Lyris is great. It doesn’t like “remove” as the first word of mail.
Remove one parentheses. Get more experiences with C language in user mode
land before writing drivers. Sorry, if this is a problem how do you suppose
to solve real problems with FS filter?
Best regards,
Michal Vodicka
STMicroelectronics Design and Application s.r.o.
[michal.vodicka@st.com, http:://www.st.com]
From: xxxxx@hotmail.com[SMTP:xxxxx@hotmail.com]
Reply To: xxxxx@lists.osr.com
Sent: Wednesday, September 10, 2003 9:05 PM
To: xxxxx@lists.osr.com
Subject: [ntfsd] Re: return value of ZwQueryInformationToken and user
SIDThank you, Vodicka, but when I inserted the following code in order to
show
the “status” variable," if( !NT_SUCCESS( status ) )
DbgPrint((“ZwQueryInformation return value is: %x\n”, status ));"I get the the following compiling error:
‘PCH’ differs in levels of indirection from ‘NTSTATUS’
Any idea how I can show “status” variable?
“Vodicka, Michal” <michal.vodicka> д???Ϣ???:xxxxx@ntfsd…
> >
> > Have you considered a possibility to examine “status” variable value? If
> > assertion failure pops up debugger it is trivial and if it doesn’t (and
> you
> > have broken ASSERT implementation) just add one DbgPrint.
> >
> > Best regards,
> >
> > Michal Vodicka
> > STMicroelectronics Design and Application s.r.o.
> > [michal.vodicka@st.com, http:://www.st.com]
> >
> > > ----------
> > > From: xxxxx@hotmail.com[SMTP:xxxxx@hotmail.com]
> > > Reply To: xxxxx@lists.osr.com
> > > Sent: Wednesday, September 10, 2003 7:42 PM
> > > To: xxxxx@lists.osr.com
> > > Subject: [ntfsd] return value of ZwQueryInformationToken and user SID
> > >
> > > Hi,All,
> > >
> > > I am writing a file filter. In my IRP_MJ_CREATE dispatch routine, I
> add
> > > some
> > > codes to get the file user SID, meanwhile, SoftICE is used as
> debugging
> > > tool
> > > in boot mode.
> > >
> > > However,when I turn on the computer, SoftICE told me that "Assertion
> > > failed
> > > " at the line of
> > >
> > > “status=ZwQueryInformationToken(hToken, TokenUser, NULL, 0, &RetLen);
> > > ASSERT(STATUS_SUCCESS == status);”
> > >
> > > here ZwQueryInformationToken was called to get the necessary buffer
> > > length.
> > > According to IFS Kits online help, the return value of
> > > ZwQueryInformationToken would be one of
> > >
> STATUS_SUCCESS,STATUS_ACCESS_DENIED,STATUS_BUFFER_TOO_SMALL,STATUS_INVALID
> > > _H
> > > ANDLE,STATUS_INVALID_INFO_CLASS,or STATUS_OBJECT_TYPE_MISMATCH.
> > >
> > > It is weird that I always get “Assertioin failed” even though I tried
> all
> > > of
> > > the possible return values one by one. So what the return value would
> be?
> > >
> > > Can anyone help me with that? My codes added in IRP_MJ_CREATE dispatch
> > > routine are attached as below, thank you in advance:
> > >
> > > //
> > > // Purpose of these codes is to get user SID
> > > //
> > >
> > > NTSTATUS status;
> > > ULONG RetLen;
> > > HANDLE hToken;
> > > PTOKEN_USER tokenInfoBuffer;
> > > PIO_STACK_LOCATION irpSp;
> > > PACCESS_TOKEN Token;
> > > PSID userSID;
> > >
> > > irpSp = IoGetCurrentIrpStackLocation( Irp );
> > > Token
> > >
> =irpSp->Parameters.Create.SecurityContext->AccessState->SubjectSecurityCon
> > > te
> > > xt.ClientToken;
> > > if( Token == NULL )
> > >
> > >
> Token=irpSp->Parameters.Create.SecurityContext->AccessState->SubjectSecuri
> > > ty
> > > Context.PrimaryToken;
> > >
> > > // ObOpenObjectByPointer on Token, provides hToken;
> > > status= ObOpenObjectByPointer(Token, 0, NULL, TOKEN_QUERY, NULL,
> > > KernelMode,&hToken );
> > >
> > > ASSERT(STATUS_SUCCESS == status);
> > > ObDereferenceObject(Token);
> > >
> > > // This returns the size of the SID.
> > > status=ZwQueryInformationToken(hToken, TokenUser, NULL, 0, &RetLen);
> > > ASSERT(STATUS_SUCCESS == status);
> > >
> > > //Allocate memory for RetLen bytes, put the pointer to
> tokenInfoBuffer
> > > variable.
> > > tokenInfoBuffer=(PTOKEN_USER) ExAllocatePool( NonPagedPool, RetLen );
> > > status=ZwQueryInformationToken(hToken, TokenUser,
> > > tokenInfoBuffer,RetLen,&RetLen);
> > > ASSERT(STATUS_SUCCESS == status);
> > >
> > > userSID=tokenInfoBuffer->User.Sid;
> > > if(RtlValidSid(userSID))
> > > {
> > > KdPrint((“valid userSID”));
> > > }
> > > else
> > > {
> > > KdPrint((“invalid userSID”));
> > > }
> > >
> > > ZwClose(hToken);
> > >
> > >
> > >
> > >
> > > —
> > > You are currently subscribed to ntfsd as: michal.vodicka@st.com
> > > To unsubscribe send a blank email to xxxxx@lists.osr.com
> > >
> >
> >
>
>
>
> —
> You are currently subscribed to ntfsd as: michal.vodicka@st.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
></michal.vodicka>