->Privilege[i].Attributes = TPrivileges->Privileges[i].Attributes;
387 AuxData->PrivilegesUsed->Privilege[i].Luid = TPrivileges->Privileges[i].Luid;
388 }
389 //trace("AccessState->privCount = %u\n\n", ((PAUX_ACCESS_DATA)(AccessState->AuxData))->PrivilegesUsed->PrivilegeCount);
390
391 ok(SePrivilegeCheck(AuxData->PrivilegesUsed, &(AccessState->SubjectSecurityContext), UserMode), "SePrivilegeCheck fails in UserMode, but I wish it will success\n");
392 }
393 }
394
395 // Call SeFreePrivileges again
396
397 // FIXME: See other SeAccessCheck call above, we're not really testing
398 // SeFreePrivileges here.
400 Checker = SeAccessCheck(
401 AccessState->SecurityDescriptor,
402 &AccessState->SubjectSecurityContext,
403 TRUE,
404 AccessState->OriginalDesiredAccess,
405 AccessState->PreviouslyGrantedAccess,
406 &Privileges,
409 &AccessMask,
410 &Status
411 );
412 ok(Checker, "Checker is NULL\n");
413 ok(Privileges == NULL, "Privileges is not NULL\n");
414 if (Privileges)
415 {
416 trace("AuxData->PrivilegesUsed->PrivilegeCount = %d ; Privileges->PrivilegeCount = %d\n",
417 AuxData->PrivilegesUsed->PrivilegeCount, Privileges->PrivilegeCount);
418 }
420
421 //----------------------------------------------------------------//
422 // Missing for now //
423 //----------------------------------------------------------------//
424
425 SeUnlockSubjectContext(&AccessState->SubjectSecurityContext);
427
429
431 if (AuxData) ExFreePoolWithTag(AuxData, 'QSmK');
433}
unsigned char BOOLEAN
void TestsSeQueryInformationToken(PACCESS_TOKEN Token)
static GENERIC_MAPPING ProcessGenericMapping
BOOLEAN NTAPI SeAccessCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext, _In_ BOOLEAN SubjectContextLocked, _In_ ACCESS_MASK DesiredAccess, _In_ ACCESS_MASK PreviouslyGrantedAccess, _Out_ PPRIVILEGE_SET *Privileges, _In_ PGENERIC_MAPPING GenericMapping, _In_ KPROCESSOR_MODE AccessMode, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
Determines whether security access rights can be given to an object depending on the security descrip...
Definition: accesschk.c:1994
#define ok_eq_ulong(value, expected)
Definition: apitest.h:63
#define trace
Definition: atltest.h:70
#define ok(value,...)
Definition: atltest.h:57
LONG NTSTATUS
Definition: precomp.h:26
Definition: bufpool.h:45
#define NULL
Definition: types.h:112
#define TRUE
Definition: types.h:120
#define FALSE
Definition: types.h:117
#define ExFreePool(addr)
Definition: env_spec_w32.h:352
#define PagedPool
Definition: env_spec_w32.h:308
#define ExAllocatePool(type, size)
Definition: fbtusb.h:44
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2246
Status
Definition: gdiplustypes.h:25
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1109
FORCEINLINE PVOID ExAllocatePoolZero(ULONG PoolType, SIZE_T NumberOfBytes, ULONG Tag)
Definition: precomp.h:45
#define KernelMode
Definition: asm.h:34
#define UserMode
Definition: asm.h:35
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
ULONG ACCESS_MASK
Definition: nt_native.h:40
#define MAXIMUM_ALLOWED
Definition: nt_native.h:83
VOID NTAPI SeDeleteAccessState(_In_ PACCESS_STATE AccessState)
Deletes an allocated access state from the memory.
Definition: access.c:150
NTSTATUS NTAPI SeCreateAccessState(_Out_ PACCESS_STATE AccessState, _Out_ __drv_aliasesMem PAUX_ACCESS_DATA AuxData, _In_ ACCESS_MASK Access, _In_ PGENERIC_MAPPING GenericMapping)
Creates an access state.
Definition: access.c:121
BOOLEAN NTAPI SePrivilegeCheck(_In_ PPRIVILEGE_SET Privileges, _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ KPROCESSOR_MODE PreviousMode)
Checks if a set of privileges exist and match within a security subject context.
Definition: priv.c:698
VOID NTAPI SeFreePrivileges(_In_ PPRIVILEGE_SET Privileges)
Frees a set of privileges.
Definition: priv.c:669
NTSTATUS NTAPI SeAppendPrivileges(_Inout_ PACCESS_STATE AccessState, _In_ PPRIVILEGE_SET Privileges)
Appends additional privileges.
Definition: priv.c:588
#define STATUS_SUCCESS
Definition: shellext.h:65
PPRIVILEGE_SET PrivilegesUsed
Definition: setypes.h:258
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88
$ULONG PrivilegeCount
Definition: setypes.h:86
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY]
Definition: setypes.h:1024
VOID NTAPI SeLockSubjectContext(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Locks both the referenced primary and client access tokens of a security subject context.
Definition: subject.c:107
VOID NTAPI SeUnlockSubjectContext(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Unlocks both the referenced primary and client access tokens of a security subject context.
Definition: subject.c:138
VOID NTAPI SeCaptureSubjectContext(_Out_ PSECURITY_SUBJECT_CONTEXT SubjectContext)
Captures the security subject context of the calling thread and calling process.
Definition: subject.c:85
NTSTATUS NTAPI SeQueryInformationToken(_In_ PACCESS_TOKEN AccessToken, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Outptr_result_buffer_(_Inexpressible_(token-dependent)) PVOID *TokenInformation)
Queries information details about the given token to the call. The difference between NtQueryInformat...
Definition: tokencls.c:95
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
uint32_t ULONG
Definition: typedefs.h:59
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
Definition: user_lib.cpp:531
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2658
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:17
#define SeQuerySubjectContextToken(SubjectContext)
Definition: sefuncs.h:583
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:417
@ TokenPrivileges
Definition: setypes.h:968
struct _TOKEN_PRIVILEGES * PTOKEN_PRIVILEGES

◆ TestsSeQueryInformationToken()

void TestsSeQueryInformationToken ( PACCESS_TOKEN  Token)

Definition at line 35 of file SeQueryInfoToken.c.

36{
39 PSID sid;
40 PTOKEN_OWNER Towner;
41 PTOKEN_DEFAULT_DACL TDefDacl;
42 PTOKEN_GROUPS TGroups;
43 ULONG GroupCount;
44 PACL acl;
45 PTOKEN_STATISTICS TStats;
46 PTOKEN_TYPE TType;
47 PTOKEN_USER TUser;
49 ULONG i;
50
51 //----------------------------------------------------------------//
52 // Testing SeQueryInformationToken with various args //
53 //----------------------------------------------------------------//
54
55 ok(Token != NULL, "Token is not captured. Testing SQIT interrupted\n\n");
56
57 if (Token == NULL) return;
58
60 ok((Status == STATUS_SUCCESS), "SQIT with TokenOwner arg fails with status 0x%08X\n", Status);
62 {
63 ok(Buffer != NULL, "Wrong. SQIT call was successful with TokenOwner arg. But Buffer == NULL\n");
64
65 if (Buffer)
66 {
67 Towner = (TOKEN_OWNER *)Buffer;
68 sid = Towner->Owner;
69 ok((RtlValidSid(sid) == TRUE), "TokenOwner's SID is not a valid SID\n");
71 }
72 }
73
74 //----------------------------------------------------------------//
75
76 Buffer = NULL;
78 ok(Status == STATUS_SUCCESS, "SQIT with TokenDefaultDacl fails with status 0x%08X\n", Status);
80 {
81 ok(Buffer != NULL, "Wrong. SQIT call was successful with TokenDefaultDacl arg. But Buffer == NULL\n");
82 if (Buffer)
83 {
84 TDefDacl = (PTOKEN_DEFAULT_DACL)Buffer;
85 acl = TDefDacl->DefaultDacl;
86 ok(((acl->AclRevision == ACL_REVISION || acl->AclRevision == ACL_REVISION_DS) == TRUE), "DACL is invalid\n");
88 }
89 }
90
91 //----------------------------------------------------------------//
92
93 Buffer = NULL;
95 ok(Status == STATUS_SUCCESS, "SQIT with TokenGroups fails with status 0x%08X\n", Status);
97 {
98 ok(Buffer != NULL, "Wrong. SQIT call was successful with TokenGroups arg. But Buffer == NULL\n");
99 if (Buffer)
100 {
101 TGroups = (PTOKEN_GROUPS)Buffer;
102 GroupCount = TGroups->GroupCount;
103 Flag = TRUE;
104 for (i = 0; i < GroupCount; i++)
105 {
106 sid = TGroups->Groups[i].Sid;
107 if (!RtlValidSid(sid))
108 {
109 Flag = FALSE;
110 break;
111 }
112 }
113 ok((Flag == TRUE), "TokenGroup's SIDs are not valid\n");
115 }
116 }
117
118 //----------------------------------------------------------------//
119
120 // Call SQIT with TokenImpersonationLevel argument. Although our token
121 // is not an impersonation token, the call will outright fail.
122
123 Buffer = NULL;
125 ok(Status == STATUS_INVALID_INFO_CLASS, "SQIT with TokenImpersonationLevel must return STATUS_INVALID_INFO_CLASS but got 0x%08X\n", Status);
126 ok(Buffer == NULL, "SQIT has failed to query the impersonation level but buffer is not NULL!\n");
127
128 //----------------------------------------------------------------//
129
130 // Call SQIT with the 4 classes (TokenOrigin, TokenGroupsAndPrivileges,
131 // TokenRestrictedSids and TokenSandBoxInert) are not supported by
132 // SeQueryInformationToken (only NtQueryInformationToken supports them).
133 //
134
135 Buffer = NULL;
137 ok(Status == STATUS_INVALID_INFO_CLASS, "SQIT with TokenOrigin failed with Status 0x%08X; expected STATUS_INVALID_INFO_CLASS\n", Status);
138 ok(Buffer == NULL, "Wrong. SQIT call failed. But Buffer != NULL\n");
139
140 Buffer = NULL;
142 ok(Status == STATUS_INVALID_INFO_CLASS, "SQIT with TokenGroupsAndPrivileges failed with Status 0x%08X; expected STATUS_INVALID_INFO_CLASS\n", Status);
143 ok(Buffer == NULL, "Wrong. SQIT call failed. But Buffer != NULL\n");
144
145 Buffer = NULL;
147 ok(Status == STATUS_INVALID_INFO_CLASS, "SQIT with TokenRestrictedSids failed with Status 0x%08X; expected STATUS_INVALID_INFO_CLASS\n", Status);
148 ok(Buffer == NULL, "Wrong. SQIT call failed. But Buffer != NULL\n");
149
150 Buffer = NULL;
152 ok(Status == STATUS_INVALID_INFO_CLASS, "SQIT with TokenSandBoxInert failed with Status 0x%08X; expected STATUS_INVALID_INFO_CLASS\n", Status);
153 ok(Buffer == NULL, "Wrong. SQIT call failed. But Buffer != NULL\n");
154
155 //----------------------------------------------------------------//
156
157 Buffer = NULL;
159 ok(Status == STATUS_SUCCESS, "SQIT with TokenStatistics fails with status 0x%08X\n", Status);
160 if (Status == STATUS_SUCCESS)
161 {
162 ok(Buffer != NULL, "Wrong. SQIT call was successful with TokenStatistics arg. But Buffer == NULL\n");
163 if (Buffer)
164 {
165 TStats = (PTOKEN_STATISTICS)Buffer;
166 // just put 0 into 1st arg or use trace to print TokenStatistics
167 ok(1, "print statistics:\n\tTokenID = %u_%d\n\tSecurityImperLevel = %d\n\tPrivCount = %d\n\tGroupCount = %d\n\n", TStats->TokenId.LowPart,
168 TStats->TokenId.HighPart,
169 TStats->ImpersonationLevel,
170 TStats->PrivilegeCount,
171 TStats->GroupCount
172 );
174 }
175 } else {
176 ok(Buffer == NULL, "Wrong. SQIT call failed. But Buffer != NULL\n");
177 }
178
179 //----------------------------------------------------------------//
180
181 Buffer = NULL;
183 ok(Status == STATUS_SUCCESS, "SQIT with TokenType fails with status 0x%08X\n", Status);
184 if (Status == STATUS_SUCCESS)
185 {
186 ok(Buffer != NULL, "Wrong. SQIT call was successful with TokenType arg. But Buffer == NULL\n");
187 if (Buffer)
188 {
189 TType = (PTOKEN_TYPE)Buffer;
190 ok((*TType == TokenPrimary || *TType == TokenImpersonation), "TokenType in not a primary nor impersonation. FAILED\n");
192 }
193 }
194
195 //----------------------------------------------------------------//
196
197 Buffer = NULL;
199 ok(Status == STATUS_SUCCESS, "SQIT with TokenUser fails\n");
200 if (Status == STATUS_SUCCESS)
201 {
202 ok(Buffer != NULL, "Wrong. SQIT call was successful with TokenUser arg. But Buffer == NULL\n");
203 if (Buffer)
204 {
205 TUser = (PTOKEN_USER)Buffer;
206 ok(RtlValidSid(TUser->User.Sid), "TokenUser has an invalid Sid\n");
208 }
209 }
210
211 //----------------------------------------------------------------//
212
213 Buffer = NULL;
215 ok(Status != STATUS_SUCCESS, "SQIT must fail with wrong TOKEN_INFORMATION_CLASS arg\n");
216}
FT_UInt sid
Definition: cffcmap.c:139
@ TokenImpersonation
Definition: imports.h:274
@ TokenPrimary
Definition: imports.h:273
NTSYSAPI BOOLEAN NTAPI RtlValidSid(IN PSID Sid)
Definition: sid.c:21
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:411
#define STATUS_INVALID_INFO_CLASS
Definition: ntstatus.h:240
Definition: xml2sdb.h:80
UCHAR AclRevision
Definition: ms-dtyp.idl:294
LONG HighPart
DWORD LowPart
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:1018
$ULONG GroupCount
Definition: setypes.h:1014
PSID Owner
Definition: setypes.h:1028
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: setypes.h:1090
$ULONG PrivilegeCount
Definition: setypes.h:1094
$ULONG GroupCount
Definition: setypes.h:1093
SID_AND_ATTRIBUTES User
Definition: setypes.h:1010
#define ACL_REVISION_DS
Definition: setypes.h:40
struct _TOKEN_GROUPS * PTOKEN_GROUPS
struct _TOKEN_STATISTICS * PTOKEN_STATISTICS
struct _TOKEN_DEFAULT_DACL * PTOKEN_DEFAULT_DACL
struct _TOKEN_USER * PTOKEN_USER
@ TokenDefaultDacl
Definition: setypes.h:971
@ TokenGroupsAndPrivileges
Definition: setypes.h:978
@ TokenStatistics
Definition: setypes.h:975
@ TokenImpersonationLevel
Definition: setypes.h:974
@ TokenSandBoxInert
Definition: setypes.h:980
@ TokenRestrictedSids
Definition: setypes.h:976
@ TokenGroups
Definition: setypes.h:967
@ TokenUser
Definition: setypes.h:966
@ TokenOrigin
Definition: setypes.h:982
@ TokenOwner
Definition: setypes.h:969
#define ACL_REVISION
Definition: setypes.h:39
enum _TOKEN_TYPE * PTOKEN_TYPE

Referenced by START_TEST().

Variable Documentation

◆ ProcessGenericMapping

GENERIC_MAPPING ProcessGenericMapping
static
Initial value:
=
{
}
#define PROCESS_SUSPEND_RESUME
Definition: pstypes.h:168
#define PROCESS_TERMINATE
Definition: pstypes.h:158
#define PROCESS_VM_READ
Definition: pstypes.h:162
#define PROCESS_QUERY_INFORMATION
Definition: pstypes.h:167
#define PROCESS_VM_WRITE
Definition: pstypes.h:163
#define PROCESS_CREATE_THREAD
Definition: pstypes.h:159
#define PROCESS_VM_OPERATION
Definition: pstypes.h:161
#define PROCESS_SET_INFORMATION
Definition: pstypes.h:166
#define PROCESS_CREATE_PROCESS
Definition: pstypes.h:164
#define PROCESS_SET_QUOTA
Definition: pstypes.h:165
#define PROCESS_DUP_HANDLE
#define SYNCHRONIZE
Definition: nt_native.h:61
#define PROCESS_ALL_ACCESS
Definition: nt_native.h:1324
#define STANDARD_RIGHTS_READ
Definition: nt_native.h:65
#define STANDARD_RIGHTS_WRITE
Definition: nt_native.h:66
#define STANDARD_RIGHTS_EXECUTE
Definition: nt_native.h:67

Definition at line 18 of file SeQueryInfoToken.c.

Referenced by START_TEST().