diff options
-rw-r--r-- | source4/libcli/security/sddl.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/source4/libcli/security/sddl.c b/source4/libcli/security/sddl.c index a1b8346969..643cb7a82c 100644 --- a/source4/libcli/security/sddl.c +++ b/source4/libcli/security/sddl.c @@ -221,6 +221,7 @@ static BOOL sddl_decode_ace(TALLOC_CTX *mem_ctx, struct security_ace *ace, char if (!NT_STATUS_IS_OK(status)) { return False; } + ace->object.object.flags |= SEC_ACE_OBJECT_TYPE_PRESENT; } /* inherit object */ @@ -230,6 +231,7 @@ static BOOL sddl_decode_ace(TALLOC_CTX *mem_ctx, struct security_ace *ace, char if (!NT_STATUS_IS_OK(status)) { return False; } + ace->object.object.flags |= SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT; } /* trustee */ @@ -460,18 +462,21 @@ static char *sddl_encode_ace(TALLOC_CTX *mem_ctx, const struct security_ace *ace if (s_flags == NULL) goto failed; s_mask = sddl_flags_to_string(tmp_ctx, ace_access_mask, ace->access_mask, True); - if (s_mask == NULL) goto failed; + if (s_mask == NULL) { + s_mask = talloc_asprintf(tmp_ctx, "0x%08x", ace->access_mask); + if (s_mask == NULL) goto failed; + } if (ace->type == SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT || ace->type == SEC_ACE_TYPE_ACCESS_DENIED_OBJECT || ace->type == SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT || ace->type == SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT) { - if (!GUID_all_zero(&ace->object.object.type.type)) { + if (ace->object.object.flags & SEC_ACE_OBJECT_TYPE_PRESENT) { s_object = GUID_string(tmp_ctx, &ace->object.object.type.type); if (s_object == NULL) goto failed; } - if (!GUID_all_zero(&ace->object.object.inherited_type.inherited_type)) { + if (ace->object.object.flags & SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT) { s_iobject = GUID_string(tmp_ctx, &ace->object.object.inherited_type.inherited_type); if (s_iobject == NULL) goto failed; } |