private static string ReadString(SafeBufferGeneric buffer, int offset, int length) { if (offset <= 0) { return(string.Empty); } return(buffer.ReadUnicodeString((ulong)offset, length / 2)); }
internal MountPoint(SafeBufferGeneric buffer, MOUNTMGR_MOUNT_POINT mp) { SymbolicLinkName = buffer.ReadUnicodeString((ulong)mp.SymbolicLinkNameOffset, mp.SymbolicLinkNameLength / 2); if (SymbolicLinkName.StartsWith(@"\DosDevices", StringComparison.OrdinalIgnoreCase)) { SymbolicLinkName = @"\??" + SymbolicLinkName.Substring(11); } UniqueId = buffer.ReadBytes((ulong)mp.UniqueIdOffset, mp.UniqueIdLength); DeviceName = buffer.ReadUnicodeString((ulong)mp.DeviceNameOffset, mp.DeviceNameLength / 2); }
internal LsaLogonResult(NtToken token, SafeBufferGeneric profile, Luid logon_id, QUOTA_LIMITS quota_limits) { Token = token; Profile = profile; LogonId = logon_id; PagedPoolLimit = quota_limits.PagedPoolLimit.ToInt64(); NonPagedPoolLimit = quota_limits.NonPagedPoolLimit.ToInt64(); MinimumWorkingSetSize = quota_limits.MinimumWorkingSetSize.ToInt64(); MaximumWorkingSetSize = quota_limits.MaximumWorkingSetSize.ToInt64(); PagefileLimit = quota_limits.PagefileLimit.ToInt64(); TimeLimit = TimeSpan.FromTicks(quota_limits.TimeLimit.QuadPart); }
private static ApiSetEntry CreateEntry(API_SET_NAMESPACE_ENTRY_WIN10 entry, SafeBufferGeneric map) { string name = ReadString(map, entry.NameOffset, entry.NameLength); string hash_name = ReadString(map, entry.NameOffset, entry.HashLength); var values = map.ReadArray <API_SET_VALUE_ENTRY_WIN10>(entry.ValueOffset, entry.ValueCount); List <ApiSetHost> hosts = new List <ApiSetHost>(); foreach (var value in values) { var import = ReadString(map, value.NameOffset, value.NameLength); var host = ReadString(map, value.ValueOffset, value.ValueLength); hosts.Add(new ApiSetHost(import, host)); } return(new ApiSetEntry(entry.Flags, name, hash_name, hosts)); }
private static IReadOnlyList <SidName> GetSidNameSids(string[] names, SafeLsaMemoryBuffer domains, SafeLsaMemoryBuffer sids) { using (SafeBufferGeneric a = domains, b = sids) { List <SidName> ret = new List <SidName>(); domains.Initialize <LSA_REFERENCED_DOMAIN_LIST>(1); sids.Initialize <LSA_TRANSLATED_SID2>((uint)names.Length); var domain_list = domains.Read <LSA_REFERENCED_DOMAIN_LIST>(0); var domains_entries = NtProcess.Current.ReadMemoryArray <LSA_TRUST_INFORMATION>(domain_list.Domains.ToInt64(), domain_list.Entries); var sid_list = sids.ReadArray <LSA_TRANSLATED_SID2>(0, names.Length); for (int i = 0; i < names.Length; ++i) { ret.Add(new SidName(sid_list[i].GetSid(), sid_list[i].GetDomain(domains_entries), names[i], SidNameSource.Account, sid_list[i].Use, false)); } return(ret.AsReadOnly()); } }
public SecBuffer(SecurityBufferType type, SafeBufferGeneric buffer) : this(type, buffer.DangerousGetHandle(), buffer.Length) { }
public SafeBufferView(SafeBufferGeneric buffer, bool writable) : base(buffer.DangerousGetHandle(), buffer.LongLength, false, writable) { }