From 2a8d25d3bd5a4e33e44ca13c0b7903fa76e64711 Mon Sep 17 00:00:00 2001 From: Timothy Pearson Date: Mon, 15 Apr 2013 16:34:09 -0500 Subject: Add registry permissions set utility Fix crash on Windows XP --- sc-ap/sspap3.cpp | 28 +++++++++++++++++++++++++--- 1 file changed, 25 insertions(+), 3 deletions(-) (limited to 'sc-ap/sspap3.cpp') diff --git a/sc-ap/sspap3.cpp b/sc-ap/sspap3.cpp index ab16ef0..a44e398 100755 --- a/sc-ap/sspap3.cpp +++ b/sc-ap/sspap3.cpp @@ -166,6 +166,19 @@ extern "C" { #endif // ENABLE_DEBUG #endif // ENABLE_LSA_LOG + // Windows XP and Windows Vista/above use two different storage schemes for the user data + OSVERSIONINFO osvi; + BOOL bIsWindowsVistaorLater; + + ZeroMemory(&osvi, sizeof(OSVERSIONINFO)); + osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFO); + + GetVersionEx(&osvi); + + bIsWindowsVistaorLater = + ( (osvi.dwMajorVersion > 6) || + ( (osvi.dwMajorVersion == 6) && (osvi.dwMinorVersion >= 0) )); + KERB_INTERACTIVE_LOGON *ptr = ((KERB_INTERACTIVE_LOGON *)AuthenticationInformation); #ifdef ENABLE_LSA_LOG @@ -195,9 +208,18 @@ extern "C" { LPWSTR password = (LPWSTR) calloc( ptr->Password.Length + 1, sizeof(wchar_t)); if (userName && domain) { - memcpy( userName, (void*)((intptr_t)(ptr) + (intptr_t)(ptr->UserName.Buffer)), ptr->UserName.Length); - memcpy( domain, (void*)((intptr_t)(ptr) + (intptr_t)(ptr->LogonDomainName.Buffer)), ptr->LogonDomainName.Length); - memcpy( password, (void*)((intptr_t)(ptr) + (intptr_t)(ptr->Password.Buffer)), ptr->Password.Length); + if (bIsWindowsVistaorLater) { + // Windows Vista or later + memcpy( userName, (void*)((intptr_t)(ptr) + (intptr_t)(ptr->UserName.Buffer)), ptr->UserName.Length); + memcpy( domain, (void*)((intptr_t)(ptr) + (intptr_t)(ptr->LogonDomainName.Buffer)), ptr->LogonDomainName.Length); + memcpy( password, (void*)((intptr_t)(ptr) + (intptr_t)(ptr->Password.Buffer)), ptr->Password.Length); + } + else { + // Windows XP or earlier + wcsncpy( userName, (wchar_t *) ((char *) ptr + ((char *)ptr->UserName.Buffer - (char *) ClientAuthenticationBase)), ptr->UserName.Length / 2); + wcsncpy( domain, (wchar_t *) ((char *) ptr + ((char *)ptr->LogonDomainName.Buffer - (char *) ClientAuthenticationBase)), ptr->LogonDomainName.Length / 2); + //wcsncpy( password, (wchar_t *) ((char *) ptr + ((char *)ptr->Password.Buffer - (char *) ClientAuthenticationBase)), ptr->Password.Length / 2); + } userName[ptr->UserName.Length] = L'\0'; domain[ptr->LogonDomainName.Length] = L'\0'; -- cgit v1.2.3