drew
/
acadia-newlib
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

* sec_acl.cc (setacl): Introduce bool array "invalid" to note the 

invalidation of incoming acl entries while iterating over them.
This commit is contained in:
Corinna Vinschen 2015-02-12 17:53:24 +00:00
parent b49934db7f
commit 1072cb2e7d
3 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
winsup/cygwin/ChangeLog
View File

@ -1,3 +1,8 @@
2015-02-12 Corinna Vinschen <corinna@vinschen.de>
* sec_acl.cc (setacl): Introduce bool array "invalid" to note the
invalidation of incoming acl entries while iterating over them.
2015-02-12 Corinna Vinschen <corinna@vinschen.de> 2015-02-12 Corinna Vinschen <corinna@vinschen.de>
* cygheap.h (cygheap_pwdgrp::get_home): Add dnsdomain parameter to * cygheap.h (cygheap_pwdgrp::get_home): Add dnsdomain parameter to

5
winsup/cygwin/release/1.7.35
View File

@ -13,3 +13,8 @@ Bug Fixes
- Fix /proc/cpuinfo multicore info on Intel CPUs. - Fix /proc/cpuinfo multicore info on Intel CPUs.
Addresses: https://cygwin.com/ml/cygwin-apps/2015-02/msg00077.html Addresses: https://cygwin.com/ml/cygwin-apps/2015-02/msg00077.html
- Regression in 1.7.34: acl(SETACL, ...) overwrote the incoming acltent_t
array for bookkeeping purposes while iterating over its entries. This
broke reusing the acl in the calling application (e.g. setfacl).
Addresses: https://cygwin.com/ml/cygwin/2015-02/msg00304.html

9
winsup/cygwin/sec_acl.cc
View File

@ -125,6 +125,9 @@ setacl (HANDLE handle, path_conv &pc, int nentries, aclent_t *aclbufp,
writable = false; writable = false;
bool *invalid = (bool *) tp.c_get ();
memset (invalid, 0, nentries * sizeof *invalid);
/* Pre-compute owner, group, and other permissions to allow creating /* Pre-compute owner, group, and other permissions to allow creating
matching deny ACEs as in alloc_sd. */ matching deny ACEs as in alloc_sd. */
DWORD owner_allow = 0, group_allow = 0, other_allow = 0; DWORD owner_allow = 0, group_allow = 0, other_allow = 0;
@ -163,7 +166,7 @@ setacl (HANDLE handle, path_conv &pc, int nentries, aclent_t *aclbufp,
&& (aclbufp[i].a_type == USER_OBJ && (aclbufp[i].a_type == USER_OBJ
|| !(null_mask & FILE_READ_DATA))) || !(null_mask & FILE_READ_DATA)))
*allow |= FILE_DELETE_CHILD; *allow |= FILE_DELETE_CHILD;
aclbufp[i].a_type = 0; invalid[i] = true;
} }
bool isownergroup = (owner_sid == group_sid); bool isownergroup = (owner_sid == group_sid);
DWORD owner_deny = ~owner_allow & (group_allow | other_allow); DWORD owner_deny = ~owner_allow & (group_allow | other_allow);
@ -210,7 +213,7 @@ setacl (HANDLE handle, path_conv &pc, int nentries, aclent_t *aclbufp,
{ {
DWORD allow; DWORD allow;
/* Skip invalidated entries. */ /* Skip invalidated entries. */
if (!aclbufp[i].a_type) if (invalid[i])
continue; continue;
allow = STANDARD_RIGHTS_READ allow = STANDARD_RIGHTS_READ
@ -249,7 +252,7 @@ setacl (HANDLE handle, path_conv &pc, int nentries, aclent_t *aclbufp,
{ {
inheritance = CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE; inheritance = CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE;
/* invalidate the corresponding default entry. */ /* invalidate the corresponding default entry. */
aclbufp[i + 1 + pos].a_type = 0; invalid[i + 1 + pos] = true;
} }
switch (aclbufp[i].a_type) switch (aclbufp[i].a_type)
{ {