So I tried
$pObjectName .= "\0" x 100;
$pObjectName .= "\0" x 1000;
$pObjectName .= "\0" x 10000;
and each one gave the same buffer overflow error.
I also noticed that earlier in the main project we call Win32::Security::NamedObject which then calls Win32::Security::Raw and it was working. So I tried duplicating this same logic where I am seeing the error with no luck.
I then tried changing the namedobject instance to mimic the problem code and the outcome was the same. The first call worked, subsequent calls failed with the error. So I thought, remove the first call altogether to see if it is some weird memory issue. That also did not work.
On a side note, I have seen it "work" on rare occasion (~1 out of 100 or so runs). When this occurs, the values for $ppsidOwner, $ppsidGroup, $ppDacl, $ppSacl, $ppSecurityDescriptor are the same for every single registry key checked. This leads me to believe the underlying API call is just reading the same memory space over and over again because the values are never the same with my script.
Thoughts? This is truly boggling my mind!
|