Problem whit CopySID

Hi guys i have a problem (i think little), the CopySID fuction return a good SID structure but in the main function the check give a totaly different textual SID! Why? :/
BOOL GetProcessOwnerSid(DWORD dwProcessId, LPTSTR lpszOwnerSid, PSID ptagOwnerSid) {
	HANDLE hProcess;
	HANDLE hProcessToken;
	DWORD dwTokenInfoLength = 0;
	DWORD dwSidLength;
	LPTSTR lpszOwnerSidHeap;
	PTOKEN_USER ptagTokenUser;
	SID_NAME_USE eSidNameUse;
	if ((lpszOwnerSid) && (ptagOwnerSid)) {
		hProcess = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, dwProcessId);
		if (!hProcess) {
			return FALSE;
		}
		if (!OpenProcessToken(hProcess, TOKEN_QUERY, &hProcessToken)) {
			return FALSE;
		}
		GetTokenInformation(hProcessToken, TokenUser, ptagTokenUser, 
			                dwTokenInfoLength, &dwTokenInfoLength);
		ptagTokenUser = (PTOKEN_USER)GlobalAlloc(GPTR, dwTokenInfoLength);
		if (!ptagTokenUser) {
			return FALSE;
		}
		if (!GetTokenInformation(hProcessToken, TokenUser, ptagTokenUser, 
			                     dwTokenInfoLength, &dwTokenInfoLength)) {
				return FALSE;
		}
		if (IsValidSid(ptagTokenUser->User.Sid)) {
			if (lpszOwnerSid != NULL) {
				if (!ConvertSidToStringSid(ptagTokenUser->User.Sid, &lpszOwnerSidHeap)) {
					return FALSE;
				}
				lstrcpy(lpszOwnerSid, lpszOwnerSidHeap);
				LocalFree((HLOCAL)lpszOwnerSidHeap);
			}
			if (ptagOwnerSid != NULL) {
				dwSidLength = GetLengthSid(ptagTokenUser->User.Sid);
				ptagOwnerSid = (PSID)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, dwSidLength);
				if (!ptagOwnerSid) {
					return FALSE;
				}
				if(!CopySid(dwSidLength, ptagOwnerSid, ptagTokenUser->User.Sid)) {
                   return FALSE;
				}
				if (!IsValidSid(ptagOwnerSid)) {
				    return FALSE;
				}
			}
		} else {
			return FALSE;
		}
	}
	GlobalFree((HGLOBAL)ptagTokenUser);
	return TRUE;
}
 
int _tmain(int argc, LPCTSTR *argv[]) {
 
	TCHAR szSidName[256];
	PSID ptagSid;
    
 
    GetProcessOwnerSid(932, szSidName, ptagSid);
    LPTSTR lpszSidName = szSidName;
	ZeroMemory(&szSidName, lstrlen(szSidName));
	ConvertSidToStringSid(ptagSid, &lpszSidName);
	
	HeapFree(GetProcessHeap(), NULL, ptagSid);
	Pause();
	ExitProcess(TRUE);
}

Open in new window

0x7FAsked:
Who is Participating?
 
0x7FConnect With a Mentor Author Commented:
I HAVE RESOLVED BY MY SELF! I HOPE THIS HELP SOMEONE ;)
BOOL GetProcessOwnerSid(DWORD dwProcessId, LPTSTR lpszOwnerSid, PSID *ptagOwnerSid) {
	HANDLE hProcess;
	HANDLE hProcessToken;
	DWORD dwTokenInfoLength = 0;
	DWORD dwSidLength;
	LPTSTR lpszOwnerSidHeap;
	PTOKEN_USER ptagTokenUser;
	SID_NAME_USE eSidNameUse;
	if ((lpszOwnerSid) && (ptagOwnerSid)) {
		hProcess = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, dwProcessId);
		if (!hProcess) {
			return FALSE;
		}
		if (!OpenProcessToken(hProcess, TOKEN_QUERY, &hProcessToken)) {
			return FALSE;
		}
		GetTokenInformation(hProcessToken, TokenUser, ptagTokenUser, 
			dwTokenInfoLength, &dwTokenInfoLength);
		ptagTokenUser = (PTOKEN_USER)GlobalAlloc(GPTR, dwTokenInfoLength);
		if (!ptagTokenUser) {
			return FALSE;
		}
		if (!GetTokenInformation(hProcessToken, TokenUser, ptagTokenUser, 
			dwTokenInfoLength, &dwTokenInfoLength)) {
				return FALSE;
		}
		if (IsValidSid(ptagTokenUser->User.Sid)) {
			if (lpszOwnerSid != NULL) {
				if (!ConvertSidToStringSid(ptagTokenUser->User.Sid, &lpszOwnerSidHeap)) {
					return FALSE;
				}
				lstrcpy(lpszOwnerSid, lpszOwnerSidHeap);
				LocalFree((HLOCAL)lpszOwnerSidHeap);
			}
			if (ptagOwnerSid != NULL) {
				dwSidLength = GetLengthSid(ptagTokenUser->User.Sid);
				*ptagOwnerSid = (PSID)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, dwSidLength);
				if (*ptagOwnerSid == NULL) {
					return FALSE;
				}
				if(!CopySid(dwSidLength, *ptagOwnerSid, ptagTokenUser->User.Sid)) {
                   HeapFree(GetProcessHeap(), NULL, *ptagOwnerSid);
				   return FALSE;
				}
				if (!IsValidSid(*ptagOwnerSid)) {
					return FALSE;
				}
			}
		} else {
			return FALSE;
		}
	}
	GlobalFree((HGLOBAL)ptagTokenUser);
	return TRUE;
}

Open in new window

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.