public void Write(byte[] buffer, int offset, int count, bool processSecurity)
{
if (buffer == null)
{
throw new ArgumentNullException("buffer");
}
if (offset < 0)
{
throw new ArgumentOutOfRangeException("offset", Resources.OffsetMustNotBeNegative);
}
if (count < 0)
{
throw new ArgumentOutOfRangeException("count", Resources.CountMustNotBeNegative);
}
if (offset + count > buffer.Length)
{
throw new ArgumentException(Resources.BufferIsNotLargeEnoughForTheRequestedOperation);
}
using (SafeGlobalMemoryBufferHandle hBuf = new SafeGlobalMemoryBufferHandle(count))
{
hBuf.CopyFrom(buffer, offset, count);
uint bytesWritten;
if (!NativeMethods.BackupWrite(mFileHandle, hBuf, (uint)hBuf.Capacity, out bytesWritten, false, processSecurity, ref mContext))
{
NativeError.ThrowException();
}
}
}
public void Write(byte[] buffer, int offset, int count, bool processSecurity)
{
if (buffer == null)
{
throw new ArgumentNullException("buffer");
}
if (offset < 0)
{
throw new ArgumentOutOfRangeException("offset", offset, Resources.Negative_Offset);
}
if (count < 0)
{
throw new ArgumentOutOfRangeException("count", count, Resources.Negative_Count);
}
if (offset + count > buffer.Length)
{
throw new ArgumentException(Resources.Buffer_Not_Large_Enough);
}
using (var safeBuffer = new SafeGlobalMemoryBufferHandle(count))
{
safeBuffer.CopyFrom(buffer, offset, count);
uint bytesWritten;
if (!NativeMethods.BackupWrite(SafeFileHandle, safeBuffer, (uint)safeBuffer.Capacity, out bytesWritten, false, processSecurity, ref _context))
{
NativeError.ThrowException(Marshal.GetLastWin32Error());
}
}
}
/// <summary>
/// Initializes the SecurityAttributes structure from an instance of <see cref="ObjectSecurity"/>.
/// </summary>
/// <param name="memoryHandle">A handle that will refer to the memory allocated by this object for storage of the
/// security descriptor. As long as this object is used, the memory handle should be kept alive, and afterwards it
/// should be disposed as soon as possible.</param>
/// <param name="securityDescriptor">The security descriptor to assign to this object. This parameter may be <see langword="null"/>.</param>
public void Initialize(out SafeGlobalMemoryBufferHandle memoryHandle, ObjectSecurity securityDescriptor)
{
nLength = (uint)Marshal.SizeOf(this);
if (securityDescriptor == null)
{
memoryHandle = new SafeGlobalMemoryBufferHandle();
}
else
{
byte[] src = securityDescriptor.GetSecurityDescriptorBinaryForm();
memoryHandle = new SafeGlobalMemoryBufferHandle(src.Length);
memoryHandle.CopyFrom(src, 0, src.Length);
}
bInheritHandle = 0;
}
private static SafeGlobalMemoryBufferHandle ToUnmanagedSecurityAttributes(ObjectSecurity securityDescriptor)
{
if (securityDescriptor == null)
return new SafeGlobalMemoryBufferHandle();
byte[] src = securityDescriptor.GetSecurityDescriptorBinaryForm();
var safeBuffer = new SafeGlobalMemoryBufferHandle(src.Length);
try
{
safeBuffer.CopyFrom(src, 0, src.Length);
return safeBuffer;
}
catch
{
safeBuffer.Close();
throw;
}
}
private static SafeGlobalMemoryBufferHandle ToUnmanagedSecurityAttributes(ObjectSecurity securityDescriptor)
{
if (securityDescriptor == null)
{
return(new SafeGlobalMemoryBufferHandle());
}
byte[] src = securityDescriptor.GetSecurityDescriptorBinaryForm();
var safeBuffer = new SafeGlobalMemoryBufferHandle(src.Length);
try
{
safeBuffer.CopyFrom(src, 0, src.Length);
return(safeBuffer);
}
catch
{
safeBuffer.Close();
throw;
}
}
public bool Write(byte[] buffer, int offset, int count, bool processSecurity)
{
if (buffer == null)
{
throw new ArgumentNullException("buffer");
}
if (offset < 0)
{
throw new ArgumentOutOfRangeException("offset", offset, Resources.OffsetMustNotBeNegative);
}
if (count < 0)
{
throw new ArgumentOutOfRangeException("count", count, Resources.CountMustNotBeNegative);
}
if (offset + count > buffer.Length)
{
throw new ArgumentException(Resources.BufferIsNotLargeEnoughForTheRequestedOperation);
}
using (SafeGlobalMemoryBufferHandle safeBuffer = new SafeGlobalMemoryBufferHandle(count))
{
safeBuffer.CopyFrom(buffer, offset, count);
uint bytesWritten;
if (!NativeMethods.BackupWrite(SafeFileHandle, safeBuffer, (uint)safeBuffer.Capacity, out bytesWritten, false, processSecurity, out _context))
{
// Throws IOException.
NativeError.ThrowException(Marshal.GetLastWin32Error(), true);
}
}
return(true);
}
internal static void SetAccessControlCore(string path, SafeFileHandle handle, ObjectSecurity objectSecurity, AccessControlSections includeSections, PathFormat pathFormat)
{
if (pathFormat == PathFormat.RelativePath)
{
Path.CheckSupportedPathFormat(path, true, true);
}
if (objectSecurity == null)
{
throw new ArgumentNullException("objectSecurity");
}
var managedDescriptor = objectSecurity.GetSecurityDescriptorBinaryForm();
using (var safeBuffer = new SafeGlobalMemoryBufferHandle(managedDescriptor.Length))
{
var pathLp = Path.GetExtendedLengthPathCore(null, path, pathFormat, GetFullPathOptions.RemoveTrailingDirectorySeparator | GetFullPathOptions.CheckInvalidPathChars);
safeBuffer.CopyFrom(managedDescriptor, 0, managedDescriptor.Length);
SECURITY_DESCRIPTOR_CONTROL control;
uint revision;
var success = Security.NativeMethods.GetSecurityDescriptorControl(safeBuffer, out control, out revision);
var lastError = Marshal.GetLastWin32Error();
if (!success)
{
NativeError.ThrowException(lastError, pathLp);
}
PrivilegeEnabler privilegeEnabler = null;
try
{
var securityInfo = SECURITY_INFORMATION.None;
var pDacl = IntPtr.Zero;
if ((includeSections & AccessControlSections.Access) != 0)
{
bool daclDefaulted, daclPresent;
success = Security.NativeMethods.GetSecurityDescriptorDacl(safeBuffer, out daclPresent, out pDacl, out daclDefaulted);
lastError = Marshal.GetLastWin32Error();
if (!success)
{
NativeError.ThrowException(lastError, pathLp);
}
if (daclPresent)
{
securityInfo |= SECURITY_INFORMATION.DACL_SECURITY_INFORMATION;
securityInfo |= (control & SECURITY_DESCRIPTOR_CONTROL.SE_DACL_PROTECTED) != 0 ? SECURITY_INFORMATION.PROTECTED_DACL_SECURITY_INFORMATION : SECURITY_INFORMATION.UNPROTECTED_DACL_SECURITY_INFORMATION;
}
}
var pSacl = IntPtr.Zero;
if ((includeSections & AccessControlSections.Audit) != 0)
{
bool saclDefaulted, saclPresent;
success = Security.NativeMethods.GetSecurityDescriptorSacl(safeBuffer, out saclPresent, out pSacl, out saclDefaulted);
lastError = Marshal.GetLastWin32Error();
if (!success)
{
NativeError.ThrowException(lastError, pathLp);
}
if (saclPresent)
{
securityInfo |= SECURITY_INFORMATION.SACL_SECURITY_INFORMATION;
securityInfo |= (control & SECURITY_DESCRIPTOR_CONTROL.SE_SACL_PROTECTED) != 0 ? SECURITY_INFORMATION.PROTECTED_SACL_SECURITY_INFORMATION : SECURITY_INFORMATION.UNPROTECTED_SACL_SECURITY_INFORMATION;
privilegeEnabler = new PrivilegeEnabler(Privilege.Security);
}
}
var pOwner = IntPtr.Zero;
if ((includeSections & AccessControlSections.Owner) != 0)
{
bool ownerDefaulted;
success = Security.NativeMethods.GetSecurityDescriptorOwner(safeBuffer, out pOwner, out ownerDefaulted);
lastError = Marshal.GetLastWin32Error();
if (!success)
{
NativeError.ThrowException(lastError, pathLp);
}
if (pOwner != IntPtr.Zero)
{
securityInfo |= SECURITY_INFORMATION.OWNER_SECURITY_INFORMATION;
}
}
var pGroup = IntPtr.Zero;
if ((includeSections & AccessControlSections.Group) != 0)
{
bool groupDefaulted;
success = Security.NativeMethods.GetSecurityDescriptorGroup(safeBuffer, out pGroup, out groupDefaulted);
lastError = Marshal.GetLastWin32Error();
if (!success)
{
NativeError.ThrowException(lastError, pathLp);
}
if (pGroup != IntPtr.Zero)
{
securityInfo |= SECURITY_INFORMATION.GROUP_SECURITY_INFORMATION;
}
}
if (!Utils.IsNullOrWhiteSpace(pathLp))
{
// SetNamedSecurityInfo()
// 2013-01-13: MSDN does not confirm LongPath usage but a Unicode version of this function exists.
lastError = (int)Security.NativeMethods.SetNamedSecurityInfo(pathLp, SE_OBJECT_TYPE.SE_FILE_OBJECT, securityInfo, pOwner, pGroup, pDacl, pSacl);
if (lastError != Win32Errors.ERROR_SUCCESS)
{
NativeError.ThrowException(lastError, pathLp);
}
}
else
{
if (NativeMethods.IsValidHandle(handle))
{
lastError = (int)Security.NativeMethods.SetSecurityInfo(handle, SE_OBJECT_TYPE.SE_FILE_OBJECT, securityInfo, pOwner, pGroup, pDacl, pSacl);
if (lastError != Win32Errors.ERROR_SUCCESS)
{
NativeError.ThrowException(lastError);
}
}
}
}
finally
{
if (null != privilegeEnabler)
{
privilegeEnabler.Dispose();
}
}
}
}
internal static void SetSecurityInfo(SafeHandle handle, NativeMethods.SE_OBJECT_TYPE objectType, NativeObjectSecurity fileSecurity)
{
byte[] managedDescriptor = fileSecurity.GetSecurityDescriptorBinaryForm();
using (SafeGlobalMemoryBufferHandle hDescriptor = new SafeGlobalMemoryBufferHandle(managedDescriptor.Length))
{
hDescriptor.CopyFrom(managedDescriptor, 0, managedDescriptor.Length);
NativeMethods.SECURITY_DESCRIPTOR_CONTROL control;
uint revision;
if (!NativeMethods.GetSecurityDescriptorControl(hDescriptor, out control, out revision))
{
NativeError.ThrowException();
}
IntPtr pDacl;
bool daclDefaulted, daclPresent;
if (!NativeMethods.GetSecurityDescriptorDacl(hDescriptor, out daclPresent, out pDacl, out daclDefaulted))
{
NativeError.ThrowException();
}
IntPtr pSacl;
bool saclDefaulted, saclPresent;
if (!NativeMethods.GetSecurityDescriptorSacl(hDescriptor, out saclPresent, out pSacl, out saclDefaulted))
{
NativeError.ThrowException();
}
IntPtr pOwner;
bool ownerDefaulted;
if (!NativeMethods.GetSecurityDescriptorOwner(hDescriptor, out pOwner, out ownerDefaulted))
{
NativeError.ThrowException();
}
IntPtr pGroup;
bool GroupDefaulted;
if (!NativeMethods.GetSecurityDescriptorGroup(hDescriptor, out pGroup, out GroupDefaulted))
{
NativeError.ThrowException();
}
PrivilegeEnabler privilegeEnabler = null;
try
{
NativeMethods.SECURITY_INFORMATION info = 0;
if (daclPresent)
{
info |= NativeMethods.SECURITY_INFORMATION.DACL_SECURITY_INFORMATION;
if ((control & NativeMethods.SECURITY_DESCRIPTOR_CONTROL.SE_DACL_PROTECTED) != 0)
{
info |= NativeMethods.SECURITY_INFORMATION.PROTECTED_DACL_SECURITY_INFORMATION;
}
else
{
info |= NativeMethods.SECURITY_INFORMATION.UNPROTECTED_DACL_SECURITY_INFORMATION;
}
}
if (saclPresent)
{
info |= NativeMethods.SECURITY_INFORMATION.SACL_SECURITY_INFORMATION;
if ((control & NativeMethods.SECURITY_DESCRIPTOR_CONTROL.SE_SACL_PROTECTED) != 0)
{
info |= NativeMethods.SECURITY_INFORMATION.PROTECTED_SACL_SECURITY_INFORMATION;
}
else
{
info |= NativeMethods.SECURITY_INFORMATION.UNPROTECTED_SACL_SECURITY_INFORMATION;
}
privilegeEnabler = new PrivilegeEnabler(Privilege.Security);
}
if (pOwner != IntPtr.Zero)
{
info |= NativeMethods.SECURITY_INFORMATION.OWNER_SECURITY_INFORMATION;
}
if (pGroup != IntPtr.Zero)
{
info |= NativeMethods.SECURITY_INFORMATION.GROUP_SECURITY_INFORMATION;
}
uint errorCode = NativeMethods.SetSecurityInfo(handle, objectType, info, pOwner, pGroup, pDacl, pSacl);
if (errorCode != 0)
{
NativeError.ThrowException((int)errorCode);
}
}
finally
{
if (privilegeEnabler != null)
{
privilegeEnabler.Dispose();
}
}
}
}
internal static void SetAccessControlCore(string path, SafeFileHandle handle, ObjectSecurity objectSecurity, AccessControlSections includeSections, PathFormat pathFormat)
{
if (pathFormat == PathFormat.RelativePath)
{
Path.CheckSupportedPathFormat(path, true, true);
}
if (objectSecurity == null)
{
throw new ArgumentNullException("objectSecurity");
}
byte[] managedDescriptor = objectSecurity.GetSecurityDescriptorBinaryForm();
using (var safeBuffer = new SafeGlobalMemoryBufferHandle(managedDescriptor.Length))
{
string pathLp = Path.GetExtendedLengthPathCore(null, path, pathFormat, GetFullPathOptions.RemoveTrailingDirectorySeparator | GetFullPathOptions.CheckInvalidPathChars);
safeBuffer.CopyFrom(managedDescriptor, 0, managedDescriptor.Length);
SecurityDescriptorControl control;
uint revision;
if (!Security.NativeMethods.GetSecurityDescriptorControl(safeBuffer, out control, out revision))
{
NativeError.ThrowException(Marshal.GetLastWin32Error(), pathLp);
}
PrivilegeEnabler privilegeEnabler = null;
try
{
var securityInfo = SecurityInformation.None;
IntPtr pDacl = IntPtr.Zero;
if ((includeSections & AccessControlSections.Access) != 0)
{
bool daclDefaulted, daclPresent;
if (!Security.NativeMethods.GetSecurityDescriptorDacl(safeBuffer, out daclPresent, out pDacl, out daclDefaulted))
{
NativeError.ThrowException(Marshal.GetLastWin32Error(), pathLp);
}
if (daclPresent)
{
securityInfo |= SecurityInformation.Dacl;
securityInfo |= (control & SecurityDescriptorControl.DaclProtected) != 0
? SecurityInformation.ProtectedDacl
: SecurityInformation.UnprotectedDacl;
}
}
IntPtr pSacl = IntPtr.Zero;
if ((includeSections & AccessControlSections.Audit) != 0)
{
bool saclDefaulted, saclPresent;
if (!Security.NativeMethods.GetSecurityDescriptorSacl(safeBuffer, out saclPresent, out pSacl, out saclDefaulted))
{
NativeError.ThrowException(Marshal.GetLastWin32Error(), pathLp);
}
if (saclPresent)
{
securityInfo |= SecurityInformation.Sacl;
securityInfo |= (control & SecurityDescriptorControl.SaclProtected) != 0
? SecurityInformation.ProtectedSacl
: SecurityInformation.UnprotectedSacl;
privilegeEnabler = new PrivilegeEnabler(Privilege.Security);
}
}
IntPtr pOwner = IntPtr.Zero;
if ((includeSections & AccessControlSections.Owner) != 0)
{
bool ownerDefaulted;
if (!Security.NativeMethods.GetSecurityDescriptorOwner(safeBuffer, out pOwner, out ownerDefaulted))
{
NativeError.ThrowException(Marshal.GetLastWin32Error(), pathLp);
}
if (pOwner != IntPtr.Zero)
{
securityInfo |= SecurityInformation.Owner;
}
}
IntPtr pGroup = IntPtr.Zero;
if ((includeSections & AccessControlSections.Group) != 0)
{
bool groupDefaulted;
if (!Security.NativeMethods.GetSecurityDescriptorGroup(safeBuffer, out pGroup, out groupDefaulted))
{
NativeError.ThrowException(Marshal.GetLastWin32Error(), pathLp);
}
if (pGroup != IntPtr.Zero)
{
securityInfo |= SecurityInformation.Group;
}
}
uint lastError;
if (!Utils.IsNullOrWhiteSpace(pathLp))
{
// SetNamedSecurityInfo()
// In the ANSI version of this function, the name is limited to MAX_PATH characters.
// To extend this limit to 32,767 wide characters, call the Unicode version of the function and prepend "\\?\" to the path.
// 2013-01-13: MSDN does not confirm LongPath usage but a Unicode version of this function exists.
lastError = Security.NativeMethods.SetNamedSecurityInfo(pathLp, ObjectType.FileObject, securityInfo, pOwner, pGroup, pDacl, pSacl);
if (lastError != Win32Errors.ERROR_SUCCESS)
{
NativeError.ThrowException(lastError, pathLp);
}
}
else
{
if (NativeMethods.IsValidHandle(handle))
{
lastError = Security.NativeMethods.SetSecurityInfo(handle, ObjectType.FileObject, securityInfo, pOwner, pGroup, pDacl, pSacl);
if (lastError != Win32Errors.ERROR_SUCCESS)
{
NativeError.ThrowException((int)lastError);
}
}
}
}
finally
{
if (privilegeEnabler != null)
{
privilegeEnabler.Dispose();
}
}
}
}
public void Write(byte[] buffer, int offset, int count, bool processSecurity)
{
if (buffer == null)
throw new ArgumentNullException("buffer");
if (offset < 0)
throw new ArgumentOutOfRangeException("offset", offset, Resources.OffsetMustNotBeNegative);
if (count < 0)
throw new ArgumentOutOfRangeException("count", count, Resources.CountMustNotBeNegative);
if (offset + count > buffer.Length)
throw new ArgumentException(Resources.BufferIsNotLargeEnoughForTheRequestedOperation);
using (var safeBuffer = new SafeGlobalMemoryBufferHandle(count))
{
safeBuffer.CopyFrom(buffer, offset, count);
uint bytesWritten;
if (!NativeMethods.BackupWrite(SafeFileHandle, safeBuffer, (uint)safeBuffer.Capacity, out bytesWritten, false, processSecurity, out m_context))
NativeError.ThrowException(Marshal.GetLastWin32Error());
}
}
internal static void SetAccessControlInternal(string path, SafeHandle handle, ObjectSecurity objectSecurity, AccessControlSections includeSections, PathFormat pathFormat)
{
if (pathFormat == PathFormat.RelativePath)
Path.CheckValidPath(path, true, true);
if (objectSecurity == null)
throw new ArgumentNullException("objectSecurity");
byte[] managedDescriptor = objectSecurity.GetSecurityDescriptorBinaryForm();
using (var safeBuffer = new SafeGlobalMemoryBufferHandle(managedDescriptor.Length))
{
string pathLp = Path.GetExtendedLengthPathInternal(null, path, pathFormat, GetFullPathOptions.RemoveTrailingDirectorySeparator | GetFullPathOptions.CheckInvalidPathChars);
safeBuffer.CopyFrom(managedDescriptor, 0, managedDescriptor.Length);
SecurityDescriptorControl control;
uint revision;
if (!Security.NativeMethods.GetSecurityDescriptorControl(safeBuffer, out control, out revision))
NativeError.ThrowException(Marshal.GetLastWin32Error(), pathLp);
PrivilegeEnabler privilegeEnabler = null;
try
{
var securityInfo = SecurityInformation.None;
IntPtr pDacl = IntPtr.Zero;
if ((includeSections & AccessControlSections.Access) != 0)
{
bool daclDefaulted, daclPresent;
if (!Security.NativeMethods.GetSecurityDescriptorDacl(safeBuffer, out daclPresent, out pDacl, out daclDefaulted))
NativeError.ThrowException(Marshal.GetLastWin32Error(), pathLp);
if (daclPresent)
{
securityInfo |= SecurityInformation.Dacl;
securityInfo |= (control & SecurityDescriptorControl.DaclProtected) != 0
? SecurityInformation.ProtectedDacl
: SecurityInformation.UnprotectedDacl;
}
}
IntPtr pSacl = IntPtr.Zero;
if ((includeSections & AccessControlSections.Audit) != 0)
{
bool saclDefaulted, saclPresent;
if (!Security.NativeMethods.GetSecurityDescriptorSacl(safeBuffer, out saclPresent, out pSacl, out saclDefaulted))
NativeError.ThrowException(Marshal.GetLastWin32Error(), pathLp);
if (saclPresent)
{
securityInfo |= SecurityInformation.Sacl;
securityInfo |= (control & SecurityDescriptorControl.SaclProtected) != 0
? SecurityInformation.ProtectedSacl
: SecurityInformation.UnprotectedSacl;
privilegeEnabler = new PrivilegeEnabler(Privilege.Security);
}
}
IntPtr pOwner = IntPtr.Zero;
if ((includeSections & AccessControlSections.Owner) != 0)
{
bool ownerDefaulted;
if (!Security.NativeMethods.GetSecurityDescriptorOwner(safeBuffer, out pOwner, out ownerDefaulted))
NativeError.ThrowException(Marshal.GetLastWin32Error(), pathLp);
if (pOwner != IntPtr.Zero)
securityInfo |= SecurityInformation.Owner;
}
IntPtr pGroup = IntPtr.Zero;
if ((includeSections & AccessControlSections.Group) != 0)
{
bool groupDefaulted;
if (!Security.NativeMethods.GetSecurityDescriptorGroup(safeBuffer, out pGroup, out groupDefaulted))
NativeError.ThrowException(Marshal.GetLastWin32Error(), pathLp);
if (pGroup != IntPtr.Zero)
securityInfo |= SecurityInformation.Group;
}
uint lastError;
if (!Utils.IsNullOrWhiteSpace(pathLp))
{
// SetNamedSecurityInfo()
// In the ANSI version of this function, the name is limited to MAX_PATH characters.
// To extend this limit to 32,767 wide characters, call the Unicode version of the function and prepend "\\?\" to the path.
// 2013-01-13: MSDN does not confirm LongPath usage but a Unicode version of this function exists.
lastError = Security.NativeMethods.SetNamedSecurityInfo(pathLp, ObjectType.FileObject, securityInfo, pOwner, pGroup, pDacl, pSacl);
if (lastError != Win32Errors.ERROR_SUCCESS)
NativeError.ThrowException(lastError, pathLp);
}
else if (NativeMethods.IsValidHandle(handle))
{
lastError = Security.NativeMethods.SetSecurityInfo(handle, ObjectType.FileObject, securityInfo, pOwner, pGroup, pDacl, pSacl);
if (lastError != Win32Errors.ERROR_SUCCESS)
NativeError.ThrowException((int)lastError);
}
}
finally
{
if (privilegeEnabler != null)
privilegeEnabler.Dispose();
}
}
}