windows-nt/Source/XPSP1/NT/base/fs/utils/openfiles/processowner.cpp

238 lines
6 KiB
C++
Raw Permalink Normal View History

2020-09-26 03:20:57 -05:00
/******************************************************************************
Copyright (C) Microsoft Corporation
Module Name:
ProcessOwner.CPP
Abstract:
This module deals with Query functionality of OpenFiles.exe
NT command line utility.
Author:
Akhil Gokhale (akhil.gokhale@wipro.com) 25-APRIL-2000
Revision History:
Akhil Gokhale (akhil.gokhale@wipro.com) 25-APRIL-2000 : Created It.
*****************************************************************************/
#include "pch.h"
#include "OpenFiles.h"
#define SAFE_CLOSE_HANDLE(hHandle) \
if(hHandle!=NULL) \
{\
CloseHandle(hHandle);\
hHandle = NULL;\
}\
1
#define SAFE_FREE_GLOBAL_ALLOC(block) \
if(block!=NULL)\
{\
delete block;\
block = NULL;\
}\
1
#define SAFE_FREE_ARRAY(arr) \
if(arr != NULL)\
{\
delete [] arr;\
arr = NULL;\
}\
1
/*****************************************************************************
Routine Description:
Arguments:
result.
Return Value:
******************************************************************************/
BOOL GetProcessOwner(LPTSTR pszUserName,DWORD hFile)
{
DWORD dwRtnCode = 0;
PSID pSidOwner;
BOOL bRtnBool = TRUE;
LPTSTR DomainName = NULL,AcctName = NULL;
DWORD dwAcctName = 1, dwDomainName = 1;
SID_NAME_USE eUse = SidTypeUnknown;
PSECURITY_DESCRIPTOR pSD=0;
HANDLE hHandle = GetCurrentProcess();
HANDLE hDynHandle = NULL;
HANDLE hDynToken = NULL;
LUID luidValue;
BOOL bResult = FALSE;
HANDLE hToken = NULL;
TOKEN_PRIVILEGES tkp;
bResult = OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES|TOKEN_QUERY,&hToken);
if(bResult == FALSE)
{
return FALSE;
}
bResult = LookupPrivilegeValue(NULL,SE_SECURITY_NAME,&luidValue );
if(bResult == FALSE)
{
SAFE_CLOSE_HANDLE(hToken);
return FALSE;
}
// Prepare the token privilege structure
tkp.PrivilegeCount = 0;
tkp.Privileges[0].Luid = luidValue;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED|SE_PRIVILEGE_USED_FOR_ACCESS;
// Now enable the debug privileges in token
bResult = AdjustTokenPrivileges(hToken,FALSE,&tkp,sizeof(TOKEN_PRIVILEGES),(PTOKEN_PRIVILEGES)NULL,
(PDWORD)NULL);
if(bResult == FALSE)
{
SAFE_CLOSE_HANDLE(hToken);
return FALSE;
}
hDynHandle = OpenProcess(PROCESS_QUERY_INFORMATION,FALSE,hFile);; // Here you can give any valid process ids..
if(hDynHandle == NULL)
{
return FALSE;
}
bResult = OpenProcessToken(hDynHandle,TOKEN_QUERY,&hDynToken);
if(bResult == FALSE)
{
SAFE_CLOSE_HANDLE(hDynHandle);
return FALSE;
}
TOKEN_USER * pUser = NULL;
DWORD cb = 0;
// determine size of the buffer needed to receive all information
if (!GetTokenInformation(hToken, TokenUser, NULL, 0, &cb))
{
if (GetLastError() != ERROR_INSUFFICIENT_BUFFER)
{
SAFE_CLOSE_HANDLE(hDynHandle);
SAFE_CLOSE_HANDLE(hDynToken);
return FALSE;
}
}
pUser = (TOKEN_USER *)_alloca(cb);
if(pUser==NULL)
{
SAFE_CLOSE_HANDLE(hDynHandle);
SAFE_CLOSE_HANDLE(hDynToken);
return FALSE;
}
if (!GetTokenInformation(hDynToken, TokenUser, pUser, cb, &cb))
{
SAFE_CLOSE_HANDLE(hDynHandle);
SAFE_CLOSE_HANDLE(hDynToken);
return FALSE;
}
PSID pSid = pUser->User.Sid;
// Allocate memory for the SID structure.
pSidOwner = new SID;
// Allocate memory for the security descriptor structure.
pSD = new SECURITY_DESCRIPTOR;
if(pSidOwner==NULL ||pSD == NULL)
{
SAFE_CLOSE_HANDLE(hDynHandle);
SAFE_CLOSE_HANDLE(hDynToken);
SAFE_FREE_GLOBAL_ALLOC(pSD);
SAFE_FREE_GLOBAL_ALLOC(pSidOwner);
return FALSE;
}
// First call to LookupAccountSid to get the buffer sizes.
bRtnBool = LookupAccountSid(
NULL, // local computer
pUser->User.Sid,
NULL, // AcctName
(LPDWORD)&dwAcctName,
NULL, // DomainName
(LPDWORD)&dwDomainName,
&eUse);
AcctName = new TCHAR[dwAcctName+1];
DomainName = new TCHAR[dwDomainName+1];
if(AcctName==NULL || DomainName==NULL)
{
SAFE_FREE_ARRAY(AcctName);
SAFE_FREE_ARRAY(DomainName);
return FALSE;
}
// Second call to LookupAccountSid to get the account name.
bRtnBool = LookupAccountSid(
NULL, // name of local or remote computer
pUser->User.Sid, // security identifier
AcctName, // account name buffer
(LPDWORD)&dwAcctName, // size of account name buffer
DomainName, // domain name
(LPDWORD)&dwDomainName, // size of domain name buffer
&eUse); // SID type
SAFE_CLOSE_HANDLE(hDynHandle);
SAFE_CLOSE_HANDLE(hDynToken);
SAFE_FREE_GLOBAL_ALLOC(pSD);
SAFE_FREE_GLOBAL_ALLOC(pSidOwner);
// Check GetLastError for LookupAccountSid error condition.
if (bRtnBool == FALSE)
{
SAFE_FREE_ARRAY(AcctName);
SAFE_FREE_ARRAY(DomainName);
return FALSE;
} else
{
if(lstrcmpi(DomainName,_T("NT AUTHORITY"))==0)
{
SAFE_FREE_ARRAY(AcctName);
SAFE_FREE_ARRAY(DomainName);
return FALSE;
}
else
{
lstrcpy(pszUserName,AcctName);
SAFE_FREE_ARRAY(AcctName);
SAFE_FREE_ARRAY(DomainName);
return TRUE;
}
}
SAFE_FREE_ARRAY(AcctName);
SAFE_FREE_ARRAY(DomainName);
SAFE_CLOSE_HANDLE(hDynHandle);
SAFE_CLOSE_HANDLE(hDynToken);
SAFE_FREE_GLOBAL_ALLOC(pSD);
SAFE_FREE_GLOBAL_ALLOC(pSidOwner);
return FALSE;
}