# HG changeset patch # User Ulf Zibis # Date 1460495701 -7200 # Tue Apr 12 23:15:01 2016 +0200 # Node ID a2c942f9667c96ccaed3f6075e9abd074c20b6f2 # Parent 68983749dbce9237c8149843a3f76849be76aa6e Added missing break, commented superfluous ones. Removed superfluous (auth < 100). diff --git a/src/secaudit.c b/src/secaudit.c --- a/src/secaudit.c +++ b/src/secaudit.c @@ -1432,8 +1432,7 @@ auth = get6h(attr,off+2); first = get4l(attr,off+8); known = FALSE; - if ((attr[off] == 1) /* revision */ - && (auth < 100)) + if (attr[off] == 1) /* revision */ switch (cnt) { case 0 : /* no level (error) */ break; @@ -1460,7 +1459,7 @@ case 1 : known = TRUE; printf("%*cCreator group SID\n",-level,marker); - break; + break; /* superfluous break */ } break; case 5 : @@ -1504,9 +1503,9 @@ case 18 : known = TRUE; printf("%*cNT System SID\n",-level,marker); - break; + break; /* superfluous break */ } - break; + break; /* superfluous break */ } break; case 2 : /* double level */ @@ -1527,11 +1526,12 @@ break; default : printf("%*cSome domain SID\n",-level,marker); - break; + break; /* superfluous break */ } } - break; + break; /* superfluous break */ } + break; default : /* three levels or more */ second = get4l(attr,off+12); last = get4l(attr,off+4+4*cnt); @@ -1540,28 +1540,29 @@ if (first == 21) { known = TRUE; switch (last) { - case 500 : - printf("%*cSystem admin SID\n",-level,marker); - break; - case 501 : - printf("%*cGuest SID\n",-level,marker); - break; - case 512 : - printf("%*cLocal admins SID\n",-level,marker); - break; - case 513 : - printf("%*cLocal users SID\n",-level,marker); - break; - case 514 : - printf("%*cLocal guests SID\n",-level,marker); - break; - default : - printf("%*cLocal user-%lu SID\n",-level,marker,last); - break; + case 500 : + printf("%*cSystem admin SID\n",-level,marker); + break; + case 501 : + printf("%*cGuest SID\n",-level,marker); + break; + case 512 : + printf("%*cLocal admins SID\n",-level,marker); + break; + case 513 : + printf("%*cLocal users SID\n",-level,marker); + break; + case 514 : + printf("%*cLocal guests SID\n",-level,marker); + break; + default : + printf("%*cLocal user-%lu SID\n",-level,marker,last); + break; /* superfluous break */ } } - break; + break; /* superfluous break */ } + break; /* superfluous break */ } if (!known) printf("%*cUnknown SID\n",-level,marker); # HG changeset patch # User Ulf Zibis # Date 1460495705 -7200 # Tue Apr 12 23:15:05 2016 +0200 # Node ID d8fa401854241a981546cedd5fce27300f9a7740 # Parent a2c942f9667c96ccaed3f6075e9abd074c20b6f2 Removed potential reference range violation and (auth < 100). Compacted secaudit.c diff --git a/src/secaudit.c b/src/secaudit.c --- a/src/secaudit.c +++ b/src/secaudit.c @@ -1415,97 +1415,46 @@ void showsid(const char *attr, int off, const char *prefix, int level) { - int cnt; int i; - BOOL known; + u8 revision; + u8 cnt; u64 auth; unsigned long first; unsigned long second; unsigned long last; - char marker; - - if (opt_b) - marker = '#'; - else - marker = ' '; - cnt = attr[off+1] & 255; - auth = get6h(attr,off+2); - first = get4l(attr,off+8); - known = FALSE; - if (attr[off] == 1) /* revision */ + char marker = opt_b ? '#' : ' '; + char *name = "Unknown"; + + revision = attr[off]; + cnt = attr[off+1]; + auth = (u8)attr[off+7]; + if (revision == 1 && cnt) { + first = get4l(attr,off+8); switch (cnt) { case 0 : /* no level (error) */ break; case 1 : /* single level */ switch (auth) { - case 0 : - if (first == 0) { - known = TRUE; - printf("%*cNull SID\n",-level,marker); - } - break; - case 1 : - if (first == 0) { - known = TRUE; - printf("%*cWorld SID\n",-level,marker); - } - break; + case 0 : if (first == 0) name = "Null"; break; + case 1 : if (first == 0) name = "World"; break; case 3 : switch (first) { - case 0 : - known = TRUE; - printf("%*cCreator owner SID\n",-level,marker); - break; - case 1 : - known = TRUE; - printf("%*cCreator group SID\n",-level,marker); - break; /* superfluous break */ - } - break; + case 0 : name = "Creator owner"; break; + case 1 : name = "Creator group"; break; + } break; case 5 : switch (first) { - case 1 : - known = TRUE; - printf("%*cDialup SID\n",-level,marker); - break; - case 2 : - known = TRUE; - printf("%*cNetwork SID\n",-level,marker); - break; - case 3 : - known = TRUE; - printf("%*cBatch SID\n",-level,marker); - break; - case 4 : - known = TRUE; - printf("%*cInteractive SID\n",-level,marker); - break; - case 6 : - known = TRUE; - printf("%*cService SID\n",-level,marker); - break; - case 7 : - known = TRUE; - printf("%*cAnonymous logon SID\n",-level,marker); - break; - case 11 : - known = TRUE; - printf("%*cAuthenticated user SID\n",-level,marker); - break; - case 13 : - known = TRUE; - printf("%*cLocal service SID\n",-level,marker); - break; - case 14 : - known = TRUE; - printf("%*cNetwork service SID\n",-level,marker); - break; - case 18 : - known = TRUE; - printf("%*cNT System SID\n",-level,marker); - break; /* superfluous break */ + case 1 : name = "Dialup"; break; + case 2 : name = "Network"; break; + case 3 : name = "Batch"; break; + case 4 : name = "Interactive"; break; + case 6 : name = "Service"; break; + case 7 : name = "Anonymous logon"; break; + case 11 : name = "Authenticated user"; break; + case 13 : name = "Local service"; break; + case 14 : name = "Network service"; break; + case 18 : name = "NT System"; break; } - break; /* superfluous break */ } break; case 2 : /* double level */ @@ -1513,23 +1462,13 @@ switch (auth) { case 5 : if (first == 32) { - known = TRUE; switch (second) { - case 544 : - printf("%*cLocal admins SID\n",-level,marker); - break; - case 545 : - printf("%*cLocal users SID\n",-level,marker); - break; - case 546 : - printf("%*cLocal guests SID\n",-level,marker); - break; - default : - printf("%*cSome domain SID\n",-level,marker); - break; /* superfluous break */ + case 544 : name = "Local admins"; break; + case 545 : name = "Local users"; break; + case 546 : name = "Local guests"; break; + default : name = "Some domain"; break; } } - break; /* superfluous break */ } break; default : /* three levels or more */ @@ -1538,40 +1477,27 @@ switch (auth) { case 5 : if (first == 21) { - known = TRUE; switch (last) { - case 500 : - printf("%*cSystem admin SID\n",-level,marker); - break; - case 501 : - printf("%*cGuest SID\n",-level,marker); - break; - case 512 : - printf("%*cLocal admins SID\n",-level,marker); - break; - case 513 : - printf("%*cLocal users SID\n",-level,marker); - break; - case 514 : - printf("%*cLocal guests SID\n",-level,marker); - break; - default : - printf("%*cLocal user-%lu SID\n",-level,marker,last); - break; /* superfluous break */ + case 500 : name = "System admin"; break; + case 501 : name = "Guest"; break; + case 512 : name = "Local admins"; break; + case 513 : name = "Local users"; break; + case 514 : name = "Local guests"; break; + default : name = "Local user-"; break; } } - break; /* superfluous break */ } - break; /* superfluous break */ } - if (!known) - printf("%*cUnknown SID\n",-level,marker); - printf("%*c%shex S-%d-",-level,marker,prefix,attr[off] & 255); + } + printf((name[strlen(name)-1] == '-') ? + "%*c%s%lu SID\n" : "%*c%s SID\n",-level,marker,name,last); + auth = get6h(attr,off+2); + printf("%*c%shex S-%x-",-level,marker,prefix,attr[off] & 255); printf("%llx",auth); for (i=0; i