private static string ReadString(SafeBufferGeneric buffer, int offset, int length)
{
if (offset <= 0)
{
return(string.Empty);
}
return(buffer.ReadUnicodeString((ulong)offset, length / 2));
}
internal MountPoint(SafeBufferGeneric buffer, MOUNTMGR_MOUNT_POINT mp)
{
SymbolicLinkName = buffer.ReadUnicodeString((ulong)mp.SymbolicLinkNameOffset, mp.SymbolicLinkNameLength / 2);
if (SymbolicLinkName.StartsWith(@"\DosDevices", StringComparison.OrdinalIgnoreCase))
{
SymbolicLinkName = @"\??" + SymbolicLinkName.Substring(11);
}
UniqueId = buffer.ReadBytes((ulong)mp.UniqueIdOffset, mp.UniqueIdLength);
DeviceName = buffer.ReadUnicodeString((ulong)mp.DeviceNameOffset, mp.DeviceNameLength / 2);
}
internal LsaLogonResult(NtToken token, SafeBufferGeneric profile,
Luid logon_id, QUOTA_LIMITS quota_limits)
{
Token = token;
Profile = profile;
LogonId = logon_id;
PagedPoolLimit = quota_limits.PagedPoolLimit.ToInt64();
NonPagedPoolLimit = quota_limits.NonPagedPoolLimit.ToInt64();
MinimumWorkingSetSize = quota_limits.MinimumWorkingSetSize.ToInt64();
MaximumWorkingSetSize = quota_limits.MaximumWorkingSetSize.ToInt64();
PagefileLimit = quota_limits.PagefileLimit.ToInt64();
TimeLimit = TimeSpan.FromTicks(quota_limits.TimeLimit.QuadPart);
}
private static ApiSetEntry CreateEntry(API_SET_NAMESPACE_ENTRY_WIN10 entry, SafeBufferGeneric map)
{
string name = ReadString(map, entry.NameOffset, entry.NameLength);
string hash_name = ReadString(map, entry.NameOffset, entry.HashLength);
var values = map.ReadArray <API_SET_VALUE_ENTRY_WIN10>(entry.ValueOffset, entry.ValueCount);
List <ApiSetHost> hosts = new List <ApiSetHost>();
foreach (var value in values)
{
var import = ReadString(map, value.NameOffset, value.NameLength);
var host = ReadString(map, value.ValueOffset, value.ValueLength);
hosts.Add(new ApiSetHost(import, host));
}
return(new ApiSetEntry(entry.Flags, name, hash_name, hosts));
}
private static IReadOnlyList <SidName> GetSidNameSids(string[] names, SafeLsaMemoryBuffer domains, SafeLsaMemoryBuffer sids)
{
using (SafeBufferGeneric a = domains, b = sids)
{
List <SidName> ret = new List <SidName>();
domains.Initialize <LSA_REFERENCED_DOMAIN_LIST>(1);
sids.Initialize <LSA_TRANSLATED_SID2>((uint)names.Length);
var domain_list = domains.Read <LSA_REFERENCED_DOMAIN_LIST>(0);
var domains_entries = NtProcess.Current.ReadMemoryArray <LSA_TRUST_INFORMATION>(domain_list.Domains.ToInt64(), domain_list.Entries);
var sid_list = sids.ReadArray <LSA_TRANSLATED_SID2>(0, names.Length);
for (int i = 0; i < names.Length; ++i)
{
ret.Add(new SidName(sid_list[i].GetSid(), sid_list[i].GetDomain(domains_entries),
names[i], SidNameSource.Account, sid_list[i].Use, false));
}
return(ret.AsReadOnly());
}
}
public SecBuffer(SecurityBufferType type, SafeBufferGeneric buffer)
: this(type, buffer.DangerousGetHandle(), buffer.Length)
{
}
public SafeBufferView(SafeBufferGeneric buffer, bool writable)
: base(buffer.DangerousGetHandle(), buffer.LongLength, false, writable)
{
}
