Site feedback

RLWA32-6355 avatar image
0 Votes"
RLWA32-6355 Posted ·

Code formatting corrupted after question edited to add a tag

I asked a question here kernel-object-security-descriptor-with-null-dacl.html and included sample code. When the question was first posted, the code was properly formatted and displayed. Shortly afterwards I edited the post to add a tag. The body of the question was untouched and unchanged by me during the edit. When I saved the changes I noticed that the code formatting had been corrupted.

Is this a known problem and if so, is it going to be addressed?


qna-feedback
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick Posted ·

Is this a known problem

Was it a one off? or can you freely replicate it? I just tried it using your same code block and nothing out of the ordinary happened.








· 1
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

As you can see below, the problem is not a one-off.

0 Votes 0 · ·
RLWA32-6355 avatar image
0 Votes"
RLWA32-6355 Posted ·

The formatting of the code block currently contained in the referenced post has already been corrupted.

This is the code (copy and paste from Visual Studio) as it first appeared in the initial post.

 #define WIN32_LEAN_AND_MEAN
 #include <Windows.h>
 #include <AclAPI.h>
 #include <sddl.h>
    
 #include <stdio.h>
 #include <tchar.h>
    
 void PrintDefaultDACL();
 void PrintDACL(HANDLE h);
    
 int main()
 {
     _tprintf(_T("\nPrint Default DACL from process token\n"));
     PrintDefaultDACL();
        
     // Named event receives default security descriptor base on primary or impersonation token
     _tprintf(_T("\nPrint DACL for named kernel object\n"));
     HANDLE h1 = CreateEvent(nullptr, FALSE, FALSE, _T("Test"));
     PrintDACL(h1);
     CloseHandle(h1);
    
     // Unnamed event receives security descriptor with a NULL DACL
     _tprintf(_T("\nPrint DACL for unnamed kernel object\n"));
     HANDLE h2 = CreateEvent(nullptr, FALSE, FALSE, nullptr);
     PrintDACL(h2);
     CloseHandle(h2);
    
     return 0;
 }
    
 void PrintDefaultDACL()
 {
     HANDLE hToken = NULL;
    
     if (OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken))
     {
         DWORD dwBytes = 0;
         PTOKEN_DEFAULT_DACL pDefaultDacl = nullptr;
         if (!GetTokenInformation(hToken, TokenDefaultDacl, pDefaultDacl, 0, &dwBytes) && GetLastError() == ERROR_INSUFFICIENT_BUFFER)
         {
             pDefaultDacl = (PTOKEN_DEFAULT_DACL)LocalAlloc(LPTR, dwBytes);
             if (GetTokenInformation(hToken, TokenDefaultDacl, pDefaultDacl, dwBytes, &dwBytes))
             {
                 PSECURITY_DESCRIPTOR pSD = LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH);
                 if (InitializeSecurityDescriptor(pSD, SECURITY_DESCRIPTOR_REVISION))
                 {
                     if (SetSecurityDescriptorDacl(pSD, TRUE, pDefaultDacl->DefaultDacl, FALSE))
                     {
                         LPTSTR pszSD = nullptr;
                         ULONG uLen = 0;
                         if (ConvertSecurityDescriptorToStringSecurityDescriptor(pSD, SDDL_REVISION_1, DACL_SECURITY_INFORMATION, &pszSD, &uLen))
                         {
                             _tprintf_s(_T("%s\n"), pszSD);
                             LocalFree(pszSD);
                         }
                     }
                 }
                 LocalFree(pSD);
             }
             LocalFree(pDefaultDacl);
         }
         CloseHandle(hToken);
     }
 }
    
 void PrintDACL(HANDLE h)
 {
     PSECURITY_DESCRIPTOR pSD = nullptr;
     PACL pDacl = nullptr;
     if (GetSecurityInfo(h, SE_KERNEL_OBJECT, DACL_SECURITY_INFORMATION, nullptr, nullptr, &pDacl, nullptr, &pSD) == ERROR_SUCCESS)
     {
         LPTSTR pszSD = nullptr;
         ULONG ulen = 0;
         _tprintf_s(_T("Pointer to DACL in security descriptor is 0x%p\n"), pDacl);
         if (ConvertSecurityDescriptorToStringSecurityDescriptor(pSD, SDDL_REVISION_1, DACL_SECURITY_INFORMATION, &pszSD, &ulen))
         {
             _tprintf_s(_T("DACL: %s\n"), pszSD);
             LocalFree(pszSD);
         }
         LocalFree(pSD);
     }
 }

Note that every line is NOT collapsed to the left margin.

10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

RLWA32-6355 avatar image
0 Votes"
RLWA32-6355 Posted ·

And now I'm going to copy and past the same code and then re-open this post for editing and then save it.

 #define WIN32_LEAN_AND_MEAN
 #include <Windows.h>
 #include <AclAPI.h>
 #include <sddl.h>
    
 #include <stdio.h>
 #include <tchar.h>
    
 void PrintDefaultDACL();
 void PrintDACL(HANDLE h);
    
 int main()
 {
  _tprintf(_T("\nPrint Default DACL from process token\n"));
  PrintDefaultDACL();
    
  // Named event receives default security descriptor base on primary or impersonation token
  _tprintf(_T("\nPrint DACL for named kernel object\n"));
  HANDLE h1 = CreateEvent(nullptr, FALSE, FALSE, _T("Test"));
  PrintDACL(h1);
  CloseHandle(h1);
    
  // Unnamed event receives security descriptor with a NULL DACL
  _tprintf(_T("\nPrint DACL for unnamed kernel object\n"));
  HANDLE h2 = CreateEvent(nullptr, FALSE, FALSE, nullptr);
  PrintDACL(h2);
  CloseHandle(h2);
    
  return 0;
 }
    
 void PrintDefaultDACL()
 {
  HANDLE hToken = NULL;
    
  if (OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken))
  {
  DWORD dwBytes = 0;
  PTOKEN_DEFAULT_DACL pDefaultDacl = nullptr;
  if (!GetTokenInformation(hToken, TokenDefaultDacl, pDefaultDacl, 0, &dwBytes) && GetLastError() == ERROR_INSUFFICIENT_BUFFER)
  {
  pDefaultDacl = (PTOKEN_DEFAULT_DACL)LocalAlloc(LPTR, dwBytes);
  if (GetTokenInformation(hToken, TokenDefaultDacl, pDefaultDacl, dwBytes, &dwBytes))
  {
  PSECURITY_DESCRIPTOR pSD = LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH);
  if (InitializeSecurityDescriptor(pSD, SECURITY_DESCRIPTOR_REVISION))
  {
  if (SetSecurityDescriptorDacl(pSD, TRUE, pDefaultDacl->DefaultDacl, FALSE))
  {
  LPTSTR pszSD = nullptr;
  ULONG uLen = 0;
  if (ConvertSecurityDescriptorToStringSecurityDescriptor(pSD, SDDL_REVISION_1, DACL_SECURITY_INFORMATION, &pszSD, &uLen))
  {
  _tprintf_s(_T("%s\n"), pszSD);
  LocalFree(pszSD);
  }
  }
  }
  LocalFree(pSD);
  }
  LocalFree(pDefaultDacl);
  }
  CloseHandle(hToken);
  }
 }
    
 void PrintDACL(HANDLE h)
 {
  PSECURITY_DESCRIPTOR pSD = nullptr;
  PACL pDacl = nullptr;
  if (GetSecurityInfo(h, SE_KERNEL_OBJECT, DACL_SECURITY_INFORMATION, nullptr, nullptr, &pDacl, nullptr, &pSD) == ERROR_SUCCESS)
  {
  LPTSTR pszSD = nullptr;
  ULONG ulen = 0;
  _tprintf_s(_T("Pointer to DACL in security descriptor is 0x%p\n"), pDacl);
  if (ConvertSecurityDescriptorToStringSecurityDescriptor(pSD, SDDL_REVISION_1, DACL_SECURITY_INFORMATION, &pszSD, &ulen))
  {
  _tprintf_s(_T("DACL: %s\n"), pszSD);
  LocalFree(pszSD);
  }
  LocalFree(pSD);
  }
 }
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick Posted ·

Ok, got it. At first you mentioned it happens if editing the tag, but later mentioned editing the post body. Is it both?


· 1
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I didn't change a tag on the second post.

I also didn't change the body of the post or the code block.

I just re-opened the post for editing (same thing I did when adding a tag in the original thread) and then immediately saved it -- no changes were made by me.

0 Votes 0 · ·
DSPatrick avatar image
0 Votes"
DSPatrick Posted ·

Shortly afterwards I edited the post to add a tag.

Was this retagging or something else?

then re-open this post for editing and then save it

this one is self explanatory









10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Your Opinion Counts

Share your feedback, or help out by voting for other people's feedback.