Warning C6248
Setting a SECURITY_DESCRIPTOR's DACL to NULL will result in an unprotected object.
Remarks
If the DACL that belongs to the security descriptor of an object is set to NULL, a null DACL is created. A null DACL grants full access to any user who requests it; normal security checking isn't performed with respect to the object. A null DACL shouldn't be confused with an empty DACL. An empty DACL is a properly allocated and initialized DACL that contains no ACEs. An empty DACL grants no access to the object it's assigned to. Objects that have null DACLs can have their security descriptors altered by malicious users, making it so that no one has access to the object. Even in a situation where everyone needs access to an object, only administrators should be able to alter that object's security. If only the creator needs access to an object, a DACL shouldn't be set on the object; the system will choose an appropriate default.
Code analysis name: CREATINGNULLDACL
Example
The following code generates this warning because a null DACL is passed to the SetSecurityDescriptorDacl
function:
#include <windows.h>
void f( PSECURITY_DESCRIPTOR pSecurityDescriptor )
{
if (SetSecurityDescriptorDacl(pSecurityDescriptor,
TRUE, // Dacl Present
NULL, // NULL pointer to DACL
FALSE)) // Defaulted
{
// Dacl is now applied to an object
}
}
To see a complete example on how to create security descriptor, see Creating a Security Descriptor for a New Object in C++. For more information on creating DACLs, see Creating a DACL.