diff options
| author | Pierre Joye <pajoye@php.net> | 2009-06-15 15:01:01 +0000 |
|---|---|---|
| committer | Pierre Joye <pajoye@php.net> | 2009-06-15 15:01:01 +0000 |
| commit | 60223d6a6d7c0091532240251cdf80ce209792fe (patch) | |
| tree | a4f2ba50c52a1d204e8c239046aba891b6d49fbf /TSRM/tsrm_win32.c | |
| parent | 2db291e7284d6c0be2931be4d04c1486cbf77cfa (diff) | |
| download | php-git-60223d6a6d7c0091532240251cdf80ce209792fe.tar.gz | |
- #48535, file_exists returns false when impersonate is used
Diffstat (limited to 'TSRM/tsrm_win32.c')
| -rw-r--r-- | TSRM/tsrm_win32.c | 36 |
1 files changed, 17 insertions, 19 deletions
diff --git a/TSRM/tsrm_win32.c b/TSRM/tsrm_win32.c index 1c37e1d89a..69214d00d4 100644 --- a/TSRM/tsrm_win32.c +++ b/TSRM/tsrm_win32.c @@ -41,12 +41,25 @@ static tsrm_win32_globals win32_globals; static void tsrm_win32_ctor(tsrm_win32_globals *globals TSRMLS_DC) { + HANDLE process_token = NULL; + globals->process = NULL; globals->shm = NULL; globals->process_size = 0; globals->shm_size = 0; globals->comspec = _strdup((GetVersion()<0x80000000)?"cmd.exe":"command.com"); globals->impersonation_token = NULL; + + /* Access check requires impersonation token. Create a duplicate token. */ + if(OpenProcessToken(GetCurrentProcess(), TOKEN_DUPLICATE | TOKEN_QUERY, &process_token)) { + DuplicateToken(process_token, SecurityImpersonation, &globals->impersonation_token); + } + + /* impersonation_token will be closed when the process dies */ + if(process_token != NULL) { + CloseHandle(process_token); + process_token = NULL; + } } static void tsrm_win32_dtor(tsrm_win32_globals *globals TSRMLS_DC) @@ -111,6 +124,10 @@ TSRM_API int tsrm_win32_access(const char *pathname, int mode) return errno; } + if(TWG(impersonation_token) == NULL) { + goto Finished; + } + /* Do a full access check because access() will only check read-only attribute */ if(mode == 0 || mode > 6) { desired_access = FILE_GENERIC_READ; @@ -133,30 +150,11 @@ TSRM_API int tsrm_win32_access(const char *pathname, int mode) goto Finished; } - if(TWG(impersonation_token) == NULL) { - - if(!OpenProcessToken(GetCurrentProcess(), TOKEN_DUPLICATE | TOKEN_QUERY, &process_token)) { - goto Finished; - } - - /* Access check requires impersonation token. Create a duplicate token. */ - if(!DuplicateToken(process_token, SecurityImpersonation, &TWG(impersonation_token))) { - goto Finished; - } - } - if(!AccessCheck((PSECURITY_DESCRIPTOR)psec_desc, TWG(impersonation_token), desired_access, &gen_map, &privilege_set, &priv_set_length, &granted_access, &fAccess)) { goto Finished; } Finished: - - /* impersonation_token will be closed when the process dies */ - if(process_token != NULL) { - CloseHandle(process_token); - process_token = NULL; - } - if(psec_desc != NULL) { free(psec_desc); psec_desc = NULL; |