Hi Ken,

On Aug 26 17:43, Ken Brown wrote:
> Don't refer to lacl[pos] unless we know that pos >= 0.

I'm not sure this is entirely right.  Moving the assignment to
class_perm/def_class_perm into the previous if makes sense, but the
bools has_class_perm and has_def_class_perm should be set no matter
what, to indicate that class perms had been specified.

Either way, does this solve a real-world problem?  If so, a pointer
or a short description would be nice.


Thanks,
Corinna


> ---
>  winsup/cygwin/sec_acl.cc | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/winsup/cygwin/sec_acl.cc b/winsup/cygwin/sec_acl.cc
> index 933bfa69d..67749d7b1 100644
> --- a/winsup/cygwin/sec_acl.cc
> +++ b/winsup/cygwin/sec_acl.cc
> @@ -807,9 +807,9 @@ get_posix_access (PSECURITY_DESCRIPTOR psd,
>                         lacl[pos].a_id = ACL_UNDEFINED_ID;
>                         lacl[pos].a_perm = CYG_ACE_MASK_TO_POSIX (ace->Mask);
>                         aclsid[pos] = well_known_null_sid;
> +                       has_class_perm = true;
> +                       class_perm = lacl[pos].a_perm;
>                       }
> -                   has_class_perm = true;
> -                   class_perm = lacl[pos].a_perm;
>                   }
>                 if (ace->Header.AceFlags & SUB_CONTAINERS_AND_OBJECTS_INHERIT)
>                   {
> @@ -820,9 +820,9 @@ get_posix_access (PSECURITY_DESCRIPTOR psd,
>                         lacl[pos].a_id = ACL_UNDEFINED_ID;
>                         lacl[pos].a_perm = CYG_ACE_MASK_TO_POSIX (ace->Mask);
>                         aclsid[pos] = well_known_null_sid;
> +                       has_def_class_perm = true;
> +                       def_class_perm = lacl[pos].a_perm;
>                       }
> -                   has_def_class_perm = true;
> -                   def_class_perm = lacl[pos].a_perm;
>                   }
>               }
>           }
> -- 
> 2.21.0

-- 
Corinna Vinschen
Cygwin Maintainer

Attachment: signature.asc
Description: PGP signature

Reply via email to