Add SECURITY_ATTRIBUTES wrapper

Signed-off-by: Simon Rozman <simon@rozman.si>
2022-03-10 14:51:29 +01:00 · 2022-03-10 14:51:29 +01:00 · 7defbb8cab
commit 7defbb8cab
parent 6a8310a9e7
5 changed files with 143 additions and 1 deletions
--- a/UnitTests/SDDL.cpp
+++ b/UnitTests/SDDL.cpp
@ -0,0 +1,26 @@
+/*
+	SPDX-License-Identifier: MIT
+	Copyright © 2022 Amebis
+*/
+
+#include "pch.h"
+
+using namespace std;
+using namespace Microsoft::VisualStudio::CppUnitTestFramework;
+
+namespace UnitTests
+{
+	TEST_CLASS(SDDL)
+	{
+	public:
+		TEST_METHOD(security_attributes)
+		{
+			winstd::security_attributes sa;
+			Assert::IsTrue(ConvertStringSecurityDescriptorToSecurityDescriptorW(L"O:BAD:PAI(A;;FA;;;BA)", SDDL_REVISION_1, sa, NULL));
+			Assert::IsNotNull(sa.lpSecurityDescriptor);
+			winstd::security_attributes sa2(move(sa));
+			Assert::IsNull(sa.lpSecurityDescriptor);
+			Assert::IsNotNull(sa2.lpSecurityDescriptor);
+		}
+	};
+}
--- a/UnitTests/UnitTests.vcxproj
+++ b/UnitTests/UnitTests.vcxproj
@ -86,7 +86,7 @@
    <Link>
      <SubSystem>Windows</SubSystem>
      <AdditionalLibraryDirectories>$(VCInstallDir)UnitTest\lib;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
-      <AdditionalDependencies>Shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>Advapi32.lib;Shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
    </Link>
  </ItemDefinitionGroup>
  <ItemDefinitionGroup Condition="'$(Configuration)'=='Debug'">
@ -118,6 +118,7 @@
    <ClCompile Include="pch.cpp">
      <PrecompiledHeader>Create</PrecompiledHeader>
    </ClCompile>
+    <ClCompile Include="SDDL.cpp" />
    <ClCompile Include="Shell.cpp" />
    <ClCompile Include="Win.cpp" />
  </ItemGroup>
--- a/UnitTests/UnitTests.vcxproj.filters
+++ b/UnitTests/UnitTests.vcxproj.filters
@ -24,6 +24,9 @@
    <ClCompile Include="Win.cpp">
      <Filter>Source Files</Filter>
    </ClCompile>
+    <ClCompile Include="SDDL.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
  </ItemGroup>
  <ItemGroup>
    <ClInclude Include="pch.h">
--- a/UnitTests/pch.h
+++ b/UnitTests/pch.h
@ -15,6 +15,7 @@
 #include <WinStd/ETW.h>
 #include <WinStd/GDI.h>
 #include <WinStd/MSI.h>
+#include <WinStd/SDDL.h>
 #include <WinStd/Sec.h>
 #include <WinStd/SetupAPI.h>
 #include <WinStd/Shell.h>
--- a/include/WinStd/SDDL.h
+++ b/include/WinStd/SDDL.h
@ -0,0 +1,111 @@
+/*
+    SPDX-License-Identifier: MIT
+    Copyright © 2022 Amebis
+*/
+
+/// \defgroup WinStdSDDL SDDL
+
+#pragma once
+
+#include "Common.h"
+#include <sddl.h>
+
+namespace winstd
+{
+    /// \addtogroup WinStdSDDL
+    /// @{
+
+    class security_attributes : public SECURITY_ATTRIBUTES
+    {
+        WINSTD_NONCOPYABLE(security_attributes)
+
+    public:
+        ///
+        /// Initializes a new SECURITY_ATTRIBUTES.
+        ///
+        security_attributes() noexcept
+        {
+            nLength              = sizeof(SECURITY_ATTRIBUTES);
+            lpSecurityDescriptor = NULL;
+            bInheritHandle       = FALSE;
+        }
+
+        ///
+        /// Moves an existing SECURITY_ATTRIBUTES.
+        ///
+        security_attributes(_Inout_ security_attributes &&a) noexcept
+        {
+            nLength                = sizeof(SECURITY_ATTRIBUTES);
+            lpSecurityDescriptor   = a.lpSecurityDescriptor;
+            bInheritHandle         = a.bInheritHandle;
+            a.lpSecurityDescriptor = NULL;
+        }
+
+        ///
+        /// Destroys the SECURITY_ATTRIBUTES.
+        ///
+        ~security_attributes()
+        {
+            if (lpSecurityDescriptor)
+                LocalFree(lpSecurityDescriptor);
+        }
+
+        ///
+        /// Moves an existing SECURITY_ATTRIBUTES.
+        ///
+        security_attributes& operator=(_Inout_ security_attributes &&a) noexcept
+        {
+            if (this != &a) {
+                nLength                = sizeof(SECURITY_ATTRIBUTES);
+                if (lpSecurityDescriptor)
+                    LocalFree(lpSecurityDescriptor);
+                lpSecurityDescriptor   = a.lpSecurityDescriptor;
+                bInheritHandle         = a.bInheritHandle;
+                a.lpSecurityDescriptor = NULL;
+            }
+            return *this;
+        }
+    };
+
+    /// @}
+}
+
+/// \addtogroup WinStdSDDL
+/// @{
+
+#pragma warning(push)
+#pragma warning(disable: 4505) // Don't warn on unused code
+
+/// @copydoc ConvertStringSecurityDescriptorToSecurityDescriptorW()
+_Success_(return != FALSE) static BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorA(_In_ LPCSTR StringSecurityDescriptor, _In_ DWORD StringSDRevision, _Inout_ winstd::security_attributes &sa, _Out_opt_ PULONG SecurityDescriptorSize)
+{
+    PSECURITY_DESCRIPTOR sd;
+    BOOL bResult = ConvertStringSecurityDescriptorToSecurityDescriptorA(StringSecurityDescriptor, StringSDRevision, &sd, SecurityDescriptorSize);
+    if (bResult) {
+        if (sa.lpSecurityDescriptor)
+            LocalFree(sa.lpSecurityDescriptor);
+        sa.lpSecurityDescriptor = sd;
+    }
+    return bResult;
+}
+
+///
+/// Converts a string-format security descriptor into a valid, functional security descriptor.
+///
+/// \sa [ConvertStringSecurityDescriptorToSecurityDescriptor function](https://docs.microsoft.com/en-us/windows/win32/api/sddl/nf-sddl-convertstringsecuritydescriptortosecuritydescriptorw)
+///
+_Success_(return != FALSE) static BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorW(_In_ LPCWSTR StringSecurityDescriptor, _In_ DWORD StringSDRevision, _Inout_ winstd::security_attributes &sa, _Out_opt_ PULONG SecurityDescriptorSize)
+{
+    PSECURITY_DESCRIPTOR sd;
+    BOOL bResult = ConvertStringSecurityDescriptorToSecurityDescriptorW(StringSecurityDescriptor, StringSDRevision, &sd, SecurityDescriptorSize);
+    if (bResult) {
+        if (sa.lpSecurityDescriptor)
+            LocalFree(sa.lpSecurityDescriptor);
+        sa.lpSecurityDescriptor = sd;
+    }
+    return bResult;
+}
+
+#pragma warning(pop)
+
+/// @}