Mercurial > trustbridge

diff cinst/nssstore_win.c @ 670:175370634226

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Move getProcessOwner to util and use it to skip the current user in locate other hives
author Andre Heinecke <andre.heinecke@intevation.de>
date Fri, 27 Jun 2014 10:27:08 +0200
parents ef6d3dc9e930
children d4766b4922c9
line wrap: on
line diff
--- a/cinst/nssstore_win.c	Thu Jun 26 17:42:52 2014 +0200
+++ b/cinst/nssstore_win.c	Fri Jun 27 10:27:08 2014 +0200
@@ -39,6 +39,7 @@
 */
 
 #include <windows.h>
+#include <sddl.h>
 #include <stdio.h>
 #include <stdbool.h>
 #include <userenv.h>
@@ -164,9 +165,11 @@
      a registry key is limited to 255 characters. But according to
      http://www.sepago.de/e/holger/2010/07/20/how-long-can-a-registry-key-name-really-be
      the actual limit is 256 + \0 thus we create a buffer for 257 wchar_t's*/
-  wchar_t key_name[257];
+  wchar_t key_name[257],
+          *current_user_sid = NULL;
   char **retval = NULL;
   bool error = true;
+  PSID current_user = NULL;
 
   ret = RegOpenKeyExW (HKEY_LOCAL_MACHINE, PROFILE_LIST, 0,
                        KEY_READ, &profile_list);
@@ -176,6 +179,22 @@
       return NULL;
     }
 
+
+  /* Obtain the current user sid to prevent it from being returned. */
+  current_user = get_process_owner (GetCurrentProcess());
+
+  if (!current_user)
+    {
+      ERRORPRINTF ("Failed to get the current user.");
+      goto done;
+    }
+
+  if (!ConvertSidToStringSidW (current_user, &current_user_sid))
+    {
+      PRINTLASTERROR ("Failed to convert sid to string.");
+      goto done;
+    }
+
   while ((ret = RegEnumKeyExW (profile_list, index++,
                                key_name, &key_len,
                                NULL, NULL, NULL, NULL)) == ERROR_SUCCESS)
@@ -185,16 +204,19 @@
           ERRORPRINTF ("Registry key too long.");
           goto done;
         }
-      DEBUGPRINTF ("Key : %S", key_name);
 
       /* Reset key_len to buffer size */
       key_len = 257;
 
-      if (wcsncmp (L"S-1-5-21-", key_name, 9) != 0)
+      if (wcsncmp (L"S-1-5-21-", key_name, 9) != 0 ||
+          wcscmp (current_user_sid, key_name) == 0)
         {
-          /* S-1-5-21 is the well known prefix for local users. Skip all others */
+          /* S-1-5-21 is the well known prefix for local users. Skip all
+             others and the current user*/
           continue;
         }
+
+      DEBUGPRINTF ("Key : %S", key_name);
     }
 
   if (ret != ERROR_NO_MORE_ITEMS)
@@ -204,8 +226,15 @@
     }
 
 done:
+  xfree (current_user);
+
   RegCloseKey (profile_list);
 
+  if (current_user_sid)
+    {
+      LocalFree (current_user_sid);
+    }
+
   if (error)
     {
       strv_free (retval);
http://wald.intevation.org/projects/trustbridge/