Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix wrong DACL memory size on Windows (createWindowsDACL) #10712

Merged
merged 1 commit into from
May 21, 2024
Merged

Fix wrong DACL memory size on Windows (createWindowsDACL) #10712

merged 1 commit into from
May 21, 2024
+2 −1

Conversation

idrassi
Copy link
Contributor

@idrassi idrassi commented May 8, 2024
edited

The function createWindowsDACL incorrectly calculates the memory allocation size for the DACL.
Each AddAccessAllowedAce call should correspond to a sizeof(ACCESS_ALLOWED_ACE) plus the GetLengthSid of the SID being used, ensuring sufficient space in the ACL for each entry. However, the original code mistakenly includes only two instances of sizeof(ACCESS_ALLOWED_ACE) in the size calculation, although there are three instances of GetLengthSid in the sum and there are up to three AddAccessAllowedAce calls when the WITH_XC_SSHAGENT compilation flag is defined.

This change corrects the DACL memory allocation calculation to accurately account for all potential AddAccessAllowedAce calls by conditionally including the third sizeof(ACCESS_ALLOWED_ACE). This ensures correct memory allocation across all configurations.

Fixes #10713

Testing strategy

manual test.

Type of change

  • ✅ Bug fix (non-breaking change that fixes an issue)

@idrassi idrassi mentioned this pull request May 8, 2024
Closed
phoerious
phoerious approved these changes May 8, 2024
View reviewed changes
Copy link
Member

@phoerious phoerious left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks. I hate this API. It's so easy to mess up accidentally.

@idrassi @phoerious
Fix wrong DACL memory size on Windows (createWindowsDACL)
4fdc459 
Each AddAccessAllowedAce invocation should be matched with a corresponding sizeof(ACCESS_ALLOWED_ACE) and the respective GetLengthSid of the SID being used. This ensures that there is enough space in the ACL for each entry.

The issue manifest itself only when WITH_XC_SSHAGENT is defined.
@phoerious phoerious merged commit e7aa092 into keepassxreboot:develop May 21, 2024
11 checks passed
@phoerious phoerious added this to the v2.7.9 milestone May 21, 2024
pull bot pushed a commit to shashinma/keepassxc that referenced this pull request May 21, 2024
@idrassi @pull
Fix wrong DACL memory size on Windows (createWindowsDACL) (keepassxre…
1c921e0 
…boot#10712)

Each AddAccessAllowedAce invocation should be matched with a corresponding sizeof(ACCESS_ALLOWED_ACE) and the respective GetLengthSid of the SID being used. This ensures that there is enough space in the ACL for each entry.

The issue manifest itself only when WITH_XC_SSHAGENT is defined.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@phoerious phoerious phoerious approved these changes

Assignees
No one assigned
Labels
backport-pending
Projects
None yet
Milestone
v2.7.9
Development

Successfully merging this pull request may close these issues.

Incorrect Memory Allocation for DACL in createWindowsDACL() Function
2 participants
@idrassi @phoerious