* cyglsa.c: Don't include ntddk.h.

(RtlInitEmptyUnicodeString): Use Visual-C compatible "__inline" instead of "inline". (uni_alloc): Change second argument to USHORT. (printf): Move definition of ap to make Visual-C++ happy. (LsaApLogonUserEx): Compute size of datastructure returned to LSA on 64 bit systems correctly to avoid heap corruption. * cyglsa64.dll: Regenerate. * make-64bit-version-with-visual-c.bat: Accommodate newer Microsoft toolchains. Add more comment. * mslsa.def: Export LsaApLogonUserEx instead of LsaApLogonUser.
2008-07-13 13:14:41 +00:00 · 2008-07-13 13:14:41 +00:00 · 5a0c7f1df9
parent 25dab6dc60
commit 5a0c7f1df9
5 changed files with 40 additions and 12 deletions
--- a/winsup/lsaauth/ChangeLog
+++ b/winsup/lsaauth/ChangeLog
@ -1,3 +1,17 @@
+2008-07-13  Corinna Vinschen  <corinna@vinschen.de>
+
+	* cyglsa.c: Don't include ntddk.h.
+	(RtlInitEmptyUnicodeString): Use Visual-C compatible "__inline" instead
+	of "inline".
+	(uni_alloc): Change second argument to USHORT.
+	(printf): Move definition of ap to make Visual-C++ happy.
+	(LsaApLogonUserEx): Compute size of datastructure returned to
+	LSA on 64 bit systems correctly to avoid heap corruption.
+	* cyglsa64.dll: Regenerate.
+	* make-64bit-version-with-visual-c.bat: Accommodate newer Microsoft
+	toolchains.  Add more comment.
+	* mslsa.def: Export LsaApLogonUserEx instead of LsaApLogonUser.
+
 2008-07-11  Corinna Vinschen  <corinna@vinschen.de>

 	* cyglsa.c (LsaApLogonUserEx): Accommodate the fact that authinf->domain
--- a/winsup/lsaauth/cyglsa.c
+++ b/winsup/lsaauth/cyglsa.c
@ -19,7 +19,6 @@ Cygwin license.  Please consult the file "CYGWIN_LICENSE" for details. */
 #include <lm.h>
 #include <iptypes.h>
 #include <ntsecapi.h>
-#include <ntddk.h>
 #include "../cygwin/cyglsa.h"
 #include "../cygwin/include/cygwin/version.h"

@ -41,9 +40,8 @@ DllMain (HINSTANCE inst, DWORD reason, LPVOID res)
 }

 #ifndef RtlInitEmptyUnicodeString
-inline
-VOID NTAPI RtlInitEmptyUnicodeString(PUNICODE_STRING dest, PCWSTR buf,
-				     USHORT len)
+__inline VOID NTAPI
+RtlInitEmptyUnicodeString(PUNICODE_STRING dest, PCWSTR buf, USHORT len)
 {
  dest->Length = 0;
  dest->MaximumLength = len;
@ -52,7 +50,7 @@ VOID NTAPI RtlInitEmptyUnicodeString(PUNICODE_STRING dest, PCWSTR buf,
 #endif

 static PUNICODE_STRING
-uni_alloc (PWCHAR src, DWORD len)
+uni_alloc (PWCHAR src, USHORT len)
 {
  PUNICODE_STRING tgt;

@ -80,10 +78,10 @@ printf (const char *format, ...)
  char buf[256];
  DWORD wr;
  int ret;
+  va_list ap;

  if (fh == INVALID_HANDLE_VALUE)
    return 0;
-  va_list ap;

  va_start (ap, format);
  ret = _vsnprintf (buf, 256, format, ap);
@ -471,14 +469,17 @@ LsaApLogonUserEx (PLSA_CLIENT_REQUEST request, SECURITY_LOGON_TYPE logon_type,
      base = (LONG_PTR) &authinf->inf;

      newsize = authinf->inf_size;
-      newsize += sizeof (PSID) - sizeof (OFFSET); /* User SID */
+      newsize += sizeof (TOKEN_USER) - sizeof (CYG_TOKEN_USER); /* User SID */
      newsize += sizeof (PTOKEN_GROUPS) - sizeof (OFFSET); /* Groups */
      src_grps = (PCYG_TOKEN_GROUPS) (base + authinf->inf.Groups);
      newsize += src_grps->GroupCount		  /* Group SIDs */
-      		 * (sizeof (PSID) - sizeof (OFFSET));
+      		 * (sizeof (SID_AND_ATTRIBUTES)
+		    - sizeof (CYG_SID_AND_ATTRIBUTES));
      newsize += sizeof (PSID) - sizeof (OFFSET); /* Primary Group SID */
-      newsize += sizeof (PSID) - sizeof (OFFSET); /* Owner SID */
+      newsize += sizeof (PTOKEN_PRIVILEGES) - sizeof (OFFSET); /* Privileges */
+      newsize += 0; /* Owner SID */
      newsize += sizeof (PACL) - sizeof (OFFSET); /* Default DACL */
+
      if (!(tokinf = funcs->AllocateLsaHeap (newsize)))
 	return STATUS_NO_MEMORY;
      tptr = (PBYTE)(tokinf + 1);
--- a/winsup/lsaauth/cyglsa64.dll
+++ b/winsup/lsaauth/cyglsa64.dll
--- a/winsup/lsaauth/make-64bit-version-with-visual-c.bat
+++ b/winsup/lsaauth/make-64bit-version-with-visual-c.bat
@ -5,6 +5,11 @@ rem
 rem Note that you need not only the SDK headers and libs, but also the
 rem 64 bit ntdll.lib file from a DDK supporting 64 bit builds.
 rem
+rem Make sure all necessary include paths are set in %Include% (inc\ddk,
+rem inc\atl, inc\crt) and rem that %Lib% points to the 64 bit libs, not
+rem the 32 bit libs.  In the latter case the link stage will succeed,
+rem but the resulting DLL is non-functional.
+rem
 rem This can be used as long as no x86_64-pe/coff capable gcc is available.
 rem Note that this is for building inside the source dir as not to interfere
 rem with the "official" 32 bit build in the build directory.
@ -12,5 +17,13 @@ rem
 rem Install the dll into /bin and use the cyglsa-config script to register it.
 rem Don't forget to reboot afterwards.
 rem
-cl /Wp64 /c cyglsa.c
-link /nodefaultlib /dll /machine:x64 /entry:DllMain /out:cyglsa64.dll /def:mslsa.def cyglsa.obj runtmchk.lib advapi32.lib kernel32.lib ntdll.lib
+rem Use "/DDEBUGGING" in the cl line to create debugging output to
+rem C:\cyglsa.dbgout at runtime.
+rem
+rem No idea when that changed, but in the latest SDKs you have to disable
+rem the security checks and there's apparently no runtmchk.lib anymore.
+rem I leave the old statements in for reference.
+rem cl /Wp64 /c cyglsa.c
+rem link /nodefaultlib /dll /machine:x64 /entry:DllMain /out:cyglsa64.dll /def:mslsa.def cyglsa.obj runtmchk.lib advapi32.lib kernel32.lib ntdll.lib
+cl /Wp64 /EHs-c- /GS- /GR- /GL- /c cyglsa.c
+link /nodefaultlib /dll /machine:x64 /entry:DllMain /out:cyglsa64.dll /def:mslsa.def cyglsa.obj advapi32.lib kernel32.lib ntdll.lib
--- a/winsup/lsaauth/mslsa.def
+++ b/winsup/lsaauth/mslsa.def
@ -2,7 +2,7 @@ LIBRARY "cyglsa64"

 EXPORTS
 LsaApInitializePackage
-LsaApLogonUser
+LsaApLogonUserEx
 LsaApLogonTerminated
 LsaApCallPackage
 LsaApCallPackagePassthrough = LsaApCallPackage