From c31c7463e896b0f9c564cfa9123b193cea4c27e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= Date: Wed, 12 Sep 2012 09:36:21 +0200 Subject: [PATCH] Allowed SACLs to to not have any ACE Accept security descriptors in which the SACL is present though it does not contain any ACE. Such security descriptors have been found in Windows installation files. --- libntfs-3g/acls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libntfs-3g/acls.c b/libntfs-3g/acls.c index 3ac4d66a..310a2516 100644 --- a/libntfs-3g/acls.c +++ b/libntfs-3g/acls.c @@ -642,7 +642,7 @@ BOOL ntfs_valid_descr(const char *securattr, unsigned int attrsz) && (offdacl+sizeof(ACL) < attrsz))) && (!offsacl || ((offsacl >= sizeof(SECURITY_DESCRIPTOR_RELATIVE)) - && (offsacl+sizeof(ACL) < attrsz))) + && (offsacl+sizeof(ACL) <= attrsz))) && !(phead->owner & const_cpu_to_le32(3)) && !(phead->group & const_cpu_to_le32(3)) && !(phead->dacl & const_cpu_to_le32(3))