override protected bool ReleaseHandle()
{
if (!bIsMutex || Environment.HasShutdownStarted)
{
return(Win32Native.CloseHandle(handle));
}
bool bReturn = false;
bool bMutexObtained = false;
try
{
if (!bIsReservedMutex)
{
Mutex.AcquireReservedMutex(ref bMutexObtained);
}
bReturn = Win32Native.CloseHandle(handle);
}
finally
{
if (bMutexObtained)
{
Mutex.ReleaseReservedMutex();
}
}
return(bReturn);
}
internal static bool RestoreTokenPrivilege(string privilegeName, ref Win32Native.TOKEN_PRIVILEGE previousPrivilegeState)
{
if (previousPrivilegeState.PrivilegeCount != 0)
{
bool flag = false;
Win32Native.TOKEN_PRIVILEGE tOKENPRIVILEGE = new Win32Native.TOKEN_PRIVILEGE();
if (Win32Native.LookupPrivilegeValue(null, privilegeName, ref tOKENPRIVILEGE.Privilege.Luid) && tOKENPRIVILEGE.Privilege.Luid.HighPart == previousPrivilegeState.Privilege.Luid.HighPart && tOKENPRIVILEGE.Privilege.Luid.LowPart == previousPrivilegeState.Privilege.Luid.LowPart)
{
IntPtr currentProcess = Win32Native.GetCurrentProcess();
if (currentProcess != IntPtr.Zero)
{
IntPtr zero = IntPtr.Zero;
if (Win32Native.OpenProcessToken(currentProcess, 40, out zero))
{
int num = Marshal.SizeOf(typeof(Win32Native.TOKEN_PRIVILEGE));
int num1 = 0;
if (Win32Native.AdjustTokenPrivileges(zero, false, ref previousPrivilegeState, num, out tOKENPRIVILEGE, ref num1) && Marshal.GetLastWin32Error() == 0)
{
flag = true;
}
}
if (zero != IntPtr.Zero)
{
Win32Native.CloseHandle(zero);
}
Win32Native.CloseHandle(currentProcess);
}
}
return(flag);
}
else
{
return(true);
}
}
protected override bool ReleaseHandle()
{
if (!this.bIsMutex || Environment.HasShutdownStarted)
{
return(Win32Native.CloseHandle(base.handle));
}
bool flag = false;
bool bHandleObtained = false;
try
{
if (!this.bIsReservedMutex)
{
Mutex.AcquireReservedMutex(ref bHandleObtained);
}
flag = Win32Native.CloseHandle(base.handle);
}
finally
{
if (bHandleObtained)
{
Mutex.ReleaseReservedMutex();
}
}
return(flag);
}
override protected bool ReleaseHandle()
{
#if MONO
NativeEventCalls.CloseEvent_internal(handle);
return(true);
#else
#if !FEATURE_CORECLR
if (!bIsMutex || Environment.HasShutdownStarted)
{
return(Win32Native.CloseHandle(handle));
}
bool bReturn = false;
bool bMutexObtained = false;
try
{
if (!bIsReservedMutex)
{
Mutex.AcquireReservedMutex(ref bMutexObtained);
}
bReturn = Win32Native.CloseHandle(handle);
}
finally
{
if (bMutexObtained)
{
Mutex.ReleaseReservedMutex();
}
}
return(bReturn);
#else
return(Win32Native.CloseHandle(handle));
#endif
#endif
}
protected override bool ReleaseHandle()
{
#if MONO
return(true);
#else
return(Win32Native.CloseHandle(handle));
#endif
}
override protected bool ReleaseHandle()
{
#if MONO
NativeEventCalls.CloseEvent_internal(handle);
return(true);
#else
return(Win32Native.CloseHandle(handle));
#endif
}
internal static bool EnableTokenPrivilege(string privilegeName, ref Win32Native.TOKEN_PRIVILEGE oldPrivilegeState)
{
bool flag = false;
Win32Native.TOKEN_PRIVILEGE tOKENPRIVILEGE = new Win32Native.TOKEN_PRIVILEGE();
if (Win32Native.LookupPrivilegeValue(null, privilegeName, ref tOKENPRIVILEGE.Privilege.Luid))
{
IntPtr currentProcess = Win32Native.GetCurrentProcess();
if (currentProcess != IntPtr.Zero)
{
IntPtr zero = IntPtr.Zero;
if (Win32Native.OpenProcessToken(currentProcess, 40, out zero))
{
Win32Native.PRIVILEGE_SET luid = new Win32Native.PRIVILEGE_SET();
luid.Privilege.Luid = tOKENPRIVILEGE.Privilege.Luid;
luid.PrivilegeCount = 1;
luid.Control = 1;
bool flag1 = false;
if (!Win32Native.PrivilegeCheck(zero, ref luid, out flag1) || !flag1)
{
tOKENPRIVILEGE.PrivilegeCount = 1;
tOKENPRIVILEGE.Privilege.Attributes = 2;
int num = Marshal.SizeOf(typeof(Win32Native.TOKEN_PRIVILEGE));
int num1 = 0;
if (Win32Native.AdjustTokenPrivileges(zero, false, ref tOKENPRIVILEGE, num, out oldPrivilegeState, ref num1))
{
int lastWin32Error = Marshal.GetLastWin32Error();
if (lastWin32Error != 0)
{
if (lastWin32Error == 0x514)
{
oldPrivilegeState.PrivilegeCount = 0;
flag = true;
}
}
else
{
flag = true;
}
}
}
else
{
oldPrivilegeState.PrivilegeCount = 0;
flag = true;
}
}
if (zero != IntPtr.Zero)
{
Win32Native.CloseHandle(zero);
}
Win32Native.CloseHandle(currentProcess);
}
}
return(flag);
}
override protected bool ReleaseHandle()
{
#if MONO
System.IO.MonoIOError error;
System.IO.MonoIO.Close(handle, out error);
return(error == System.IO.MonoIOError.ERROR_SUCCESS);
#else
return(Win32Native.CloseHandle(handle));
#endif
}
/// <include file='doc\Directory.uex' path='docs/doc[@for="Directory.SetLastAccessTime"]/*' />
public unsafe static void SetLastAccessTime(String path, DateTime lastAccessTime)
{
{
IntPtr handle = Directory.OpenHandle(path);
Win32Native.FILE_TIME fileTime = new Win32Native.FILE_TIME(lastAccessTime.ToFileTime());
bool r = Win32Native.SetFileTime(handle, null, &fileTime, null);
if (!r)
{
int errorCode = Marshal.GetLastWin32Error();
Win32Native.CloseHandle(handle);
__Error.WinIOError(errorCode, path);
}
Win32Native.CloseHandle(handle);
}
}
/// <include file='doc\Directory.uex' path='docs/doc[@for="Directory.SetLastAccessTimeUtc"]/*' />
public static void SetLastAccessTimeUtc(String path, DateTime lastAccessTimeUtc)
{
if ((Environment.OSInfo & Environment.OSName.WinNT) == Environment.OSName.WinNT)
{
IntPtr handle = Directory.OpenHandle(path);
bool r = Win32Native.SetFileTime(handle, null, new long[] { lastAccessTimeUtc.ToFileTimeUtc() }, null);
if (!r)
{
int errorCode = Marshal.GetLastWin32Error();
Win32Native.CloseHandle(handle);
__Error.WinIOError(errorCode, path);
}
Win32Native.CloseHandle(handle);
}
}
public override void Shutdown()
{
lock (_lock)
{
if (_hasBeenShutdown)
{
return;
}
_logger.Information("Shutting down debug listener...");
if (_bufferReadyEvent != IntPtr.Zero)
{
_logger.Verbose("Closing handle to event DBWIN_BUFFER_READY...");
Win32Native.CloseHandle(_bufferReadyEvent);
_bufferReadyEvent = IntPtr.Zero;
}
if (_readyEvent != IntPtr.Zero)
{
_logger.Verbose("Closing handle to event DBWIN_DATA_READY...");
Win32Native.CloseHandle(_readyEvent);
_readyEvent = IntPtr.Zero;
}
if (_sharedFile != IntPtr.Zero)
{
_logger.Verbose("Closing handle to file mapping DBWIN_BUFFER...");
Win32Native.CloseHandle(_sharedFile);
_sharedFile = IntPtr.Zero;
}
if (_sharedMemory != IntPtr.Zero)
{
_logger.Verbose("Closing handle to mapping view DBWIN_BUFFER...");
Win32Native.UnmapViewOfFile(_sharedMemory);
_sharedMemory = IntPtr.Zero;
}
_logger.Information("Debug listener has been shut down.");
_hasBeenShutdown = true;
}
}
protected override bool ReleaseHandle()
{
return(Win32Native.CloseHandle(this.handle));
}
override protected bool ReleaseHandle()
{
return(Win32Native.CloseHandle(handle));
}
public static int Retrieve(Process process, out string parameterValue, Parameter parameter = Parameter.CommandLine)
{
int rc = 0;
parameterValue = null;
var hProcess = Win32Native.OpenProcess(
Win32Native.OpenProcessDesiredAccessFlags.PROCESS_QUERY_INFORMATION |
Win32Native.OpenProcessDesiredAccessFlags.PROCESS_VM_READ, false, (uint)process.Id);
if (hProcess != IntPtr.Zero)
{
try
{
var sizePBI = Marshal.SizeOf <Win32Native.ProcessBasicInformation>();
var memPBI = Marshal.AllocHGlobal(sizePBI);
try
{
var ret = Win32Native.NtQueryInformationProcess(
hProcess, Win32Native.PROCESS_BASIC_INFORMATION, memPBI,
(uint)sizePBI, out var len);
if (0 == ret)
{
var pbiInfo = Marshal.PtrToStructure <Win32Native.ProcessBasicInformation>(memPBI);
if (pbiInfo.PebBaseAddress != IntPtr.Zero)
{
if (ReadStructFromProcessMemory <Win32Native.PEB>(hProcess,
pbiInfo.PebBaseAddress, out var pebInfo))
{
if (ReadStructFromProcessMemory <Win32Native.RtlUserProcessParameters>(
hProcess, pebInfo.ProcessParameters, out var ruppInfo))
{
string ReadUnicodeString(Win32Native.UnicodeString unicodeString)
{
var clLen = unicodeString.MaximumLength;
var memCL = Marshal.AllocHGlobal(clLen);
try
{
if (Win32Native.ReadProcessMemory(hProcess,
unicodeString.Buffer, memCL, clLen, out len))
{
rc = 0;
return(Marshal.PtrToStringUni(memCL));
}
else
{
// couldn't read parameter line buffer
rc = -6;
}
}
finally
{
Marshal.FreeHGlobal(memCL);
}
return(null);
}
switch (parameter)
{
case Parameter.CommandLine:
parameterValue = ReadUnicodeString(ruppInfo.CommandLine);
break;
case Parameter.WorkingDirectory:
parameterValue = ReadUnicodeString(ruppInfo.CurrentDirectory);
break;
}
}
else
{
// couldn't read ProcessParameters
rc = -5;
}
}
else
{
// couldn't read PEB information
rc = -4;
}
}
else
{
// PebBaseAddress is null
rc = -3;
}
}
else
{
// NtQueryInformationProcess failed
rc = -2;
}
}
finally
{
Marshal.FreeHGlobal(memPBI);
}
}
finally
{
Win32Native.CloseHandle(hProcess);
}
}
else
{
// couldn't open process for VM read
rc = -1;
}
return(rc);
}
/// <summary>
/// Retrieve the UserName through PInvoke
/// </summary>
/// <param name="process"></param>
/// <returns></returns>
private static string RetrieveProcessUserName(Process process)
{
string userName = null;
#if UNIX
userName = Platform.NonWindowsGetUserFromPid(process.Id);
#else
IntPtr tokenUserInfo = IntPtr.Zero;
IntPtr processTokenHandler = IntPtr.Zero;
const uint TOKEN_QUERY = 0x0008;
try
{
do
{
int error;
if (!Win32Native.OpenProcessToken(ClrFacade.GetSafeProcessHandle(process), TOKEN_QUERY, out processTokenHandler))
{
break;
}
// Set the default length to be 256, so it will be sufficient for most cases
int tokenInfoLength = 256;
tokenUserInfo = Marshal.AllocHGlobal(tokenInfoLength);
if (!Win32Native.GetTokenInformation(processTokenHandler, Win32Native.TOKEN_INFORMATION_CLASS.TokenUser, tokenUserInfo, tokenInfoLength, out tokenInfoLength))
{
error = Marshal.GetLastWin32Error();
if (error == Win32Native.ERROR_INSUFFICIENT_BUFFER)
{
Marshal.FreeHGlobal(tokenUserInfo);
tokenUserInfo = Marshal.AllocHGlobal(tokenInfoLength);
if (!Win32Native.GetTokenInformation(processTokenHandler, Win32Native.TOKEN_INFORMATION_CLASS.TokenUser, tokenUserInfo, tokenInfoLength, out tokenInfoLength))
{
break;
}
}
else
{
break;
}
}
var tokenUser = ClrFacade.PtrToStructure <Win32Native.TOKEN_USER>(tokenUserInfo);
// Set the default length to be 256, so it will be sufficient for most cases
int userNameLength = 256, domainNameLength = 256;
var userNameStr = new StringBuilder(userNameLength);
var domainNameStr = new StringBuilder(domainNameLength);
Win32Native.SID_NAME_USE accountType;
if (!Win32Native.LookupAccountSid(null, tokenUser.User.Sid, userNameStr, ref userNameLength, domainNameStr, ref domainNameLength, out accountType))
{
error = Marshal.GetLastWin32Error();
if (error == Win32Native.ERROR_INSUFFICIENT_BUFFER)
{
userNameStr.EnsureCapacity(userNameLength);
domainNameStr.EnsureCapacity(domainNameLength);
if (!Win32Native.LookupAccountSid(null, tokenUser.User.Sid, userNameStr, ref userNameLength, domainNameStr, ref domainNameLength, out accountType))
{
break;
}
}
else
{
break;
}
}
userName = domainNameStr + "\\" + userNameStr;
} while (false);
}
catch (NotSupportedException)
{
// The Process not started yet, or it's a process from a remote machine
}
catch (InvalidOperationException)
{
// The Process has exited, Process.Handle will raise this exception
}
catch (Win32Exception)
{
// We might get an AccessDenied error
}
catch (Exception)
{
// I don't expect to get other exceptions,
}
finally
{
if (tokenUserInfo != IntPtr.Zero)
{
Marshal.FreeHGlobal(tokenUserInfo);
}
if (processTokenHandler != IntPtr.Zero)
{
Win32Native.CloseHandle(processTokenHandler);
}
}
#endif
return(userName);
}
