You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by ma...@apache.org on 2022/11/22 19:09:18 UTC

[commons-daemon] branch master updated: Fix DAEMON-450 - Fix creation of duplicate ACL entries

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-daemon.git


The following commit(s) were added to refs/heads/master by this push:
     new 656ef0b  Fix DAEMON-450 - Fix creation of duplicate ACL entries
656ef0b is described below

commit 656ef0b681e4cb713190293059ea2882a0291e5d
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Tue Nov 22 19:09:11 2022 +0000

    Fix DAEMON-450 - Fix creation of duplicate ACL entries
    
    https://issues.apache.org/jira/projects/DAEMON/issues/DAEMON-450
    Thanks to Norimasa Yamamoto
---
 src/changes/changes.xml           |  4 ++++
 src/native/windows/src/security.c | 20 ++++++++++++++------
 2 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index 8456dba..1b52d4c 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -39,6 +39,10 @@
   </properties>
   <body>
     <release version="1.3.3" date="tbd" description="Bug fix release">
+      <!-- Fix -->
+      <action issue="DAEMON-450" type="fix" dev="markt" due-to="Norimasa Yamamoto">
+        Procrun. Fix creation of duplicate ACL entries on some Windows platforms.
+      </action>
       <!-- UPDATES -->
       <action type="update" dev="ggregory" due-to="Dependabot">Bump actions/cache from 3.0.8 to 3.0.11 #60.</action>
       <action type="update" dev="ggregory" due-to="Dependabot">Bump actions/checkout from 3.0.2 to 3.1.0 #59.</action>
diff --git a/src/native/windows/src/security.c b/src/native/windows/src/security.c
index a4ee87e..b2d0b0b 100644
--- a/src/native/windows/src/security.c
+++ b/src/native/windows/src/security.c
@@ -38,7 +38,7 @@ apxSecurityGrantFileAccessToUser(
     } else {
         dwResult = GetSystemDirectoryW(sPath, MAX_PATH);
         if (dwResult) {
-            return dwResult;
+            goto cleanup;
         }
         lstrlcatW(sPath, MAX_PATH, LOG_PATH_DEFAULT);
     }
@@ -74,13 +74,13 @@ apxSecurityGrantFileAccessToUser(
             NULL,
             &pSD);
     if (dwResult) {
-        return dwResult;
+        goto cleanup;
     }
 
     /* Additional access. */
     ZeroMemory(&ea, sizeof(EXPLICIT_ACCESS));
     ea.grfAccessPermissions = GENERIC_EXECUTE + GENERIC_READ + GENERIC_WRITE;
-    ea.grfAccessMode = GRANT_ACCESS;
+    ea.grfAccessMode = SET_ACCESS;
     ea.grfInheritance = CONTAINER_INHERIT_ACE + OBJECT_INHERIT_ACE;
     ea.Trustee.TrusteeForm = TRUSTEE_IS_NAME;
     ea.Trustee.ptstrName = sUser;
@@ -88,7 +88,7 @@ apxSecurityGrantFileAccessToUser(
     /* Merge old and additional into new ACL. */
     dwResult = SetEntriesInAcl(1, &ea, pOldDACL, &pNewDACL);
     if (dwResult) {
-        return dwResult;
+        goto cleanup;
     }
 
     /* Set the new ACL. */
@@ -101,9 +101,17 @@ apxSecurityGrantFileAccessToUser(
             pNewDACL,
             NULL);
     if (dwResult) {
-        return dwResult;
+        goto cleanup;
     }
 
-    return 0;
+cleanup:
+    if (pSD != NULL) {
+        LocalFree((HLOCAL) pSD);
+    }
+    if (pNewDACL != NULL) {
+        LocalFree((HLOCAL) pNewDACL);
+    }
+
+    return dwResult;
 }
  
\ No newline at end of file