sub GetNamedSecurityInfo {
my($pObjectName, $ObjectType, $SecurityInfo) = @_;
print "Raw.pm - pObjectName = $pObjectName.\n";
print "Raw.pm - ObjectType = $ObjectType.\n";
print "Raw.pm - SecurityInfo = $SecurityInfo.\n";
$Win32::API::DEBUG = 1;
$call ||= Win32::API->new('advapi32', 'GetNamedSecurityInfo', [qw(
+P I I P P P P P)], 'I') or Carp::croak("Unable to connect to GetNamed
+SecurityInfo.");
print "Raw.pm - new Win32::API succeeded\n";
$ObjectType = &Win32::Security::SE_OBJECT_TYPE->build_mask($Object
+Type);
print "Raw.pm - obtained objectType = $ObjectType.\n";
$SecurityInfo = &Win32::Security::SECURITY_INFORMATION->build_mask
+($SecurityInfo);
print "Raw.pm - obtained security info\n";
my($ppsidOwner, $ppsidGroup, $ppDacl, $ppSacl, $ppSecurityDescript
+or) = ("\0"x4) x 5;
my $retval = $call->Call($pObjectName, int($ObjectType),
$SecurityInfo, $ppsidOwner, $ppsidGroup, $ppDacl, $ppSacl,
+ $ppSecurityDescriptor);
print "Raw.pm - retVal set\n";
$retval and Carp::croak(&_format_error('GetNamedSecurityInfo', $re
+tval));
foreach ($ppsidOwner, $ppsidGroup, $ppDacl, $ppSacl, $ppSecurityDe
+scriptor) {
$_ = unpack("V", $_);
}
print "$ppsidOwner, $ppsidGroup, $ppDacl, $ppSacl, $ppSecurityDesc
+riptor.\n";
return($ppsidOwner, $ppsidGroup, $ppDacl, $ppSacl, $ppSecurityDesc
+riptor);
}
So my output for my main project looks like this:
object = MACHINE\SYSTEM\CurrentControlSet\services.
objectType = SE_REGISTRY_KEY.
Raw.pm - pObjectName = MACHINE\SYSTEM\CurrentControlSet\services
Raw.pm - ObjectType = SE_REGISTRY_KEY.
Raw.pm - SecurityInfo = DACL_SECURITY_INFORMATION.
Raw.pm - new Win32::API succeeded
Raw.pm - obtained objectType = 4.
Raw.pm - obtained security info
error = Win32::API::Call: parameter 1 had a buffer overflow at c:/perl
+utils/Perl/site/lib/Win32/Security/Raw.pm line 248.
Line 248 is the $call->Call line
The output from my script looks like this:
object = MACHINE\SYSTEM\CurrentControlSet\services
Raw.pm - pObjectName = MACHINE\SYSTEM\CurrentControlSet\services.
Raw.pm - ObjectType = SE_REGISTRY_KEY.
Raw.pm - SecurityInfo = DACL_SECURITY_INFORMATION.
Win32::API::new: Loading library 'advapi32'
GetProcAddress('GetNamedSecurityInfo') = '1967724532'
Object blessed!
Raw.pm - new Win32::API succeeded
Raw.pm - obtained objectType = 4.
Raw.pm - obtained security info
Raw.pm - retVal set
0, 0, 8289772, 0, 8289752.
0, 0, 8289772, 0, 8289752.
Win32::API::new: Loading library 'kernel32'
GetProcAddress('LocalFree') = '1974480092'
Object blessed!
object = MACHINE\SYSTEM\CurrentControlSet\Services
Raw.pm - pObjectName = MACHINE\SYSTEM\CurrentControlSet\Services.
Raw.pm - ObjectType = SE_REGISTRY_KEY.
Raw.pm - SecurityInfo = DACL_SECURITY_INFORMATION.
Raw.pm - new Win32::API succeeded
Raw.pm - obtained objectType = 4.
Raw.pm - obtained security info
Raw.pm - retVal set
0, 0, 8289772, 0, 8289752.
0, 0, 8289772, 0, 8289752.
object = MACHINE\SYSTEM\CurrentControlSet\services\.NET CLR Data
Raw.pm - pObjectName = MACHINE\SYSTEM\CurrentControlSet\services\.NET
+CLR Data.
Raw.pm - ObjectType = SE_REGISTRY_KEY.
Raw.pm - SecurityInfo = DACL_SECURITY_INFORMATION.
Raw.pm - new Win32::API succeeded
Raw.pm - obtained objectType = 4.
Raw.pm - obtained security info
Raw.pm - retVal set
0, 0, 8289892, 0, 8289872.
0, 0, 8289892, 0, 8289872.
object = MACHINE\SYSTEM\CurrentControlSet\services\Lsa\Performance
Raw.pm - pObjectName = MACHINE\SYSTEM\CurrentControlSet\services\Lsa\P
+erformance
.
Raw.pm - ObjectType = SE_REGISTRY_KEY.
Raw.pm - SecurityInfo = DACL_SECURITY_INFORMATION.
Raw.pm - new Win32::API succeeded
Raw.pm - obtained objectType = 4.
Raw.pm - obtained security info
Raw.pm - retVal set
0, 0, 8291340, 0, 8291320.
0, 0, 8291340, 0, 8291320.
Win32::API::DESTROY: Freeing library 'kernel32'
Win32::API::DESTROY: Freeing library 'advapi32'
Please note that I do not get the verbose Debug output in my main project even though it is calling the same Raw.pm. |