SetUserObjectSecurity retourne false avec code erreur 998

**yann458** · 19/08/2019, 11h46

Bonjour,
La fonction SetUserObjectSecurity me retourne l'erreur 998.

Pouvez-vous corriger le source s'il vous plait. Je pige rien !

Code C++ :

Sélectionner tout - Visualiser dans une fenêtre à part

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
// CloneAceByFlag.cpp : Defines the entry point for the console application.
//
 
#include "stdafx.h"
#include <Windows.h>
 
//DWORD pbuf = 0;
//DWORD sizebuf = 0;
//BYTE buftest[65536];
DWORD flagcombine = 0;
 
PSECURITY_DESCRIPTOR out_acl;
 
void DumpAcl(HANDLE f, DWORD info)
{
	int err;
	PSECURITY_DESCRIPTOR ds1 = (PSECURITY_DESCRIPTOR)malloc(2048);
 
	BOOL bb = FALSE;
 
	DWORD cc = 0;
	flagcombine |= info;
	bb = GetUserObjectSecurity(f, &info, ds1, 2048, &cc);
	if (!bb)
	{
		int err = GetLastError();
		printf("GetUserObjectSecurity marche pas avec code erreur:%d\n", err);
		ExitProcess(-1);
	}
	/*memcpy(buftest + pbuf, ds1, cc);
	pbuf += cc;*/
 
	if (info == GROUP_SECURITY_INFORMATION)
	{
		BOOL present = FALSE;
		BOOL defaulted = FALSE;
		PSID sid = nullptr;
		bb = GetSecurityDescriptorGroup(ds1, &sid, &defaulted);
		if (bb)
		{
			bb = SetSecurityDescriptorGroup(out_acl, sid, defaulted);
			err = GetLastError();
			bb = bb;
		}
		else
		{
			err = GetLastError();
 
		}
	}
 
	if (info == SACL_SECURITY_INFORMATION)
	{
		BOOL present = FALSE;
		BOOL defaulted = FALSE;
		PACL dacl = nullptr;
		bb = GetSecurityDescriptorSacl(ds1, &present, &dacl, &defaulted);
		if (bb)
		{
			bb = SetSecurityDescriptorSacl(out_acl, present, dacl, defaulted);
			err = GetLastError();
			bb = bb;
		}
	}
 
	if (info == DACL_SECURITY_INFORMATION)
	{
		BOOL present = FALSE;
		BOOL defaulted = FALSE;
		PACL dacl = nullptr;
		bb=GetSecurityDescriptorDacl(ds1, &present, &dacl, &defaulted);
		if (bb)
		{
			bb=SetSecurityDescriptorDacl(out_acl, present, dacl, defaulted);
			err = GetLastError();
			bb = bb;
		}
	}
 
	if (info == OWNER_SECURITY_INFORMATION)
	{
		BOOL present = FALSE;
		BOOL defaulted = FALSE;
		PSID sid = nullptr;
		bb = GetSecurityDescriptorOwner(ds1, &sid, &defaulted);
		if (bb)
		{
			bb=SetSecurityDescriptorOwner(out_acl, sid,defaulted);
			err = GetLastError();
			bb = bb;
		}
		else
		{
			err = GetLastError();
 
		}
	}
 
	free(ds1);
 
}
 
int main()
{
 
	HANDLE f1 = CreateFileA("c:\\Storage-Test\\acl\\f1.bin", GENERIC_ALL, FILE_SHARE_READ, NULL, OPEN_EXISTING, 0, NULL);
	int err = GetLastError();
	HANDLE f2 = CreateFileA("c:\\Storage-Test\\acl\\f2.bin", GENERIC_ALL, FILE_SHARE_READ, NULL, OPEN_EXISTING, 0, NULL);
 
	if ((f1 != INVALID_HANDLE_VALUE) && (f2 != INVALID_HANDLE_VALUE))
	{
		out_acl = (PSECURITY_DESCRIPTOR)malloc(65536);
		BOOL bb=InitializeSecurityDescriptor(out_acl, SECURITY_DESCRIPTOR_REVISION);
		DWORD info = 0;
		/*BOOL bb = false;
		DWORD retcb;
		info = OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION;
		bb = GetUserObjectSecurity(f2, &info, out_acl, 65536, &retcb);*/
		DumpAcl(f1, GROUP_SECURITY_INFORMATION);
		DumpAcl(f1, OWNER_SECURITY_INFORMATION);
		//DumpAcl(f1, SACL_SECURITY_INFORMATION);
		DumpAcl(f1, DACL_SECURITY_INFORMATION);
 
		info = flagcombine;
		bb = SetUserObjectSecurity(f2, &info, out_acl);
		if (!bb)
		{
			int err = GetLastError();
			printf("SetUserObjectSecurity marche pas avec code erreur:%d\n", err);
		}
 
		CloseHandle(f1);
		CloseHandle(f2);
	}
    return 0;
}

J'ai un autre projet d'ou SetUserObjectSecurity retourne OK mais ça ne fonctionne pas.

Code C++ :

Sélectionner tout - Visualiser dans une fenêtre à part

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
// CloneAceByFlag.cpp : Defines the entry point for the console application.
//
 
#include "stdafx.h"
#include <Windows.h>
 
DWORD pbuf = 0;
DWORD sizebuf = 0;
BYTE buftest[65536];
DWORD flagcombine = 0;
 
void DumpAcl(HANDLE f, DWORD info)
{
	PSECURITY_DESCRIPTOR ds1 = (PSECURITY_DESCRIPTOR)malloc(2048);
 
	BOOL bb = FALSE;
 
	DWORD cc = 0;
	flagcombine |= info;
	bb = GetUserObjectSecurity(f, &info, ds1, 2048, &cc);
	if (!bb)
	{
		int err = GetLastError();
		printf("GetUserObjectSecurity marche pas avec code erreur:%d\n", err);
		ExitProcess(-1);
	}
	memcpy(buftest + pbuf, ds1, cc);
	pbuf += cc;
 
	free(ds1);
 
}
 
int main()
{
	HANDLE f1 = CreateFileA("f1.bin", GENERIC_ALL, FILE_SHARE_READ, NULL, OPEN_EXISTING, 0, NULL);
	int err = GetLastError();
	HANDLE f2 = CreateFileA("f2.bin", GENERIC_ALL, FILE_SHARE_READ, NULL, OPEN_EXISTING, 0, NULL);
 
	if ((f1 != INVALID_HANDLE_VALUE) && (f2 != INVALID_HANDLE_VALUE))
	{
		DumpAcl(f1, OWNER_SECURITY_INFORMATION);
		DumpAcl(f1, DACL_SECURITY_INFORMATION);
 
		DWORD info = flagcombine;
		BOOL bb = SetUserObjectSecurity(f2, &info, buftest);
		if (!bb)
		{
			int err = GetLastError();
			printf("SetUserObjectSecurity marche pas avec code erreur:%d\n", err);
		}
 
		CloseHandle(f1);
		CloseHandle(f2);
	}
    return 0;
}