Solved

NetUserGetInfo and NetWkstaGetUserInfo access violations

Posted on 2000-03-19
6
465 Views
Last Modified: 2008-03-10
I have the following code:
      DWORD currentuserpriv;
      LPWKSTA_USER_INFO_0 currentuser = NULL;
      LPUSER_INFO_1 buffer = NULL;
      NetWkstaUserGetInfo(NULL, DWORD(0), (LPBYTE *)&currentuser);
      NetUserGetInfo(NULL, LPCWSTR(currentuser->wkui0_username),DWORD(1), (LPBYTE *)&buffer);
      currentuserpriv = buffer->usri1_priv;
      MessageBox(currentuser->wkui0_username, NULL, MB_OK);
      if (currentuserpriv != USER_PRIV_ADMIN) {
            MessageBox("You must have Administrative priviliges to run Setup.", "Setup", MB_OK|MB_ICONSTOP);
      }

Upon running it, however, it gives me an access violation on NetUserGetInfo's currentuser->wkui0_username.  How do I fix this.  The code is to check for administrative privileges for a setup program.
0
Comment
Question by:victech
  • 4
  • 2
6 Comments
 
LVL 32

Expert Comment

by:jhance
Comment Utility
I see several problem here:

Where are you checking the return status of NetWkstaUserGetInfo()?

How do you know that currentuser->wkui0_username has a valid username?

How do you know that currentuser is not NULL?

0
 

Author Comment

by:victech
Comment Utility
I'm sorry, that doesn't quite answer what I was originally looking for.  I just wanted to know why the access violation was being issued.
0
 
LVL 32

Accepted Solution

by:
jhance earned 100 total points
Comment Utility
Then I'll post it again since you obviously don't understand what I'm talking about:

How do you know that currentuser->wkui0_username has a valid username?

How do you know that currentuser is not NULL?

You say NetUserGetInfo is crashing.  But you are NOT validating ANY of the input parameters.  Some of these are resultant from the NetWkstaUserGetInfo function.  If it failed then currentuser might still be NULL.  Also currentuser->wkui0_username might also be NULL.

How can anyone offer any further advice until you check these paramters input to the function, which ABSOLUTELY can cause it to crash and verify that they are correct?????
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 32

Expert Comment

by:jhance
Comment Utility
Here is this code and it works fine for me.  

Don't forget that you should compile this as UNICODE (define both UNICODE and _UNICODE in the project settings) or take special precautions to convert to wchar_t for those functions that are UNICODE only.

The definitions for WKSTA_USER_INFO_X and USER_INFO_X are sometimes confusing because NetWkstaUserGetInfo and NetUserGetInfo are BOTH UNICODE ONLY even though the definitions for their data structures imply that they take LPTSTR they really only take LPWSTR.

If you're mixing and matching UNICODE and ASCII, be very careful with these functions and their parameters.


#include "windows.h"
#include "lm.h"

int main(int argc, char* argv[])
{
      DWORD currentuserpriv;
      LPWKSTA_USER_INFO_0 currentuser = NULL;
      LPUSER_INFO_1 buffer = NULL;

      if(NetWkstaUserGetInfo(NULL, DWORD(0), (LPBYTE *)&currentuser) != NERR_Success){
            wprintf(L"Error in NetWkstaUserGetInfo\n");
            return -1;
      }
      else{
            wprintf(L"NetWkstaUserGetInfo OK\n");
      }

      if(NetUserGetInfo(NULL, LPCWSTR(currentuser->wkui0_username),DWORD(1), (LPBYTE *)&buffer) != NERR_Success){
            NetApiBufferFree(currentuser);

            wprintf(L"Error in NetUserGetInfo\n");

            return -1;
      }

      currentuserpriv = buffer->usri1_priv;

      wprintf(L"Current user is %s\n", currentuser->wkui0_username);

      if (currentuserpriv != USER_PRIV_ADMIN) {
            wprintf(L"You are not administrator\n");
      }
      else{
            wprintf(L"You are administrator\n");
      }

      NetApiBufferFree(currentuser);
      NetApiBufferFree(buffer);

      return 0;
}
0
 

Author Comment

by:victech
Comment Utility
That last bit of source code you posted was perfect!  Thank you very much, I'm sorry I originally rejected your answer.  I'm just a beginner and didn't quite take the time to understand your answer as well as I should have.  Thanks again.
0
 
LVL 32

Expert Comment

by:jhance
Comment Utility
Well don't feel bad.  The entire set of NetXXX functions in NT are poorly documented and many don't work exactly as "advertised".  The biggest issue is the UNICODE vs. non-UNICODE builds of an application that uses them.  All of the header files for these use standard string definitions which are fine if you are using UNICODE in your build options.  

0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Article by: SunnyDark
This article's goal is to present you with an easy to use XML wrapper for C++ and also present some interesting techniques that you might use with MS C++. The reason I built this class is to ease the pain of using XML files with C++, since there is…
In days of old, returning something by value from a function in C++ was necessarily avoided because it would, invariably, involve one or even two copies of the object being created and potentially costly calls to a copy-constructor and destructor. A…
The viewer will learn how to pass data into a function in C++. This is one step further in using functions. Instead of only printing text onto the console, the function will be able to perform calculations with argumentents given by the user.
The viewer will learn how to user default arguments when defining functions. This method of defining functions will be contrasted with the non-default-argument of defining functions.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now