* sec_acl.cc (setacl): Introduce bool array "invalid" to note the
invalidation of incoming acl entries while iterating over them.
This commit is contained in:
parent
b49934db7f
commit
1072cb2e7d
|
@ -1,3 +1,8 @@
|
||||||
|
2015-02-12 Corinna Vinschen <corinna@vinschen.de>
|
||||||
|
|
||||||
|
* sec_acl.cc (setacl): Introduce bool array "invalid" to note the
|
||||||
|
invalidation of incoming acl entries while iterating over them.
|
||||||
|
|
||||||
2015-02-12 Corinna Vinschen <corinna@vinschen.de>
|
2015-02-12 Corinna Vinschen <corinna@vinschen.de>
|
||||||
|
|
||||||
* cygheap.h (cygheap_pwdgrp::get_home): Add dnsdomain parameter to
|
* cygheap.h (cygheap_pwdgrp::get_home): Add dnsdomain parameter to
|
||||||
|
|
|
@ -13,3 +13,8 @@ Bug Fixes
|
||||||
|
|
||||||
- Fix /proc/cpuinfo multicore info on Intel CPUs.
|
- Fix /proc/cpuinfo multicore info on Intel CPUs.
|
||||||
Addresses: https://cygwin.com/ml/cygwin-apps/2015-02/msg00077.html
|
Addresses: https://cygwin.com/ml/cygwin-apps/2015-02/msg00077.html
|
||||||
|
|
||||||
|
- Regression in 1.7.34: acl(SETACL, ...) overwrote the incoming acltent_t
|
||||||
|
array for bookkeeping purposes while iterating over its entries. This
|
||||||
|
broke reusing the acl in the calling application (e.g. setfacl).
|
||||||
|
Addresses: https://cygwin.com/ml/cygwin/2015-02/msg00304.html
|
||||||
|
|
|
@ -125,6 +125,9 @@ setacl (HANDLE handle, path_conv &pc, int nentries, aclent_t *aclbufp,
|
||||||
|
|
||||||
writable = false;
|
writable = false;
|
||||||
|
|
||||||
|
bool *invalid = (bool *) tp.c_get ();
|
||||||
|
memset (invalid, 0, nentries * sizeof *invalid);
|
||||||
|
|
||||||
/* Pre-compute owner, group, and other permissions to allow creating
|
/* Pre-compute owner, group, and other permissions to allow creating
|
||||||
matching deny ACEs as in alloc_sd. */
|
matching deny ACEs as in alloc_sd. */
|
||||||
DWORD owner_allow = 0, group_allow = 0, other_allow = 0;
|
DWORD owner_allow = 0, group_allow = 0, other_allow = 0;
|
||||||
|
@ -163,7 +166,7 @@ setacl (HANDLE handle, path_conv &pc, int nentries, aclent_t *aclbufp,
|
||||||
&& (aclbufp[i].a_type == USER_OBJ
|
&& (aclbufp[i].a_type == USER_OBJ
|
||||||
|| !(null_mask & FILE_READ_DATA)))
|
|| !(null_mask & FILE_READ_DATA)))
|
||||||
*allow |= FILE_DELETE_CHILD;
|
*allow |= FILE_DELETE_CHILD;
|
||||||
aclbufp[i].a_type = 0;
|
invalid[i] = true;
|
||||||
}
|
}
|
||||||
bool isownergroup = (owner_sid == group_sid);
|
bool isownergroup = (owner_sid == group_sid);
|
||||||
DWORD owner_deny = ~owner_allow & (group_allow | other_allow);
|
DWORD owner_deny = ~owner_allow & (group_allow | other_allow);
|
||||||
|
@ -210,7 +213,7 @@ setacl (HANDLE handle, path_conv &pc, int nentries, aclent_t *aclbufp,
|
||||||
{
|
{
|
||||||
DWORD allow;
|
DWORD allow;
|
||||||
/* Skip invalidated entries. */
|
/* Skip invalidated entries. */
|
||||||
if (!aclbufp[i].a_type)
|
if (invalid[i])
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
allow = STANDARD_RIGHTS_READ
|
allow = STANDARD_RIGHTS_READ
|
||||||
|
@ -249,7 +252,7 @@ setacl (HANDLE handle, path_conv &pc, int nentries, aclent_t *aclbufp,
|
||||||
{
|
{
|
||||||
inheritance = CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE;
|
inheritance = CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE;
|
||||||
/* invalidate the corresponding default entry. */
|
/* invalidate the corresponding default entry. */
|
||||||
aclbufp[i + 1 + pos].a_type = 0;
|
invalid[i + 1 + pos] = true;
|
||||||
}
|
}
|
||||||
switch (aclbufp[i].a_type)
|
switch (aclbufp[i].a_type)
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in New Issue