From 5943ff68e7838be67148b1c0eef91f3c1ab66230 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 18 Feb 2008 12:55:35 +0100 Subject: Use pidl for _svcctl_OpenServiceW(). Note that this call did and still does panic in registry access. Michael has an idea how to fix this. Guenther (This used to be commit b2fa41072ddd2aba000a33eb32ccee408d8304db) --- source3/rpc_server/srv_svcctl_nt.c | 32 ++++++++++++-------------------- 1 file changed, 12 insertions(+), 20 deletions(-) (limited to 'source3/rpc_server/srv_svcctl_nt.c') diff --git a/source3/rpc_server/srv_svcctl_nt.c b/source3/rpc_server/srv_svcctl_nt.c index 459def11c7..40f3584e3e 100644 --- a/source3/rpc_server/srv_svcctl_nt.c +++ b/source3/rpc_server/srv_svcctl_nt.c @@ -284,28 +284,26 @@ WERROR _svcctl_OpenSCManagerW(pipes_struct *p, } /******************************************************************** + _svcctl_OpenServiceW ********************************************************************/ -WERROR _svcctl_open_service(pipes_struct *p, SVCCTL_Q_OPEN_SERVICE *q_u, SVCCTL_R_OPEN_SERVICE *r_u) +WERROR _svcctl_OpenServiceW(pipes_struct *p, + struct svcctl_OpenServiceW *r) { SEC_DESC *sec_desc; uint32 access_granted = 0; NTSTATUS status; - char *service = NULL; - size_t ret = rpcstr_pull_talloc(p->mem_ctx, - &service, - q_u->servicename.buffer, - q_u->servicename.uni_str_len*2, - 0); - - if (ret == (size_t)-1 || !service) { + const char *service = NULL; + + service = r->in.ServiceName; + if (!service) { return WERR_NOMEM; } - DEBUG(5, ("_svcctl_open_service: Attempting to open Service [%s], \n", service)); + DEBUG(5, ("_svcctl_OpenServiceW: Attempting to open Service [%s], \n", service)); /* based on my tests you can open a service if you have a valid scm handle */ - if ( !find_service_info_by_hnd( p, &q_u->handle ) ) + if ( !find_service_info_by_hnd( p, r->in.scmanager_handle) ) return WERR_BADFID; /* perform access checks. Use the root token in order to ensure that we @@ -314,12 +312,12 @@ WERROR _svcctl_open_service(pipes_struct *p, SVCCTL_Q_OPEN_SERVICE *q_u, SVCCTL_ if ( !(sec_desc = svcctl_get_secdesc( p->mem_ctx, service, get_root_nt_token() )) ) return WERR_NOMEM; - se_map_generic( &q_u->access, &svc_generic_map ); - status = svcctl_access_check( sec_desc, p->pipe_user.nt_user_token, q_u->access, &access_granted ); + se_map_generic( &r->in.access_mask, &svc_generic_map ); + status = svcctl_access_check( sec_desc, p->pipe_user.nt_user_token, r->in.access_mask, &access_granted ); if ( !NT_STATUS_IS_OK(status) ) return ntstatus_to_werror( status ); - return create_open_service_handle( p, &r_u->handle, SVC_HANDLE_IS_SERVICE, service, access_granted ); + return create_open_service_handle( p, r->out.handle, SVC_HANDLE_IS_SERVICE, service, access_granted ); } /******************************************************************** @@ -965,12 +963,6 @@ WERROR _svcctl_EnumServicesStatusW(pipes_struct *p, struct svcctl_EnumServicesSt return WERR_NOT_SUPPORTED; } -WERROR _svcctl_OpenServiceW(pipes_struct *p, struct svcctl_OpenServiceW *r) -{ - p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; -} - WERROR _svcctl_QueryServiceConfigW(pipes_struct *p, struct svcctl_QueryServiceConfigW *r) { p->rng_fault_state = True; -- cgit