private ObjectAttributes(SafeBuffer object_name, AttributeFlags attributes, SafeKernelObjectHandle root,
SecurityQualityOfService sqos, SecurityDescriptor security_descriptor)
{
try {
if (root == null)
{
throw new ArgumentNullException(nameof(root), "Use SafeKernelObjectHandle.Null for a null handle");
}
Length = Marshal.SizeOf(this);
ObjectName = object_name;
Attributes = attributes;
if (sqos != null)
{
SecurityQualityOfService = sqos.ToBuffer();
}
else
{
SecurityQualityOfService = SafeHGlobalBuffer.Null;
}
RootDirectory = !root.IsInvalid ? NtObject.DuplicateHandle(root) : SafeKernelObjectHandle.Null;
if (security_descriptor != null)
{
SecurityDescriptor = security_descriptor.ToSafeBuffer();
}
else
{
SecurityDescriptor = SafeHGlobalBuffer.Null;
}
} catch {
Dispose();
throw;
}
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="object_name">The object name, can be null.</param>
/// <param name="attributes">The object attribute flags.</param>
/// <param name="root">An optional root handle, can be SafeKernelObjectHandle.Null. Will duplicate the handle.</param>
/// <param name="sqos">An optional security quality of service.</param>
/// <param name="security_descriptor">An optional security descriptor.</param>
public ObjectAttributes(string object_name, AttributeFlags attributes, SafeKernelObjectHandle root,
SecurityQualityOfService sqos, SecurityDescriptor security_descriptor)
{
Length = Marshal.SizeOf(this);
if (object_name != null)
{
ObjectName = new UnicodeString(object_name).ToBuffer();
}
else
{
ObjectName = SafeHGlobalBuffer.Null;
}
Attributes = attributes;
if (sqos != null)
{
SecurityQualityOfService = sqos.ToBuffer();
}
else
{
SecurityQualityOfService = SafeHGlobalBuffer.Null;
}
RootDirectory = !root.IsInvalid ? NtObject.DuplicateHandle(root) : SafeKernelObjectHandle.Null;
if (security_descriptor != null)
{
SecurityDescriptor = security_descriptor.ToSafeBuffer();
}
else
{
SecurityDescriptor = SafeHGlobalBuffer.Null;
}
}
/// <summary>
/// Create an attribute which with create a handle automatically.
/// </summary>
/// <param name="security_quality_of_service">The security quality of service.</param>
/// <returns>The security message attribute.</returns>
public static AlpcSecurityMessageAttribute CreateHandleAttribute(SecurityQualityOfService security_quality_of_service)
{
return(new AlpcSecurityMessageAttribute()
{
Flags = AlpcSecurityAttrFlags.CreateHandle,
SecurityQoS = security_quality_of_service,
ContextHandle = -2
});
}
internal SafeAlpcSecurityContextHandle(AlpcHandle handle, bool owns_handle, NtAlpc port,
AlpcSecurityAttrFlags flags, SecurityQualityOfService security_quality_of_service)
: base(IntPtr.Zero, owns_handle)
{
SetHandle(new IntPtr(handle.Value));
_port = port;
Flags = flags;
SecurityQualityOfService = security_quality_of_service;
}
/// <summary>
/// Convert a DOS filename to an NT filename and get as an ObjectAttributes structure
/// </summary>
/// <param name="filename">The DOS filename.</param>
/// <param name="attributes">The object attribute flags.</param>
/// <param name="sqos">An optional security quality of service.</param>
/// <param name="security_descriptor">An optional security descriptor.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The object attributes</returns>
public static NtResult <ObjectAttributes> DosFileNameToObjectAttributes(string filename, AttributeFlags attributes,
SecurityQualityOfService sqos, SecurityDescriptor security_descriptor, bool throw_on_error)
{
if (filename == null)
{
throw new ArgumentNullException("filename");
}
UnicodeStringOut nt_name = new UnicodeStringOut();
RtlRelativeName relative_name = new RtlRelativeName();
try
{
NtStatus status = NtRtl.RtlDosPathNameToRelativeNtPathName_U_WithStatus(filename, out nt_name,
out IntPtr short_path, relative_name);
if (!status.IsSuccess())
{
return(status.CreateResultFromError <ObjectAttributes>(throw_on_error));
}
string final_name;
SafeKernelObjectHandle root = SafeKernelObjectHandle.Null;
if (relative_name.RelativeName.Buffer != IntPtr.Zero)
{
final_name = relative_name.RelativeName.ToString();
root = new SafeKernelObjectHandle(relative_name.ContainingDirectory, false);
}
else
{
final_name = nt_name.ToString();
}
return(status.CreateResult(false, () =>
new ObjectAttributes(final_name, attributes, root, sqos, security_descriptor)));
}
finally
{
if (nt_name.Buffer != IntPtr.Zero)
{
NtRtl.RtlFreeUnicodeString(ref nt_name);
}
if (relative_name.RelativeName.Buffer != IntPtr.Zero)
{
NtRtl.RtlReleaseRelativeName(relative_name);
}
}
}
/// <summary>
/// Open an NT object with a specified type.
/// </summary>
/// <param name="typename">The name of the type to open (e.g. Event). If null the method will try and lookup the appropriate type.</param>
/// <param name="path">The path to the object to open.</param>
/// <param name="root">A root directory to open from.</param>
/// <param name="access">Generic access rights to the object.</param>
/// <param name="attributes">Attributes to open the object.</param>
/// <param name="security_quality_of_service">Security quality of service.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The opened object.</returns>
/// <exception cref="NtException">Thrown if an error occurred opening the object.</exception>
public static NtResult <NtObject> OpenWithType(string typename, string path, NtObject root,
AttributeFlags attributes, AccessMask access, SecurityQualityOfService security_quality_of_service, bool throw_on_error)
{
using (var obj_attr = new ObjectAttributes(path, attributes, root, security_quality_of_service, null))
{
if (typename == null)
{
typename = NtDirectory.GetDirectoryEntryType(path, root);
}
// Brute force the open.
if (typename == null)
{
foreach (var nttype in NtType.GetTypes().Where(t => t.CanOpen))
{
var result = nttype.Open(obj_attr, access, false);
if (result.IsSuccess)
{
return(result);
}
}
return(NtStatus.STATUS_OBJECT_TYPE_MISMATCH.CreateResultFromError <NtObject>(true));
}
NtType type = NtType.GetTypeByName(typename, false);
if (type != null && type.CanOpen)
{
return(type.Open(obj_attr, access, throw_on_error));
}
else
{
return(NtStatus.STATUS_OBJECT_TYPE_MISMATCH.CreateResultFromError <NtObject>(true));
}
}
}
public static extern NtStatus NtImpersonateThread(
SafeKernelObjectHandle ThreadHandle,
SafeKernelObjectHandle ThreadToImpersonate,
SecurityQualityOfService SecurityQualityOfService);
/// <summary>
/// Constructor
/// </summary>
/// <param name="object_name">The object name, can be null.</param>
/// <param name="attributes">The object attribute flags.</param>
/// <param name="root">An optional root handle, Will duplicate the handle.</param>
/// <param name="sqos">An optional security quality of service.</param>
/// <param name="security_descriptor">An optional security descriptor.</param>
public ObjectAttributes(string object_name, AttributeFlags attributes, NtObject root,
SecurityQualityOfService sqos, SecurityDescriptor security_descriptor)
: this(object_name, attributes, root?.Handle ?? SafeKernelObjectHandle.Null, sqos, security_descriptor)
{
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="object_name">The object name, can be null.</param>
/// <param name="attributes">The object attribute flags.</param>
/// <param name="root">An optional root handle, can be SafeKernelObjectHandle.Null. Will duplicate the handle.</param>
/// <param name="sqos">An optional security quality of service.</param>
/// <param name="security_descriptor">An optional security descriptor.</param>
public ObjectAttributes(string object_name, AttributeFlags attributes, SafeKernelObjectHandle root,
SecurityQualityOfService sqos, SecurityDescriptor security_descriptor)
: this(object_name != null ? new UnicodeString(object_name).ToBuffer() : SafeHGlobalBuffer.Null,
attributes, root, sqos, security_descriptor)
{
}
private ObjectAttributes(byte[] object_name, AttributeFlags attributes, SafeKernelObjectHandle root,
SecurityQualityOfService sqos, SecurityDescriptor security_descriptor)
: this(new UnicodeStringBytesSafeBuffer(object_name), attributes, root, sqos, security_descriptor)
{
}
/// <summary>
/// Convert a DOS filename to an NT filename and get as an ObjectAttributes structure
/// </summary>
/// <param name="filename">The DOS filename.</param>
/// <param name="attributes">The object attribute flags.</param>
/// <param name="sqos">An optional security quality of service.</param>
/// <param name="security_descriptor">An optional security descriptor.</param>
/// <returns>The object attributes</returns>
public static ObjectAttributes DosFileNameToObjectAttributes(string filename, AttributeFlags attributes,
SecurityQualityOfService sqos, SecurityDescriptor security_descriptor)
{
return(DosFileNameToObjectAttributes(filename, attributes, sqos, security_descriptor, true).Result);
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="object_name">The object name, can be null.</param>
/// <param name="attributes">The object attribute flags.</param>
/// <param name="root">An optional root handle, can be SafeKernelObjectHandle.Null. Will duplicate the handle.</param>
/// <param name="sqos">An optional security quality of service.</param>
/// <param name="security_descriptor">An optional security descriptor.</param>
public ObjectAttributes(string object_name, AttributeFlags attributes, NtObject root,
SecurityQualityOfService sqos, SecurityDescriptor security_descriptor)
: this(object_name, attributes, root != null ? root.Handle : SafeKernelObjectHandle.Null, sqos, security_descriptor)
{
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="object_name">The object name, can be null.</param>
/// <param name="attributes">The object attribute flags.</param>
/// <param name="root">An optional root handle, can be SafeKernelObjectHandle.Null. Will duplicate the handle.</param>
/// <param name="sqos">An optional security quality of service.</param>
/// <param name="security_descriptor">An optional security descriptor.</param>
public ObjectAttributes(string object_name, AttributeFlags attributes, SafeKernelObjectHandle root,
SecurityQualityOfService sqos, SecurityDescriptor security_descriptor)
{
Length = Marshal.SizeOf(this);
if (object_name != null)
{
ObjectName = new UnicodeString(object_name).ToBuffer();
}
else
{
ObjectName = SafeHGlobalBuffer.Null;
}
Attributes = attributes;
if (sqos != null)
{
SecurityQualityOfService = sqos.ToBuffer();
}
else
{
SecurityQualityOfService = SafeHGlobalBuffer.Null;
}
RootDirectory = !root.IsInvalid ? NtObject.DuplicateHandle(root) : SafeKernelObjectHandle.Null;
if (security_descriptor != null)
{
SecurityDescriptor = security_descriptor.ToSafeBuffer();
}
else
{
SecurityDescriptor = SafeHGlobalBuffer.Null;
}
}
/// <summary>
/// Create an Object Attributes structure with a raw name. Useful for Object ID handling.
/// </summary>
/// <param name="object_name">The name of the object in raw bytes.</param>
/// <param name="attributes">The object attribute flags.</param>
/// <param name="root">An optional root handle, Will duplicate the handle.</param>
/// <param name="sqos">An optional security quality of service.</param>
/// <param name="security_descriptor">An optional security descriptor.</param>
/// <returns>The created object attributes.</returns>
public static ObjectAttributes CreateWithRawName(byte[] object_name, AttributeFlags attributes, NtObject root,
SecurityQualityOfService sqos, SecurityDescriptor security_descriptor)
{
return(new ObjectAttributes(object_name, attributes, root.GetHandle(), sqos, security_descriptor));
}
/// <summary>
/// Open an NT object with a specified type.
/// </summary>
/// <param name="typename">The name of the type to open (e.g. Event). If null the method will try and lookup the appropriate type.</param>
/// <param name="path">The path to the object to open.</param>
/// <param name="root">A root directory to open from.</param>
/// <param name="access">Generic access rights to the object.</param>
/// <param name="attributes">Attributes to open the object.</param>
/// <param name="security_quality_of_service">Security quality of service.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The opened object.</returns>
/// <exception cref="NtException">Thrown if an error occurred opening the object.</exception>
public static NtResult <NtObject> OpenWithType(string typename, string path, NtObject root,
AttributeFlags attributes, AccessMask access, SecurityQualityOfService security_quality_of_service, bool throw_on_error)
{
using (var obj_attr = new ObjectAttributes(path, attributes, root, security_quality_of_service, null))
{
NtType type = NtType.GetTypeByName(typename ?? NtDirectory.GetDirectoryEntryType(path, root), false);
return(OpenWithType(type, obj_attr, access, throw_on_error));
}
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="object_id">An object ID.</param>
/// <param name="attributes">The object attribute flags.</param>
/// <param name="root">An optional root handle, can be SafeKernelObjectHandle.Null. Will duplicate the handle.</param>
/// <param name="sqos">An optional security quality of service.</param>
/// <param name="security_descriptor">An optional security descriptor.</param>
public ObjectAttributes(long object_id, AttributeFlags attributes, SafeKernelObjectHandle root,
SecurityQualityOfService sqos, SecurityDescriptor security_descriptor)
: this(BitConverter.GetBytes(object_id),
attributes, root, sqos, security_descriptor)
{
}
/// <summary>
/// Open an NT object with a specified type.
/// </summary>
/// <param name="typename">The name of the type to open (e.g. Event). If null the method will try and lookup the appropriate type.</param>
/// <param name="path">The path to the object to open.</param>
/// <param name="root">A root directory to open from.</param>
/// <param name="access">Generic access rights to the object.</param>
/// <param name="attributes">Attributes to open the object.</param>
/// <param name="security_quality_of_service">Security quality of service.</param>
/// <returns>The opened object.</returns>
/// <exception cref="NtException">Thrown if an error occurred opening the object.</exception>
public static NtObject OpenWithType(string typename, string path, NtObject root,
AttributeFlags attributes, AccessMask access, SecurityQualityOfService security_quality_of_service)
{
return(OpenWithType(typename, path, root, attributes, access, security_quality_of_service, true).Result);
}
/// <summary>
/// Impersonate another thread.
/// </summary>
/// <param name="thread">The thread to impersonate.</param>
/// <param name="security_quality_of_service">The impersonation security quality of service.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The imperonsation context. Dispose to revert to self.</returns>
public NtResult <ThreadImpersonationContext> ImpersonateThread(NtThread thread,
SecurityQualityOfService security_quality_of_service, bool throw_on_error)
{
return(NtSystemCalls.NtImpersonateThread(Handle, thread.Handle, security_quality_of_service)
.CreateResult(throw_on_error, () => new ThreadImpersonationContext(Duplicate())));
}