Crash when getting user's groups

[TobbeSweden]

Why does the following code crash sometimes when I run it?

code:
Name "EnumUsersGroups"

OutFile "EnumUsersGroups.exe"



!macro GetUserGroups SERVER_NAME USERNAME GROUP_ARRAY_NAME

    Push $R0

    Push $R1

    Push $R2

    Push $R3



    # NET_API_STATUS NetUserGetLocalGroups(

    #     __in   LPCWSTR servername,

    #     __in   LPCWSTR username,

    #     __in   DWORD level,

    #     __in   DWORD flags,

    #     __out  LPBYTE *bufptr,

    #     __in   DWORD prefmaxlen,

    #     __out  LPDWORD entriesread,

    #     __out  LPDWORD totalentries

    # );



    # $R0 buffer with an array of LOCALGROUP_USERS_INFO_0 structures

    # $R1 holds the number of entries processed

    System::Call 'netapi32::NetUserGetLocalGroups(w "${SERVER_NAME}", w "${USERNAME}", \

        i 0, i 0, *i .R0, i ${NSIS_MAX_STRLEN}, *i .R1, *i .R2) i .R3'

    StrCpy $R2 $R0 ; Needed to free the buffer later



    # check for error

    StrCmp $R3 0 +1 +2



    System::Call "*$R0(w.R3)"



    # Cleanup

    StrCmp $R2 0 +2

        System::Call 'netapi32.dll::NetApiBufferFree(i R2) i .R0'



    Pop $R3

    Pop $R2

    Pop $R1

    Pop $R0

!macroend



!define GetUserGroups "!insertmacro GetUserGroups"



ShowInstDetails show

Page instfiles



Section ""

    ${GetUserGroups} "" "Tobbe" GroupArray

SectionEnd

[TobbeSweden]

I have trimmed the code down in the post above to show the minimal code that still crashes.

If I remove the line 'System::Call "*$R0(w.R3)"' the crash goes away.

What am I doing wrong?

[Anders]

other than the fact that you are passing NSIS_MAX_STRLEN for some weird reason, I don't see anything wrong

this code works fine for me

code:
!define USERNAME Anders

System::Call 'netapi32::NetUserGetLocalGroups(i 0, w "${USERNAME}",i 0, i 0, *i .R0, i -1, *i .R1, *i .R2)i.R3'

StrCpy $0 $R0

loop:

${If} $R1 > 0

	System::Call "*$0(w.r1)"

	DetailPrint "$R1: $1"

	IntOp $0 $0 + 4

	IntOp $R1 $R1 - 1

	goto loop

${EndIf}

System::Call 'netapi32.dll::NetApiBufferFree(i $R0)i.R0'

Also, don't forget that a user might have deny only groups in their token, so even if administrator is returned, your process might not have admin rights (use the userinfo plugin for this detection)

[TobbeSweden]

The reason I had NSIS_MAX_STRLEN was because that's what the original macro had... http://nsis.sourceforge.net/User_Man...s_Group.28s.29

Using -1 instead stops it from crashing Thanks a lot!

Am I correct in assuming that -1 is the biggest possible value for that parameter?

Quote:

Also, don't forget that a user might have deny only groups in their token

I don't understand this. Can you please explain more?

[Anders]

-1 = MAX_PREFERRED_LENGTH

I don't know why you need this code, but you just need to know that even if NetUserGetLocalGroups returns with Administrator as a group, it does not mean that you can do admin stuff, it is not the correct way to check if the current process has admin rights

[TobbeSweden]

Thanks.

I'm not using this to check if the current process has admin rights