advapi32: Handle fully qualified account names for well known sids in LookupAccountName.

2024-11-05 18:01:34 +00:00 · 2009-03-31 09:00:11 -05:00 · 2009-03-31 09:00:11 -05:00 · 9d9a684ef6
commit 9d9a684ef6
parent b540d57c39
2 changed files with 22 additions and 2 deletions
--- a/dlls/advapi32/security.c
+++ b/dlls/advapi32/security.c
@ -2651,6 +2651,8 @@ BOOL WINAPI LookupAccountNameW( LPCWSTR lpSystemName, LPCWSTR lpAccountName, PSI
    DWORD nameLen;
    LPWSTR userName = NULL;
    LPCWSTR domainName;
+    LPCWSTR lpAccountNamePtr;
+    LPCWSTR lpDomainNamePtr = NULL;

    FIXME("%s %s %p %p %p %p %p - stub\n", debugstr_w(lpSystemName), debugstr_w(lpAccountName),
          Sid, cbSid, ReferencedDomainName, cchReferencedDomainName, peUse);
@ -2667,11 +2669,22 @@ BOOL WINAPI LookupAccountNameW( LPCWSTR lpSystemName, LPCWSTR lpAccountName, PSI
    }

    /* Check well known SIDs first */
+    if ((lpAccountNamePtr = strrchrW(lpAccountName,'\\')))
+    {
+        lpAccountNamePtr++;
+        lpDomainNamePtr = lpAccountName;
+    }
+    else
+        lpAccountNamePtr = lpAccountName;

    for (i = 0; i < (sizeof(ACCOUNT_SIDS) / sizeof(ACCOUNT_SIDS[0])); i++)
    {
-        if (!strcmpiW(lpAccountName, ACCOUNT_SIDS[i].account) ||
-            (ACCOUNT_SIDS[i].alias && !strcmpiW(lpAccountName, ACCOUNT_SIDS[i].alias)))
+        /* check domain first */
+        if (lpDomainNamePtr && (strncmpiW(lpDomainNamePtr, ACCOUNT_SIDS[i].domain, strlenW(ACCOUNT_SIDS[i].domain)) || lpDomainNamePtr[strlenW(ACCOUNT_SIDS[i].domain)]!='\\'))
+            continue;
+
+        if (!strcmpiW(lpAccountNamePtr, ACCOUNT_SIDS[i].account) ||
+            (ACCOUNT_SIDS[i].alias && !strcmpiW(lpAccountNamePtr, ACCOUNT_SIDS[i].alias)))
        {
            DWORD sidLen = SECURITY_MAX_SID_SIZE;

--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@ -1982,6 +1982,13 @@ static void test_LookupAccountName(void)

    /* case insensitivity */
    check_wellknown_name("lOCAlServICE", WinLocalServiceSid);
+
+    /* fully qualified account names */
+    check_wellknown_name("NT AUTHORITY\\LocalService", WinLocalServiceSid);
+    check_wellknown_name("nt authority\\Network Service", WinNetworkServiceSid);
+    check_wellknown_name("nt authority test\\Network Service", 0);
+    check_wellknown_name("Dummy\\Network Service", 0);
+    check_wellknown_name("ntauthority\\Network Service", 0);
 }

 static void test_security_descriptor(void)