src/shared/Communication.cpp - Issue 5792731695677440: Fix named pipe security on Windows 7

Keyboard Shortcuts

	File
u :	up to issue
m :	publish + mail comments
M :	edit review message
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line
<Enter> :	respond to / edit current comment
d :	mark current comment as done

	Issue
u :	up to list of issues
m :	publish + mail comments
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue
# :	close issue

	Comment/message editing
<Ctrl> + s or <Ctrl> + Enter :	save comment
<Esc> :	cancel edit

Delta Between Two Patch Sets: src/shared/Communication.cpp

Issue 5792731695677440: Fix named pipe security on Windows 7 (Closed)

Left Patch Set: Nits addressed Created July 17, 2014, 5:11 p.m.

Right Patch Set: Hide the spelling fail Created July 18, 2014, 12:47 p.m.

Left:
Right:

Use n/p to move between diff chunks; N/P to move between comments.

Jump to:

Left: Side by side diff | Download
Right: Side by side diff | Download

LEFT	RIGHT
1 #include <Windows.h>	1 #include <Windows.h>

2 #include <Lmcons.h>	2 #include <Lmcons.h>

3 #include <Sddl.h>	3 #include <Sddl.h>

4 #include <aclapi.h>	4 #include <aclapi.h>

5 #include <strsafe.h>	5 #include <strsafe.h>

6	6

7 #include "AutoHandle.h"	7 #include "AutoHandle.h"

8 #include "Communication.h"	8 #include "Communication.h"

9 #include "Utils.h"	9 #include "Utils.h"

10	10

(...skipping 90 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
101 PACL acl = 0;	101 PACL acl = 0;

102 if (SetEntriesInAcl(2, explicitAccess, 0, &acl) != ERROR_SUCCESS)	102 if (SetEntriesInAcl(2, explicitAccess, 0, &acl) != ERROR_SUCCESS)

103 return std::auto_ptr<SECURITY_DESCRIPTOR>(0);	103 return std::auto_ptr<SECURITY_DESCRIPTOR>(0);

104	104

105 // NOTE: This only references the acl, not copies it.	105 // NOTE: This only references the acl, not copies it.

106 // DO NOT release the ACL before it's actually used	106 // DO NOT release the ACL before it's actually used

107 if (!SetSecurityDescriptorDacl(securityDescriptor.get(), TRUE, acl, FALSE) )	107 if (!SetSecurityDescriptorDacl(securityDescriptor.get(), TRUE, acl, FALSE) )

108 return std::auto_ptr<SECURITY_DESCRIPTOR>(0);	108 return std::auto_ptr<SECURITY_DESCRIPTOR>(0);

109 }	109 }

110	110

111 // Create a dummy security descriptor with low integrirty preset and reffere nce its SACL in ours	111 // Create a dummy security descriptor with low integrirty preset and referen ce its SACL in ours

112 LPCWSTR accessControlEntry = L"S:(ML;;NW;;;LW)";	112 LPCWSTR accessControlEntry = L"S:(ML;;NW;;;LW)";

113 PSECURITY_DESCRIPTOR dummySecurityDescriptorLow;	113 PSECURITY_DESCRIPTOR dummySecurityDescriptorLow;

114 ConvertStringSecurityDescriptorToSecurityDescriptorW(accessControlEntry, SDD L_REVISION_1, &dummySecurityDescriptorLow, 0);	114 ConvertStringSecurityDescriptorToSecurityDescriptorW(accessControlEntry, SDD L_REVISION_1, &dummySecurityDescriptorLow, 0);

115 std::tr1::shared_ptr<SECURITY_DESCRIPTOR> sharedDummySecurityDescriptor(stat ic_cast<SECURITY_DESCRIPTOR*>(dummySecurityDescriptorLow), LocalFree); // Just t o simplify cleanup	115 std::tr1::shared_ptr<SECURITY_DESCRIPTOR> sharedDummySecurityDescriptor(stat ic_cast<SECURITY_DESCRIPTOR*>(dummySecurityDescriptorLow), LocalFree); // Just t o simplify cleanup

116	116

117 DWORD sdSize(0), saclSize(0), daclSize(0), ownerSize(0), primaryGroupSize(0) ;	117 DWORD sdSize(0), saclSize(0), daclSize(0), ownerSize(0), primaryGroupSize(0) ;

118 MakeAbsoluteSD(dummySecurityDescriptorLow, 0, &sdSize, 0, &daclSize, 0, &sac lSize, 0, &ownerSize, 0, &primaryGroupSize);	118 MakeAbsoluteSD(dummySecurityDescriptorLow, 0, &sdSize, 0, &daclSize, 0, &sac lSize, 0, &ownerSize, 0, &primaryGroupSize);

119 if (saclSize == 0 \|\| sdSize == 0)	119 if (saclSize == 0 \|\| sdSize == 0)

120 {	120 {

121 return std::auto_ptr<SECURITY_DESCRIPTOR>(0);	121 return std::auto_ptr<SECURITY_DESCRIPTOR>(0);

(...skipping 170 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
292 return Communication::InputBuffer(stream.str());	292 return Communication::InputBuffer(stream.str());

293 }	293 }

294	294

295 void Communication::Pipe::WriteMessage(Communication::OutputBuffer& message)	295 void Communication::Pipe::WriteMessage(Communication::OutputBuffer& message)

296 {	296 {

297 DWORD bytesWritten;	297 DWORD bytesWritten;

298 std::string data = message.Get();	298 std::string data = message.Get();

299 if (!WriteFile(pipe, data.c_str(), static_cast<DWORD>(data.length()), &bytesWr itten, 0))	299 if (!WriteFile(pipe, data.c_str(), static_cast<DWORD>(data.length()), &bytesWr itten, 0))

300 throw std::runtime_error("Failed to write to pipe");	300 throw std::runtime_error("Failed to write to pipe");

301 }	301 }

LEFT	RIGHT