更新时间:2021-12-09 08:24:20
您的代码没有为 LookupAccountName() 返回的 SID 提供适当大小的缓冲区.这会导致堆栈损坏和未定义的行为,这可能可以解释为什么您没有获得预期的 SID.(虽然我更怀疑您实际上传递了错误的用户名,或者格式不正确的用户名.)
Your code doesn't provide a properly-sized buffer for the SID returned by LookupAccountName(). This results in stack corruption and undefined behaviour, which might conceivably explain why you're not getting the SID you were expecting. (Although I rather suspect that you're actually passing in the wrong username, or an improperly formatted username.)
无论如何,为了解决最明显的问题,代码应该看起来更像这样:
Anyway, to fix the most obvious problem, the code should look more like this:
#include <Windows.h>
#include <Sddl.h>
#include <stdio.h>
int main(int argc, char ** argv)
{
LPCTSTR wszAccName = TEXT("domainname\\username");
LPTSTR wszDomainName = (LPTSTR)GlobalAlloc(GPTR, sizeof(TCHAR) * 1024);
DWORD cchDomainName = 1024;
SID_NAME_USE eSidType;
LPTSTR sidstring;
char sid_buffer[1024];
DWORD cbSid = 1024;
SID * sid = (SID *)sid_buffer;
if (!LookupAccountName(NULL, wszAccName, sid_buffer, &cbSid, wszDomainName, &cchDomainName, &eSidType)) {
return GetLastError();
}
if (!ConvertSidToStringSid(sid, &sidstring)) {
return GetLastError();
}
printf("%ws\n", sidstring);
return 0;
}
当然,这仍然不是正确的做法;您应该调用 LookupAccountName() 两次,一次确定缓冲区长度,然后第二次检索实际信息.但它表明您做错了什么,并且足以用于测试目的.
That's still not the correct way to do it, of course; you are supposed to call LookupAccountName() twice, once to determine the buffer length and then a second time to retrieve the actual information. But it demonstrates what you've done wrong, and is good enough for testing purposes.