public void PathsRow_ExpandedPath() { var ruleset = new Ruleset(); var PathRow = ruleset.Paths.AddPathsRow("%windir%\\testpath.txt"); Assert.AreEqual(1, PathRow.ExpandedPaths.Length); Assert.AreEqual(PathRow.ExpandedPaths[0], AdvEnvironment.ExpandEnvironmentVariables("%windir%\\testpath.txt")); }
private static string[] ExpandFSPaths(Ruleset.PathsRow path) { var Result = new List <string>(); if (!AdvRegistry.IsRegistryPath(path.Path)) { Result.Add(AdvEnvironment.ExpandEnvironmentVariables(path.Path)); } return(Result.ToArray()); }
public void FilterSendMessage_AddExpandPaths() { var c = new COMMAND { CommandType = COMMAND_TYPE.ADD, ID = 1, Path = "%windir%\\testfile.txt" }; uint returnedBytes; stub.FilterSendMessage(IntPtr.Zero, ref c, 0, IntPtr.Zero, 0, out returnedBytes); var expectedPath = AdvEnvironment.ExpandEnvironmentVariables("%windir%\\testfile.txt").ToUpper(); Assert.IsTrue(stub.Paths.ContainsKey(expectedPath)); }
public void AddEqualPathWillNotAddSamePath() { // Arrange var expectedPath = AdvEnvironment.ExpandEnvironmentVariables("%WINDIR%\\TEST.txt").ToUpper(); core.Start(ruleset, serviceInterface, null); core.Ruleset.Paths.AddPathsRow("%WINDIR%\\TEST.txt"); core.Ruleset.Paths.AddPathsRow("%SystemRoot%\\TEST.txt"); Assert.AreEqual(1, fltLib.Paths.Count); Assert.IsTrue(fltLib.Paths.ContainsKey(expectedPath)); }
public void AddRelativePath() { // Arrange core.Start(ruleset, serviceInterface, null); // Act var ExpectedPath = "%windir%\\mytestpath.txt"; var ExpectedPathID = (uint)core.Ruleset.Paths.AddPathsRow(ExpectedPath).ID; // Assert ExpectedPath = AdvEnvironment.ExpandEnvironmentVariables(ExpectedPath).ToUpper(); Assert.AreEqual(ExpectedPathID, fltLib.Paths[ExpectedPath]); }
public void Paths_ExpandedPath_HKCU() { var ExpectedList = new List <string>(); foreach (var sid in AdvEnvironment.GetAllUserSIDs()) { ExpectedList.Add(@"\REGISTRY\USER\" + sid + @"\Software"); } var TestRow = new Ruleset().Paths.AddPathsRow("123"); TestRow.Path = @"HKCU\Software"; CollectionAssert.AreEquivalent(ExpectedList, TestRow.ExpandedPaths); TestRow.Path = @"HKEY_CURRENT_USER\Software"; CollectionAssert.AreEquivalent(ExpectedList, TestRow.ExpandedPaths); }
public void EditRelativePath() { // Arrange core.Start(ruleset, serviceInterface, null); var ExpectedPath = "%tmp%\\mytestpath.txt"; var ExpectedPathID = core.Ruleset.Paths.AddPathsRow(ExpectedPath).ID; // Act var NewExpectedPath = "%windir%\\newpath.txt"; core.Ruleset.Paths[ExpectedPathID].Path = NewExpectedPath; // Assert NewExpectedPath = AdvEnvironment.ExpandEnvironmentVariables(NewExpectedPath).ToUpper(); Assert.AreEqual((uint)ExpectedPathID, fltLib.Paths[NewExpectedPath]); }
public void Start_MustAddPathsToDriver_IncludingRelative() { // Arange var AbsolutePath = "C:\\absolute_filesys_path.txt".ToUpper(); var AbsolutePathID = (uint)ruleset.Paths.AddPathsRow(AbsolutePath).ID; var RelativePath = "%windir%\\relative_filesys_path.txt"; var RelativePathID = (uint)ruleset.Paths.AddPathsRow(RelativePath).ID; // Act core.Start(ruleset, serviceInterface, null); // Assert var ExpandedPath = AdvEnvironment.ExpandEnvironmentVariables(RelativePath).ToUpper(); Assert.AreEqual(AbsolutePathID, fltLib.Paths[AbsolutePath]); Assert.AreEqual(RelativePathID, fltLib.Paths[ExpandedPath]); }
public override int FilterSendMessage(IntPtr hPort, ref COMMAND lpInBuffer, uint dwInBufferSize, IntPtr lpOutBuffer, uint dwOutBufferSize, out uint lpBytesReturned) { if (lpInBuffer.CommandType == COMMAND_TYPE.ADD) { // Original FilterSendMessage returns this HRESULT when adding equal objects. if (Paths.ContainsKey(AdvEnvironment.ExpandEnvironmentVariables(lpInBuffer.Path).ToUpper())) { lpBytesReturned = 0; unchecked { return((int)0xC000022B); //NT_STATUS_DUPLICATE_OBJECTID } } Paths.Add(AdvEnvironment.ExpandEnvironmentVariables(lpInBuffer.Path).ToUpper(), lpInBuffer.ID); } else { var ToDelete = new List <string>(); foreach (var key in Paths.Keys) { if (lpInBuffer.ID == Paths[key]) { ToDelete.Add(key); } } unchecked { if (ToDelete.Count == 0) { throw new COMException("(Exception from HRESULT: 0x80070490)", (int)0x80070490); } } foreach (var key in ToDelete) { Paths.Remove(key); } } lpBytesReturned = 0; return(FilterSendMessageReturnCode); }