mirror of
https://github.com/pbatard/rufus.git
synced 2024-08-14 23:57:05 +00:00
[process] print access rights
* Also clean up the code
This commit is contained in:
Pete Batard
parent
7b86943266
commit
7b37208820
3 changed files with 36 additions and 40 deletions
|
|
@ -345,6 +345,7 @@ ULONG PhGetObjectTypeNumber(PUNICODE_STRING TypeName)
|
|||
*/
|
||||
BOOL SearchProcess(char* HandleName, BOOL bPartialMatch, BOOL bIgnoreSelf)
|
||||
{
|
||||
const char *access_rights_str[4] = { "n", "r", "w", "rw" };
|
||||
NTSTATUS status = STATUS_SUCCESS;
|
||||
PSYSTEM_HANDLE_INFORMATION_EX handles = NULL;
|
||||
POBJECT_NAME_INFORMATION buffer = NULL;
|
||||
|
|
@ -361,14 +362,15 @@ BOOL SearchProcess(char* HandleName, BOOL bPartialMatch, BOOL bIgnoreSelf)
|
|||
HANDLE dupHandle = NULL;
|
||||
HANDLE processHandle = NULL;
|
||||
BOOLEAN bFound = FALSE;
|
||||
char exe[2][MAX_PATH];
|
||||
int cur_exe, cur_pid;
|
||||
ULONG access_rights = 0;
|
||||
char exe_path[MAX_PATH];
|
||||
int cur_pid;
|
||||
|
||||
PF_INIT_OR_SET_STATUS(NtQueryObject, Ntdll);
|
||||
PF_INIT_OR_SET_STATUS(NtDuplicateObject, NtDll);
|
||||
PF_INIT_OR_SET_STATUS(NtClose, NtDll);
|
||||
#ifdef USE_OBJECT_TYPES
|
||||
PF_INIT(RtlInitUnicodeString, NtDll);
|
||||
PF_INIT_OR_SET_STATUS(RtlInitUnicodeString, NtDll);
|
||||
#endif
|
||||
|
||||
if (NT_SUCCESS(status))
|
||||
|
|
@ -382,10 +384,9 @@ BOOL SearchProcess(char* HandleName, BOOL bPartialMatch, BOOL bIgnoreSelf)
|
|||
goto out;
|
||||
}
|
||||
|
||||
pid[0] = (ULONG_PTR)NULL;
|
||||
exe_path[0] = 0;
|
||||
pid[0] = (ULONG_PTR)0;
|
||||
cur_pid = 1;
|
||||
exe[0][0] = 0;
|
||||
cur_exe = 1;
|
||||
|
||||
wHandleName = utf8_to_wchar(HandleName);
|
||||
wHandleNameLen = (USHORT)wcslen(wHandleName);
|
||||
|
|
@ -400,7 +401,6 @@ BOOL SearchProcess(char* HandleName, BOOL bPartialMatch, BOOL bIgnoreSelf)
|
|||
fileObjectTypeIndex = PhGetObjectTypeNumber(&fileTypeName);
|
||||
if (fileObjectTypeIndex < 0)
|
||||
uprintf("Warning: Could not get Object Index for file types");
|
||||
}
|
||||
#endif
|
||||
|
||||
for (i = 0; ; i++) {
|
||||
|
|
@ -426,6 +426,14 @@ BOOL SearchProcess(char* HandleName, BOOL bPartialMatch, BOOL bIgnoreSelf)
|
|||
|
||||
if (pid[0] != pid[1]) {
|
||||
cur_pid = (cur_pid + 1) % 2;
|
||||
|
||||
// If we're switching process and found a match, print it
|
||||
if (bFound) {
|
||||
uprintf("o '%s' (pid: %ld, access: %s)", exe_path, pid[cur_pid], access_rights_str[access_rights & 0x3]);
|
||||
bFound = FALSE;
|
||||
access_rights = 0;
|
||||
}
|
||||
|
||||
// Close the previous handle
|
||||
if (processHandle != NULL) {
|
||||
if (processHandle != NtCurrentProcess())
|
||||
|
|
@ -483,7 +491,7 @@ BOOL SearchProcess(char* HandleName, BOOL bPartialMatch, BOOL bIgnoreSelf)
|
|||
// A loop is needed because the I/O subsystem likes to give us the wrong return lengths...
|
||||
do {
|
||||
ULONG returnSize;
|
||||
// TODO: We might still need a timeout on ObjectName queries, as PH does...
|
||||
// TODO: We might potentially still need a timeout on ObjectName queries, as PH does...
|
||||
status = pfNtQueryObject(dupHandle, ObjectNameInformation, buffer, bufferSize, &returnSize);
|
||||
if (status == STATUS_BUFFER_OVERFLOW || status == STATUS_INFO_LENGTH_MISMATCH ||
|
||||
status == STATUS_BUFFER_TOO_SMALL) {
|
||||
|
|
@ -513,28 +521,25 @@ BOOL SearchProcess(char* HandleName, BOOL bPartialMatch, BOOL bIgnoreSelf)
|
|||
if (wcsncmp(wHandleName, buffer->Name.Buffer, wHandleNameLen) != 0)
|
||||
continue;
|
||||
|
||||
if (!bFound) {
|
||||
uprintf("\r\nNOTE: The following process(es) are accessing %s:", HandleName);
|
||||
bFound = TRUE;
|
||||
}
|
||||
// If we are here, we have a process accessing our target!
|
||||
bFound = TRUE;
|
||||
|
||||
// TODO: only list processes with conflicting access rights (ignore "Read attributes" or "Synchronize")
|
||||
if (GetModuleFileNameExU(processHandle, 0, exe[cur_exe], MAX_PATH - 1)) {
|
||||
// Avoid printing the same path repeatedly
|
||||
if (strcmp(exe[0], exe[1]) != 0) {
|
||||
uprintf("o %s", exe[cur_exe]);
|
||||
cur_exe = (cur_exe + 1) % 2;
|
||||
}
|
||||
} else {
|
||||
uprintf("o Unknown (Process ID %d)", GetProcessId(processHandle));
|
||||
}
|
||||
// Keep a mask of all the access rights being used
|
||||
access_rights |= handleInfo->GrantedAccess;
|
||||
|
||||
// If this is the very first process we find, print a header
|
||||
if (exe_path[0] == 0)
|
||||
uprintf("\r\nNOTE: The following process(es) or service(s) are accessing %s:", HandleName);
|
||||
|
||||
if (!GetModuleFileNameExU(processHandle, 0, exe_path, MAX_PATH - 1))
|
||||
safe_sprintf(exe_path, MAX_PATH, "Unknown_Process_%ld", handleInfo->UniqueProcessId);
|
||||
}
|
||||
|
||||
out:
|
||||
if (bFound)
|
||||
if (exe_path[0] != 0)
|
||||
uprintf("You should try to close these applications before attempting to reformat the drive.");
|
||||
else
|
||||
uprintf("NOTE: " APPLICATION_NAME " was not able to identify the process(es) preventing access to %s", HandleName);
|
||||
uprintf(APPLICATION_NAME " was unable to identify the process(es) or service(s) preventing access to %s", HandleName);
|
||||
|
||||
free(wHandleName);
|
||||
PhFree(buffer);
|
||||
|
|
|
|||
|
|
@ -109,18 +109,9 @@ typedef struct _OBJECT_TYPE_INFORMATION
|
|||
ULONG DefaultNonPagedPoolCharge;
|
||||
} OBJECT_TYPE_INFORMATION, *POBJECT_TYPE_INFORMATION;
|
||||
|
||||
typedef enum _MY_OBJECT_INFORMATION_CLASS
|
||||
{
|
||||
_ObjectBasicInformation, // OBJECT_BASIC_INFORMATION
|
||||
ObjectNameInformation, // OBJECT_NAME_INFORMATION
|
||||
_ObjectTypeInformation, // OBJECT_TYPE_INFORMATION
|
||||
ObjectTypesInformation, // OBJECT_TYPES_INFORMATION
|
||||
ObjectHandleFlagInformation, // OBJECT_HANDLE_FLAG_INFORMATION
|
||||
ObjectSessionInformation,
|
||||
ObjectSessionObjectInformation,
|
||||
MaxObjectInfoClass
|
||||
} MY_OBJECT_INFORMATION_CLASS;
|
||||
#define ObjectNameInformation 1
|
||||
#endif
|
||||
#define ObjectTypesInformation 3
|
||||
|
||||
typedef struct _OBJECT_TYPES_INFORMATION
|
||||
{
|
||||
|
|
|
|||
10
src/rufus.rc
10
src/rufus.rc
|
|
@ -33,7 +33,7 @@ LANGUAGE LANG_NEUTRAL, SUBLANG_NEUTRAL
|
|||
IDD_DIALOG DIALOGEX 12, 12, 242, 376
|
||||
STYLE DS_SETFONT | DS_MODALFRAME | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU
|
||||
EXSTYLE WS_EX_ACCEPTFILES
|
||||
CAPTION "Rufus 2.15.1100"
|
||||
CAPTION "Rufus 2.15.1101"
|
||||
FONT 8, "Segoe UI Symbol", 400, 0, 0x0
|
||||
BEGIN
|
||||
LTEXT "Device",IDS_DEVICE_TXT,9,6,200,8
|
||||
|
|
@ -334,8 +334,8 @@ END
|
|||
//
|
||||
|
||||
VS_VERSION_INFO VERSIONINFO
|
||||
FILEVERSION 2,15,1100,0
|
||||
PRODUCTVERSION 2,15,1100,0
|
||||
FILEVERSION 2,15,1101,0
|
||||
PRODUCTVERSION 2,15,1101,0
|
||||
FILEFLAGSMASK 0x3fL
|
||||
#ifdef _DEBUG
|
||||
FILEFLAGS 0x1L
|
||||
|
|
@ -352,13 +352,13 @@ BEGIN
|
|||
BEGIN
|
||||
VALUE "CompanyName", "Akeo Consulting (http://akeo.ie)"
|
||||
VALUE "FileDescription", "Rufus"
|
||||
VALUE "FileVersion", "2.15.1100"
|
||||
VALUE "FileVersion", "2.15.1101"
|
||||
VALUE "InternalName", "Rufus"
|
||||
VALUE "LegalCopyright", "© 2011-2017 Pete Batard (GPL v3)"
|
||||
VALUE "LegalTrademarks", "http://www.gnu.org/copyleft/gpl.html"
|
||||
VALUE "OriginalFilename", "rufus.exe"
|
||||
VALUE "ProductName", "Rufus"
|
||||
VALUE "ProductVersion", "2.15.1100"
|
||||
VALUE "ProductVersion", "2.15.1101"
|
||||
END
|
||||
END
|
||||
BLOCK "VarFileInfo"
|
||||
|
|
|
|||
Loading…
Reference in a new issue