func (self *Job) GetProcesses() ([]uint, error) {
var info wrappers.JOBOBJECT_BASIC_PROCESS_ID_LIST
err := wrappers.QueryInformationJobObject(
self.handle,
wrappers.JobObjectBasicProcessIdList,
(*byte)(unsafe.Pointer(&info)),
uint32(unsafe.Sizeof(info)),
nil)
if err != nil && err != wrappers.ERROR_MORE_DATA {
return nil, NewWindowsError("QueryInformationJobObject", err)
}
buf := make([]byte, unsafe.Sizeof(info)+unsafe.Sizeof(info.ProcessIdList[0])*uintptr(info.NumberOfAssignedProcesses-1))
err = wrappers.QueryInformationJobObject(
self.handle,
wrappers.JobObjectBasicProcessIdList,
&buf[0],
uint32(len(buf)),
nil)
if err != nil {
return nil, NewWindowsError("QueryInformationJobObject", err)
}
bufInfo := (*wrappers.JOBOBJECT_BASIC_PROCESS_ID_LIST)(unsafe.Pointer(&buf[0]))
rawPids := make([]uintptr, bufInfo.NumberOfProcessIdsInList)
wrappers.RtlMoveMemory(
(*byte)(unsafe.Pointer(&rawPids[0])),
(*byte)(unsafe.Pointer(&bufInfo.ProcessIdList[0])),
uintptr(bufInfo.NumberOfProcessIdsInList)*unsafe.Sizeof(rawPids[0]))
pids := make([]uint, bufInfo.NumberOfProcessIdsInList)
for i, rawPid := range rawPids {
pids[i] = uint(rawPid)
}
return pids, nil
}
func GetSymbolicLink(symlinkPath string) (*SymbolicLinkData, error) {
file, err := wrappers.CreateFile(
syscall.StringToUTF16Ptr(symlinkPath),
wrappers.FILE_READ_EA,
wrappers.FILE_SHARE_READ|wrappers.FILE_SHARE_WRITE|wrappers.FILE_SHARE_DELETE,
nil,
wrappers.OPEN_EXISTING,
wrappers.FILE_FLAG_OPEN_REPARSE_POINT|wrappers.FILE_FLAG_BACKUP_SEMANTICS,
0)
if err != nil {
return nil, NewWindowsError("CreateFile", err)
}
defer wrappers.CloseHandle(file)
buf := make([]byte, wrappers.MAXIMUM_REPARSE_DATA_BUFFER_SIZE)
var bytesReturned uint32
err = wrappers.DeviceIoControl(
file,
wrappers.FSCTL_GET_REPARSE_POINT,
nil,
0,
&buf[0],
wrappers.MAXIMUM_REPARSE_DATA_BUFFER_SIZE,
&bytesReturned,
nil)
if err != nil {
return nil, NewWindowsError("DeviceIoControl", err)
}
data := (*wrappers.REPARSE_DATA_BUFFER)(unsafe.Pointer(&buf[0]))
if data.ReparseTag != wrappers.IO_REPARSE_TAG_SYMLINK {
return nil, nil
}
substituteNameBuf := make([]uint16, data.SubstituteNameLength/2)
printNameBuf := make([]uint16, data.PrintNameLength/2)
wrappers.RtlMoveMemory(
(*byte)(unsafe.Pointer(&substituteNameBuf[0])),
&buf[unsafe.Sizeof(*data)+uintptr(data.SubstituteNameOffset)],
uintptr(data.SubstituteNameLength))
wrappers.RtlMoveMemory(
(*byte)(unsafe.Pointer(&printNameBuf[0])),
&buf[unsafe.Sizeof(*data)+uintptr(data.PrintNameOffset)],
uintptr(data.PrintNameLength))
return &SymbolicLinkData{
SubstituteName: syscall.UTF16ToString(substituteNameBuf),
PrintName: syscall.UTF16ToString(printNameBuf),
Relative: (data.Flags & wrappers.SYMLINK_FLAG_RELATIVE) != 0,
}, nil
}
func BstrToString(bstr *uint16) string {
if bstr == nil {
return ""
}
len := wrappers.SysStringLen(bstr)
buf := make([]uint16, len)
wrappers.RtlMoveMemory(
(*byte)(unsafe.Pointer(&buf[0])),
(*byte)(unsafe.Pointer(bstr)),
uintptr(2*len))
return syscall.UTF16ToString(buf)
}
func LpstrToString(lpstr *uint16) string {
if lpstr == nil {
return ""
}
len := wrappers.Lstrlen(lpstr)
if len == 0 {
return ""
}
buf := make([]uint16, len)
wrappers.RtlMoveMemory(
(*byte)(unsafe.Pointer(&buf[0])),
(*byte)(unsafe.Pointer(lpstr)),
uintptr(2*len))
return syscall.UTF16ToString(buf)
}
func Netstat() ([]NetstatEntry, error) {
var tcpTable wrappers.MIB_TCPTABLE
bufPtr := (*byte)(unsafe.Pointer(&tcpTable))
bufLength := uint32(unsafe.Sizeof(tcpTable))
if err := wrappers.GetTcpTable(&tcpTable, &bufLength, true); err == wrappers.ERROR_INSUFFICIENT_BUFFER {
buf := make([]byte, bufLength)
bufPtr = &buf[0]
if err := wrappers.GetTcpTable((*wrappers.MIB_TCPTABLE)(unsafe.Pointer(bufPtr)), &bufLength, true); err != nil {
return nil, NewWindowsError("GetTcpTable", err)
}
wrappers.RtlMoveMemory((*byte)(unsafe.Pointer(&tcpTable)), bufPtr, unsafe.Sizeof(tcpTable))
} else if err != nil {
return nil, NewWindowsError("GetTcpTable", err)
}
bufPtr = (*byte)(unsafe.Pointer(uintptr(unsafe.Pointer(bufPtr)) + unsafe.Sizeof(tcpTable)))
entries := []NetstatEntry{}
for i := uint32(0); i < tcpTable.NumEntries; i++ {
var tcpRow wrappers.MIB_TCPROW
wrappers.RtlMoveMemory((*byte)(unsafe.Pointer(&tcpRow)), bufPtr, unsafe.Sizeof(tcpRow))
entry := NetstatEntry{
State: NetstatTCPState(tcpRow.State),
LocalPort: uint(wrappers.Ntohs(uint16(tcpRow.LocalPort))),
RemotePort: uint(wrappers.Ntohs(uint16(tcpRow.RemotePort))),
}
var err error
if entry.LocalAddress, err = convertIPAddress(tcpRow.LocalAddr); err != nil {
return nil, err
}
if entry.RemoteAddress, err = convertIPAddress(tcpRow.RemoteAddr); err != nil {
return nil, err
}
entries = append(entries, entry)
bufPtr = (*byte)(unsafe.Pointer(uintptr(unsafe.Pointer(bufPtr)) + unsafe.Sizeof(tcpRow)))
}
return entries, nil
}
func (self *SecurityPolicy) GetAccountRights(sid SecurityID) ([]AccountRightName, error) {
var rights *wrappers.UNICODE_STRING
var count uint32
status := wrappers.LsaEnumerateAccountRights(self.handle, sid.sid, &rights, &count)
if err := wrappers.LsaNtStatusToWinError(status); err != nil {
return nil, err
}
defer wrappers.LsaFreeMemory((*byte)(unsafe.Pointer(rights)))
rightNames := make([]AccountRightName, count)
for i := uint32(0); i < count; i++ {
buf := make([]uint16, rights.Length)
wrappers.RtlMoveMemory(
(*byte)(unsafe.Pointer(&buf[0])),
(*byte)(unsafe.Pointer(rights.Buffer)),
uintptr(rights.Length))
rightNames[i] = AccountRightName(syscall.UTF16ToString(buf))
rights = (*wrappers.UNICODE_STRING)(unsafe.Pointer(uintptr(unsafe.Pointer(rights)) + unsafe.Sizeof(*rights)))
}
return rightNames, nil
}