[PATCH] Move getProcessOwner to util and use it to skip the current user in locate other hives
Wald Commits
scm-commit at wald.intevation.org
Fri Jun 27 10:27:14 CEST 2014
# HG changeset patch
# User Andre Heinecke <andre.heinecke at intevation.de>
# Date 1403857628 -7200
# Node ID 1753706342269696e121a359b28e7645e9c95ee6
# Parent 7147550ee15d5ce9ea275d2918770ce5c2e0958a
Move getProcessOwner to util and use it to skip the current user in locate other hives
diff -r 7147550ee15d -r 175370634226 cinst/nssstore_win.c
--- a/cinst/nssstore_win.c Thu Jun 26 17:42:52 2014 +0200
+++ b/cinst/nssstore_win.c Fri Jun 27 10:27:08 2014 +0200
@@ -39,6 +39,7 @@
*/
#include <windows.h>
+#include <sddl.h>
#include <stdio.h>
#include <stdbool.h>
#include <userenv.h>
@@ -164,9 +165,11 @@
a registry key is limited to 255 characters. But according to
http://www.sepago.de/e/holger/2010/07/20/how-long-can-a-registry-key-name-really-be
the actual limit is 256 + \0 thus we create a buffer for 257 wchar_t's*/
- wchar_t key_name[257];
+ wchar_t key_name[257],
+ *current_user_sid = NULL;
char **retval = NULL;
bool error = true;
+ PSID current_user = NULL;
ret = RegOpenKeyExW (HKEY_LOCAL_MACHINE, PROFILE_LIST, 0,
KEY_READ, &profile_list);
@@ -176,6 +179,22 @@
return NULL;
}
+
+ /* Obtain the current user sid to prevent it from being returned. */
+ current_user = get_process_owner (GetCurrentProcess());
+
+ if (!current_user)
+ {
+ ERRORPRINTF ("Failed to get the current user.");
+ goto done;
+ }
+
+ if (!ConvertSidToStringSidW (current_user, ¤t_user_sid))
+ {
+ PRINTLASTERROR ("Failed to convert sid to string.");
+ goto done;
+ }
+
while ((ret = RegEnumKeyExW (profile_list, index++,
key_name, &key_len,
NULL, NULL, NULL, NULL)) == ERROR_SUCCESS)
@@ -185,16 +204,19 @@
ERRORPRINTF ("Registry key too long.");
goto done;
}
- DEBUGPRINTF ("Key : %S", key_name);
/* Reset key_len to buffer size */
key_len = 257;
- if (wcsncmp (L"S-1-5-21-", key_name, 9) != 0)
+ if (wcsncmp (L"S-1-5-21-", key_name, 9) != 0 ||
+ wcscmp (current_user_sid, key_name) == 0)
{
- /* S-1-5-21 is the well known prefix for local users. Skip all others */
+ /* S-1-5-21 is the well known prefix for local users. Skip all
+ others and the current user*/
continue;
}
+
+ DEBUGPRINTF ("Key : %S", key_name);
}
if (ret != ERROR_NO_MORE_ITEMS)
@@ -204,8 +226,15 @@
}
done:
+ xfree (current_user);
+
RegCloseKey (profile_list);
+ if (current_user_sid)
+ {
+ LocalFree (current_user_sid);
+ }
+
if (error)
{
strv_free (retval);
diff -r 7147550ee15d -r 175370634226 common/util.c
--- a/common/util.c Thu Jun 26 17:42:52 2014 +0200
+++ b/common/util.c Fri Jun 27 10:27:08 2014 +0200
@@ -19,6 +19,55 @@
#include <windows.h>
#endif
+static PSID
+copy_sid(PSID from)
+{
+ if (!from)
+ {
+ return 0;
+ }
+
+ DWORD sidLength = GetLengthSid(from);
+ PSID to = (PSID) xmalloc(sidLength);
+ CopySid(sidLength, to, from);
+ return to;
+}
+
+
+PSID
+get_process_owner(HANDLE hProcess)
+{
+ HANDLE hToken = NULL;
+ PSID sid;
+
+ if (hProcess == NULL)
+ {
+ ERRORPRINTF ("invalid call to get_process_owner");
+ return NULL;
+ }
+
+ OpenProcessToken(hProcess, TOKEN_READ, &hToken);
+ if (hToken)
+ {
+ DWORD size = 0;
+ PTOKEN_USER userStruct;
+
+ // check how much space is needed
+ GetTokenInformation(hToken, TokenUser, NULL, 0, &size);
+ if (ERROR_INSUFFICIENT_BUFFER == GetLastError())
+ {
+ userStruct = (PTOKEN_USER) xmalloc (size);
+ GetTokenInformation(hToken, TokenUser, userStruct, size, &size);
+
+ sid = copy_sid(userStruct->User.Sid);
+ CloseHandle(hToken);
+ xfree (userStruct);
+ return sid;
+ }
+ }
+ return NULL;
+}
+
bool
is_elevated()
{
diff -r 7147550ee15d -r 175370634226 common/util.h
--- a/common/util.h Thu Jun 26 17:42:52 2014 +0200
+++ b/common/util.h Fri Jun 27 10:27:08 2014 +0200
@@ -12,6 +12,11 @@
*/
#include <stdbool.h>
+#ifdef WIN32
+#include <windows.h>
+#include <psapi.h>
+#endif
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -33,6 +38,21 @@
*/
bool is_admin();
+#ifdef WIN32
+/**@brief Get a copy of the processes owner sid
+ *
+ * Copy the SID of the owner of the process hProcess.
+ *
+ * The returned sid structure has to be freed with free by the caller
+ *
+ * @param[in] hProcess A handle to the process whose user should be obtained.
+ * The process must have the PROCESS_QUERY_INFORMATION access permission.
+ *
+ * @returns A copy of the process owners sid or NULL on error.
+ */
+PSID get_process_owner(HANDLE hProcess);
+#endif
+
#ifdef __cplusplus
}
#endif
diff -r 7147550ee15d -r 175370634226 ui/processhelp_win.cpp
--- a/ui/processhelp_win.cpp Thu Jun 26 17:42:52 2014 +0200
+++ b/ui/processhelp_win.cpp Fri Jun 27 10:27:08 2014 +0200
@@ -8,6 +8,7 @@
#ifdef WIN32
#include "processhelp.h"
#include "strhelp.h"
+#include "util.h"
#include <windows.h>
#include <tlhelp32.h>
@@ -22,43 +23,6 @@
HWND windowId;
};
-PSID copySid(PSID from)
-{
- if (!from) {
- return 0;
- }
-
- int sidLength = GetLengthSid(from);
- PSID to = (PSID) xmalloc(sidLength);
- CopySid(sidLength, to, from);
- return to;
-}
-
-static PSID getProcessOwner(HANDLE hProcess)
-{
- HANDLE hToken = NULL;
- PSID sid;
-
- OpenProcessToken(hProcess, TOKEN_READ, &hToken);
- if (hToken) {
- DWORD size;
- PTOKEN_USER userStruct;
-
- // check how much space is needed
- GetTokenInformation(hToken, TokenUser, NULL, 0, &size);
- if (ERROR_INSUFFICIENT_BUFFER == GetLastError()) {
- userStruct = reinterpret_cast<PTOKEN_USER>(new BYTE[size]);
- GetTokenInformation(hToken, TokenUser, userStruct, size, &size);
-
- sid = copySid(userStruct->User.Sid);
- CloseHandle(hToken);
- delete [] userStruct;
- return sid;
- }
- }
- return 0;
-}
-
BOOL CALLBACK EnumWindowsProc(HWND hwnd, LPARAM lParam)
{
if (GetWindowLong(hwnd, GWL_STYLE) & WS_VISIBLE) {
@@ -74,7 +38,6 @@
return TRUE;
}
-
static HANDLE getProcessHandle(int processID)
{
return OpenProcess(SYNCHRONIZE |
@@ -108,7 +71,7 @@
do {
const QString exeFile = QString::fromWCharArray(pe32.szExeFile).toLower();
if (exeFile == processNameLower || exeFile == processNameExe) {
- PSID user_sid = getProcessOwner(GetCurrentProcess());
+ PSID user_sid = get_process_owner(GetCurrentProcess());
if (user_sid) {
// Also check that we are the owner of that process
HANDLE hProcess = getProcessHandle(pe32.th32ProcessID);
@@ -116,8 +79,8 @@
continue;
}
- PSID sid = getProcessOwner(hProcess);
- PSID userSid = getProcessOwner(GetCurrentProcess());
+ PSID sid = get_process_owner(hProcess);
+ PSID userSid = get_process_owner(GetCurrentProcess());
if (!sid || (userSid && !EqualSid(userSid, sid))) {
free(sid);
continue;
More information about the Trustbridge-commits
mailing list