X-Git-Url: http://wien.tomnetworks.com/gitweb/?a=blobdiff_plain;f=mono%2Fmetadata%2Fmono-security.c;h=865b9ca1e04236ec1a7c7840436fca8c6e02de8a;hb=066372dc08bce3b06873c57b2357114bdda31cd5;hp=a27f82ecd292958c66ca56293c08d9b82009aadf;hpb=61b243e8ca3fd16e1c5eb90435aa726f7a9c1d5f;p=mono.git

diff --git a/mono/metadata/mono-security.c b/mono/metadata/mono-security.c
index a27f82ecd29..865b9ca1e04 100644
--- a/mono/metadata/mono-security.c
+++ b/mono/metadata/mono-security.c
@@ -5,6 +5,7 @@
  *	Sebastien Pouliot  <sebastien@ximian.com>
  *
  * Copyright 2004-2009 Novell, Inc (http://www.novell.com)
+ * Licensed under the MIT license. See LICENSE file in the project root for full license information.
  */
 
 #ifdef HAVE_CONFIG_H
@@ -275,9 +276,9 @@ ves_icall_System_Security_Principal_WindowsIdentity_GetCurrentToken (void)
 	 */
 
 	/* thread may be impersonating somebody */
-	if (OpenThreadToken (GetCurrentThread (), TOKEN_QUERY, 1, &token) == 0) {
+	if (OpenThreadToken (GetCurrentThread (), MAXIMUM_ALLOWED, 1, &token) == 0) {
 		/* if not take the process identity */
-		OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, &token);
+		OpenProcessToken (GetCurrentProcess (), MAXIMUM_ALLOWED, &token);
 	}
 #else
 	token = GINT_TO_POINTER (geteuid ());
@@ -323,7 +324,7 @@ ves_icall_System_Security_Principal_WindowsIdentity_GetTokenName (gpointer token
 	if (uniname)
 		g_free (uniname);
 
-	mono_error_raise_exception (&error);
+	mono_error_set_pending_exception (&error);
 	return result;
 }
 
@@ -390,6 +391,7 @@ ves_icall_System_Security_Principal_WindowsIdentity_GetUserToken (MonoString *us
 MonoArray*
 ves_icall_System_Security_Principal_WindowsIdentity_GetRoles (gpointer token) 
 {
+	MonoError error;
 	MonoArray *array = NULL;
 	MonoDomain *domain = mono_domain_get (); 
 #ifdef HOST_WIN32
@@ -402,16 +404,24 @@ ves_icall_System_Security_Principal_WindowsIdentity_GetRoles (gpointer token)
 			int i=0;
 			int num = tg->GroupCount;
 
-			array = mono_array_new (domain, mono_get_string_class (), num);
+			array = mono_array_new_checked (domain, mono_get_string_class (), num, &error);
+			if (mono_error_set_pending_exception (&error)) {
+				g_free (tg);
+				return NULL;
+			}
 
 			for (i=0; i < num; i++) {
 				gint32 size = 0;
 				gunichar2 *uniname = GetSidName (NULL, tg->Groups [i].Sid, &size);
 
 				if (uniname) {
-					MonoError error;
 					MonoString *str = mono_string_new_utf16_checked (domain, uniname, size, &error);
-					mono_error_raise_exception (&error);
+					if (!is_ok (&error)) {
+						g_free (uniname);
+						g_free (tg);
+						mono_error_set_pending_exception (&error);
+						return NULL;
+					}
 					mono_array_setref (array, i, str);
 					g_free (uniname);
 				}
@@ -425,7 +435,8 @@ ves_icall_System_Security_Principal_WindowsIdentity_GetRoles (gpointer token)
 #endif
 	if (!array) {
 		/* return empty array of string, i.e. string [0] */
-		array = mono_array_new (domain, mono_get_string_class (), 0);
+		array = mono_array_new_checked (domain, mono_get_string_class (), 0, &error);
+		mono_error_set_pending_exception (&error);
 	}
 	return array;
 }
@@ -649,9 +660,10 @@ IsMachineProtected (gunichar2 *path)
 {
 	gboolean success = FALSE;
 	PACL pDACL = NULL;
+	PSECURITY_DESCRIPTOR pSD = NULL;
 	PSID pEveryoneSid = NULL;
 
-	DWORD dwRes = GetNamedSecurityInfoW (path, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, &pDACL, NULL, NULL);
+	DWORD dwRes = GetNamedSecurityInfoW (path, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, &pDACL, NULL, &pSD);
 	if (dwRes != ERROR_SUCCESS)
 		return FALSE;
 
@@ -668,8 +680,8 @@ IsMachineProtected (gunichar2 *path)
 	/* Note: we don't need to check our own access - 
 	we'll know soon enough when reading the file */
 
-	if (pDACL)
-		LocalFree (pDACL);
+	if (pSD)
+		LocalFree (pSD);
 
 	return success;
 }
@@ -931,21 +943,26 @@ static MonoImage *system_security_assembly = NULL;
 void
 ves_icall_System_Security_SecureString_DecryptInternal (MonoArray *data, MonoObject *scope)
 {
-	invoke_protected_memory_method (data, scope, FALSE);
+	MonoError error;
+	invoke_protected_memory_method (data, scope, FALSE, &error);
+	mono_error_set_pending_exception (&error);
 }
 void
 ves_icall_System_Security_SecureString_EncryptInternal (MonoArray* data, MonoObject *scope)
 {
-	invoke_protected_memory_method (data, scope, TRUE);
+	MonoError error;
+	invoke_protected_memory_method (data, scope, TRUE, &error);
+	mono_error_set_pending_exception (&error);
 }
 
-void invoke_protected_memory_method (MonoArray *data, MonoObject *scope, gboolean encrypt)
+void invoke_protected_memory_method (MonoArray *data, MonoObject *scope, gboolean encrypt, MonoError *error)
 {
-	MonoError error;
 	MonoClass *klass;
 	MonoMethod *method;
 	void *params [2];
 
+	mono_error_init (error);
+	
 	if (system_security_assembly == NULL) {
 		system_security_assembly = mono_image_loaded ("System.Security");
 		if (!system_security_assembly) {
@@ -962,6 +979,5 @@ void invoke_protected_memory_method (MonoArray *data, MonoObject *scope, gboolea
 	params [0] = data;
 	params [1] = scope; /* MemoryProtectionScope.SameProcess */
 
-	mono_runtime_invoke_checked (method, NULL, params, &error);
-	mono_error_raise_exception (&error); /* FIXME don't raise here */
+	mono_runtime_invoke_checked (method, NULL, params, error);
 }