/src/FreeRDP/winpr/libwinpr/utils/sam.c

Source (jump to first uncovered line)
/**
 * WinPR: Windows Portable Runtime
 * Security Accounts Manager (SAM)
 *
 * Copyright 2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#include <winpr/config.h>

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#include <winpr/wtypes.h>
#include <winpr/crt.h>
#include <winpr/sam.h>
#include <winpr/print.h>
#include <winpr/file.h>

#include "../log.h"

#ifdef WINPR_HAVE_UNISTD_H
#include <unistd.h>
#endif

#ifdef _WIN32
#define WINPR_SAM_FILE "C:\\SAM"
#else
#define WINPR_SAM_FILE "/etc/winpr/SAM"
#endif
#define TAG WINPR_TAG("utils")

struct winpr_sam
{
  FILE* fp;
  char* line;
  char* buffer;
  char* context;
  BOOL readOnly;
};

static WINPR_SAM_ENTRY* SamEntryFromDataA(LPCSTR User, DWORD UserLength, LPCSTR Domain,
                                          DWORD DomainLength)
{
  WINPR_SAM_ENTRY* entry = calloc(1, sizeof(WINPR_SAM_ENTRY));
  if (!entry)
    return NULL;
  if (User && (UserLength > 0))
    entry->User = _strdup(User);
  entry->UserLength = UserLength;
  if (Domain && (DomainLength > 0))
    entry->Domain = _strdup(Domain);
  entry->DomainLength = DomainLength;
  return entry;
}

static BOOL SamAreEntriesEqual(const WINPR_SAM_ENTRY* a, const WINPR_SAM_ENTRY* b)
{
  if (!a || !b)
    return FALSE;
  if (a->UserLength != b->UserLength)
    return FALSE;
  if (a->DomainLength != b->DomainLength)
    return FALSE;
  if (strncmp(a->User, b->User, a->UserLength) != 0)
    return FALSE;
  if (strncmp(a->Domain, b->Domain, a->DomainLength) != 0)
    return FALSE;
  return TRUE;
}

WINPR_SAM* SamOpen(const char* filename, BOOL readOnly)
{
  FILE* fp = NULL;
  WINPR_SAM* sam = NULL;

  if (!filename)
    filename = WINPR_SAM_FILE;

  if (readOnly)
    fp = winpr_fopen(filename, "r");
  else
  {
    fp = winpr_fopen(filename, "r+");

    if (!fp)
      fp = winpr_fopen(filename, "w+");
  }

  if (fp)
  {
    sam = (WINPR_SAM*)calloc(1, sizeof(WINPR_SAM));

    if (!sam)
    {
      fclose(fp);
      return NULL;
    }

    sam->readOnly = readOnly;
    sam->fp = fp;
  }
  else
  {
    WLog_DBG(TAG, "Could not open SAM file!");
    return NULL;
  }

  return sam;
}

static BOOL SamLookupStart(WINPR_SAM* sam)
{
  size_t readSize;
  INT64 fileSize;

  if (!sam || !sam->fp)
    return FALSE;

  _fseeki64(sam->fp, 0, SEEK_END);
  fileSize = _ftelli64(sam->fp);
  _fseeki64(sam->fp, 0, SEEK_SET);

  if (fileSize < 1)
    return FALSE;

  sam->context = NULL;
  sam->buffer = (char*)calloc((size_t)fileSize + 2, 1);

  if (!sam->buffer)
    return FALSE;

  readSize = fread(sam->buffer, (size_t)fileSize, 1, sam->fp);

  if (!readSize)
  {
    if (!ferror(sam->fp))
      readSize = (size_t)fileSize;
  }

  if (readSize < 1)
  {
    free(sam->buffer);
    sam->buffer = NULL;
    return FALSE;
  }

  sam->buffer[fileSize] = '\n';
  sam->buffer[fileSize + 1] = '\0';
  sam->line = strtok_s(sam->buffer, "\n", &sam->context);
  return TRUE;
}

static void SamLookupFinish(WINPR_SAM* sam)
{
  free(sam->buffer);
  sam->buffer = NULL;
  sam->line = NULL;
}

static BOOL SamReadEntry(WINPR_SAM* sam, WINPR_SAM_ENTRY* entry)
{
  char* p[5];
  size_t LmHashLength;
  size_t NtHashLength;
  size_t count = 0;
  char* cur;

  if (!sam || !entry || !sam->line)
    return FALSE;

  cur = sam->line;

  while ((cur = strchr(cur, ':')) != NULL)
  {
    count++;
    cur++;
  }

  if (count < 4)
    return FALSE;

  p[0] = sam->line;
  p[1] = strchr(p[0], ':') + 1;
  p[2] = strchr(p[1], ':') + 1;
  p[3] = strchr(p[2], ':') + 1;
  p[4] = strchr(p[3], ':') + 1;
  LmHashLength = (p[3] - p[2] - 1);
  NtHashLength = (p[4] - p[3] - 1);

  if ((LmHashLength != 0) && (LmHashLength != 32))
    return FALSE;

  if ((NtHashLength != 0) && (NtHashLength != 32))
    return FALSE;

  entry->UserLength = (UINT32)(p[1] - p[0] - 1);
  entry->User = (LPSTR)malloc(entry->UserLength + 1);

  if (!entry->User)
    return FALSE;

  entry->User[entry->UserLength] = '\0';
  entry->DomainLength = (UINT32)(p[2] - p[1] - 1);
  memcpy(entry->User, p[0], entry->UserLength);

  if (entry->DomainLength > 0)
  {
    entry->Domain = (LPSTR)malloc(entry->DomainLength + 1);

    if (!entry->Domain)
    {
      free(entry->User);
      entry->User = NULL;
      return FALSE;
    }

    memcpy(entry->Domain, p[1], entry->DomainLength);
    entry->Domain[entry->DomainLength] = '\0';
  }
  else
    entry->Domain = NULL;

  if (LmHashLength == 32)
    winpr_HexStringToBinBuffer(p[2], LmHashLength, entry->LmHash, sizeof(entry->LmHash));

  if (NtHashLength == 32)
    winpr_HexStringToBinBuffer(p[3], NtHashLength, (BYTE*)entry->NtHash, sizeof(entry->NtHash));

  return TRUE;
}

void SamFreeEntry(WINPR_SAM* sam, WINPR_SAM_ENTRY* entry)
{
  if (entry)
  {
    if (entry->UserLength > 0)
      free(entry->User);

    if (entry->DomainLength > 0)
      free(entry->Domain);

    free(entry);
  }
}

void SamResetEntry(WINPR_SAM_ENTRY* entry)
{
  if (!entry)
    return;

  if (entry->UserLength)
  {
    free(entry->User);
    entry->User = NULL;
  }

  if (entry->DomainLength)
  {
    free(entry->Domain);
    entry->Domain = NULL;
  }

  ZeroMemory(entry->LmHash, sizeof(entry->LmHash));
  ZeroMemory(entry->NtHash, sizeof(entry->NtHash));
}

WINPR_SAM_ENTRY* SamLookupUserA(WINPR_SAM* sam, LPCSTR User, UINT32 UserLength, LPCSTR Domain,
                                UINT32 DomainLength)
{
  size_t length;
  BOOL found = FALSE;
  WINPR_SAM_ENTRY* search = SamEntryFromDataA(User, UserLength, Domain, DomainLength);
  WINPR_SAM_ENTRY* entry = (WINPR_SAM_ENTRY*)calloc(1, sizeof(WINPR_SAM_ENTRY));

  if (!entry || !search)
    goto fail;

  if (!SamLookupStart(sam))
    goto fail;

  while (sam->line != NULL)
  {
    length = strlen(sam->line);

    if (length > 1)
    {
      if (sam->line[0] != '#')
      {
        if (!SamReadEntry(sam, entry))
        {
          goto out_fail;
        }

        if (SamAreEntriesEqual(entry, search))
        {
          found = 1;
          break;
        }
      }
    }

    SamResetEntry(entry);
    sam->line = strtok_s(NULL, "\n", &sam->context);
  }

out_fail:
  SamLookupFinish(sam);
fail:
  SamFreeEntry(sam, search);

  if (!found)
  {
    SamFreeEntry(sam, entry);
    return NULL;
  }

  return entry;
}

WINPR_SAM_ENTRY* SamLookupUserW(WINPR_SAM* sam, LPCWSTR User, UINT32 UserLength, LPCWSTR Domain,
                                UINT32 DomainLength)
{
  WINPR_SAM_ENTRY* entry = NULL;
  char* utfUser = NULL;
  char* utfDomain = NULL;
  size_t userCharLen = 0;
  size_t domainCharLen = 0;

  utfUser = ConvertWCharNToUtf8Alloc(User, UserLength / sizeof(WCHAR), &userCharLen);
  if (!utfUser)
    goto fail;
  if (DomainLength > 0)
  {
    utfDomain = ConvertWCharNToUtf8Alloc(Domain, DomainLength / sizeof(WCHAR), &domainCharLen);
    if (!utfDomain)
      goto fail;
  }
  entry = SamLookupUserA(sam, utfUser, (UINT32)userCharLen, utfDomain, (UINT32)domainCharLen);
fail:
  free(utfUser);
  free(utfDomain);
  return entry;
}

void SamClose(WINPR_SAM* sam)
{
  if (sam != NULL)
  {
    if (sam->fp)
      fclose(sam->fp);
    free(sam);
  }
}

Coverage Report

Created: 2023-11-19 06:16

Line	Count	Source (jump to first uncovered line)
1		/**
2		* WinPR: Windows Portable Runtime
3		* Security Accounts Manager (SAM)
4		*
5		* Copyright 2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
6		*
7		* Licensed under the Apache License, Version 2.0 (the "License");
8		* you may not use this file except in compliance with the License.
9		* You may obtain a copy of the License at
10		*
11		* http://www.apache.org/licenses/LICENSE-2.0
12		*
13		* Unless required by applicable law or agreed to in writing, software
14		* distributed under the License is distributed on an "AS IS" BASIS,
15		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16		* See the License for the specific language governing permissions and
17		* limitations under the License.
18		*/
19
20		#include <winpr/config.h>
21
22		#include <stdio.h>
23		#include <stdlib.h>
24		#include <string.h>
25
26		#include <winpr/wtypes.h>
27		#include <winpr/crt.h>
28		#include <winpr/sam.h>
29		#include <winpr/print.h>
30		#include <winpr/file.h>
31
32		#include "../log.h"
33
34		#ifdef WINPR_HAVE_UNISTD_H
35		#include <unistd.h>
36		#endif
37
38		#ifdef _WIN32
39		#define WINPR_SAM_FILE "C:\\SAM"
40		#else
41	0	#define WINPR_SAM_FILE "/etc/winpr/SAM"
42		#endif
43		#define TAG WINPR_TAG("utils")
44
45		struct winpr_sam
46		{
47		FILE* fp;
48		char* line;
49		char* buffer;
50		char* context;
51		BOOL readOnly;
52		};
53
54		static WINPR_SAM_ENTRY* SamEntryFromDataA(LPCSTR User, DWORD UserLength, LPCSTR Domain,
55		DWORD DomainLength)
56	0	{
57	0	WINPR_SAM_ENTRY* entry = calloc(1, sizeof(WINPR_SAM_ENTRY));
58	0	if (!entry)
59	0	return NULL;
60	0	if (User && (UserLength > 0))
61	0	entry->User = _strdup(User);
62	0	entry->UserLength = UserLength;
63	0	if (Domain && (DomainLength > 0))
64	0	entry->Domain = _strdup(Domain);
65	0	entry->DomainLength = DomainLength;
66	0	return entry;
67	0	}
68
69		static BOOL SamAreEntriesEqual(const WINPR_SAM_ENTRY* a, const WINPR_SAM_ENTRY* b)
70	0	{
71	0	if (!a \|\| !b)
72	0	return FALSE;
73	0	if (a->UserLength != b->UserLength)
74	0	return FALSE;
75	0	if (a->DomainLength != b->DomainLength)
76	0	return FALSE;
77	0	if (strncmp(a->User, b->User, a->UserLength) != 0)
78	0	return FALSE;
79	0	if (strncmp(a->Domain, b->Domain, a->DomainLength) != 0)
80	0	return FALSE;
81	0	return TRUE;
82	0	}
83
84		WINPR_SAM* SamOpen(const char* filename, BOOL readOnly)
85	0	{
86	0	FILE* fp = NULL;
87	0	WINPR_SAM* sam = NULL;
88
89	0	if (!filename)
90	0	filename = WINPR_SAM_FILE;
91
92	0	if (readOnly)
93	0	fp = winpr_fopen(filename, "r");
94	0	else
95	0	{
96	0	fp = winpr_fopen(filename, "r+");
97
98	0	if (!fp)
99	0	fp = winpr_fopen(filename, "w+");
100	0	}
101
102	0	if (fp)
103	0	{
104	0	sam = (WINPR_SAM*)calloc(1, sizeof(WINPR_SAM));
105
106	0	if (!sam)
107	0	{
108	0	fclose(fp);
109	0	return NULL;
110	0	}
111
112	0	sam->readOnly = readOnly;
113	0	sam->fp = fp;
114	0	}
115	0	else
116	0	{
117	0	WLog_DBG(TAG, "Could not open SAM file!");
118	0	return NULL;
119	0	}
120
121	0	return sam;
122	0	}
123
124		static BOOL SamLookupStart(WINPR_SAM* sam)
125	0	{
126	0	size_t readSize;
127	0	INT64 fileSize;
128
129	0	if (!sam \|\| !sam->fp)
130	0	return FALSE;
131
132	0	_fseeki64(sam->fp, 0, SEEK_END);
133	0	fileSize = _ftelli64(sam->fp);
134	0	_fseeki64(sam->fp, 0, SEEK_SET);
135
136	0	if (fileSize < 1)
137	0	return FALSE;
138
139	0	sam->context = NULL;
140	0	sam->buffer = (char*)calloc((size_t)fileSize + 2, 1);
141
142	0	if (!sam->buffer)
143	0	return FALSE;
144
145	0	readSize = fread(sam->buffer, (size_t)fileSize, 1, sam->fp);
146
147	0	if (!readSize)
148	0	{
149	0	if (!ferror(sam->fp))
150	0	readSize = (size_t)fileSize;
151	0	}
152
153	0	if (readSize < 1)
154	0	{
155	0	free(sam->buffer);
156	0	sam->buffer = NULL;
157	0	return FALSE;
158	0	}
159
160	0	sam->buffer[fileSize] = '\n';
161	0	sam->buffer[fileSize + 1] = '\0';
162	0	sam->line = strtok_s(sam->buffer, "\n", &sam->context);
163	0	return TRUE;
164	0	}
165
166		static void SamLookupFinish(WINPR_SAM* sam)
167	0	{
168	0	free(sam->buffer);
169	0	sam->buffer = NULL;
170	0	sam->line = NULL;
171	0	}
172
173		static BOOL SamReadEntry(WINPR_SAM* sam, WINPR_SAM_ENTRY* entry)
174	0	{
175	0	char* p[5];
176	0	size_t LmHashLength;
177	0	size_t NtHashLength;
178	0	size_t count = 0;
179	0	char* cur;
180
181	0	if (!sam \|\| !entry \|\| !sam->line)
182	0	return FALSE;
183
184	0	cur = sam->line;
185
186	0	while ((cur = strchr(cur, ':')) != NULL)
187	0	{
188	0	count++;
189	0	cur++;
190	0	}
191
192	0	if (count < 4)
193	0	return FALSE;
194
195	0	p[0] = sam->line;
196	0	p[1] = strchr(p[0], ':') + 1;
197	0	p[2] = strchr(p[1], ':') + 1;
198	0	p[3] = strchr(p[2], ':') + 1;
199	0	p[4] = strchr(p[3], ':') + 1;
200	0	LmHashLength = (p[3] - p[2] - 1);
201	0	NtHashLength = (p[4] - p[3] - 1);
202
203	0	if ((LmHashLength != 0) && (LmHashLength != 32))
204	0	return FALSE;
205
206	0	if ((NtHashLength != 0) && (NtHashLength != 32))
207	0	return FALSE;
208
209	0	entry->UserLength = (UINT32)(p[1] - p[0] - 1);
210	0	entry->User = (LPSTR)malloc(entry->UserLength + 1);
211
212	0	if (!entry->User)
213	0	return FALSE;
214
215	0	entry->User[entry->UserLength] = '\0';
216	0	entry->DomainLength = (UINT32)(p[2] - p[1] - 1);
217	0	memcpy(entry->User, p[0], entry->UserLength);
218
219	0	if (entry->DomainLength > 0)
220	0	{
221	0	entry->Domain = (LPSTR)malloc(entry->DomainLength + 1);
222
223	0	if (!entry->Domain)
224	0	{
225	0	free(entry->User);
226	0	entry->User = NULL;
227	0	return FALSE;
228	0	}
229
230	0	memcpy(entry->Domain, p[1], entry->DomainLength);
231	0	entry->Domain[entry->DomainLength] = '\0';
232	0	}
233	0	else
234	0	entry->Domain = NULL;
235
236	0	if (LmHashLength == 32)
237	0	winpr_HexStringToBinBuffer(p[2], LmHashLength, entry->LmHash, sizeof(entry->LmHash));
238
239	0	if (NtHashLength == 32)
240	0	winpr_HexStringToBinBuffer(p[3], NtHashLength, (BYTE*)entry->NtHash, sizeof(entry->NtHash));
241
242	0	return TRUE;
243	0	}
244
245		void SamFreeEntry(WINPR_SAM* sam, WINPR_SAM_ENTRY* entry)
246	0	{
247	0	if (entry)
248	0	{
249	0	if (entry->UserLength > 0)
250	0	free(entry->User);
251
252	0	if (entry->DomainLength > 0)
253	0	free(entry->Domain);
254
255	0	free(entry);
256	0	}
257	0	}
258
259		void SamResetEntry(WINPR_SAM_ENTRY* entry)
260	0	{
261	0	if (!entry)
262	0	return;
263
264	0	if (entry->UserLength)
265	0	{
266	0	free(entry->User);
267	0	entry->User = NULL;
268	0	}
269
270	0	if (entry->DomainLength)
271	0	{
272	0	free(entry->Domain);
273	0	entry->Domain = NULL;
274	0	}
275
276	0	ZeroMemory(entry->LmHash, sizeof(entry->LmHash));
277	0	ZeroMemory(entry->NtHash, sizeof(entry->NtHash));
278	0	}
279
280		WINPR_SAM_ENTRY* SamLookupUserA(WINPR_SAM* sam, LPCSTR User, UINT32 UserLength, LPCSTR Domain,
281		UINT32 DomainLength)
282	0	{
283	0	size_t length;
284	0	BOOL found = FALSE;
285	0	WINPR_SAM_ENTRY* search = SamEntryFromDataA(User, UserLength, Domain, DomainLength);
286	0	WINPR_SAM_ENTRY* entry = (WINPR_SAM_ENTRY*)calloc(1, sizeof(WINPR_SAM_ENTRY));
287
288	0	if (!entry \|\| !search)
289	0	goto fail;
290
291	0	if (!SamLookupStart(sam))
292	0	goto fail;
293
294	0	while (sam->line != NULL)
295	0	{
296	0	length = strlen(sam->line);
297
298	0	if (length > 1)
299	0	{
300	0	if (sam->line[0] != '#')
301	0	{
302	0	if (!SamReadEntry(sam, entry))
303	0	{
304	0	goto out_fail;
305	0	}
306
307	0	if (SamAreEntriesEqual(entry, search))
308	0	{
309	0	found = 1;
310	0	break;
311	0	}
312	0	}
313	0	}
314
315	0	SamResetEntry(entry);
316	0	sam->line = strtok_s(NULL, "\n", &sam->context);
317	0	}
318
319	0	out_fail:
320	0	SamLookupFinish(sam);
321	0	fail:
322	0	SamFreeEntry(sam, search);
323
324	0	if (!found)
325	0	{
326	0	SamFreeEntry(sam, entry);
327	0	return NULL;
328	0	}
329
330	0	return entry;
331	0	}
332
333		WINPR_SAM_ENTRY* SamLookupUserW(WINPR_SAM* sam, LPCWSTR User, UINT32 UserLength, LPCWSTR Domain,
334		UINT32 DomainLength)
335	0	{
336	0	WINPR_SAM_ENTRY* entry = NULL;
337	0	char* utfUser = NULL;
338	0	char* utfDomain = NULL;
339	0	size_t userCharLen = 0;
340	0	size_t domainCharLen = 0;
341
342	0	utfUser = ConvertWCharNToUtf8Alloc(User, UserLength / sizeof(WCHAR), &userCharLen);
343	0	if (!utfUser)
344	0	goto fail;
345	0	if (DomainLength > 0)
346	0	{
347	0	utfDomain = ConvertWCharNToUtf8Alloc(Domain, DomainLength / sizeof(WCHAR), &domainCharLen);
348	0	if (!utfDomain)
349	0	goto fail;
350	0	}
351	0	entry = SamLookupUserA(sam, utfUser, (UINT32)userCharLen, utfDomain, (UINT32)domainCharLen);
352	0	fail:
353	0	free(utfUser);
354	0	free(utfDomain);
355	0	return entry;
356	0	}
357
358		void SamClose(WINPR_SAM* sam)
359	0	{
360	0	if (sam != NULL)
361	0	{
362	0	if (sam->fp)
363	0	fclose(sam->fp);
364	0	free(sam);
365	0	}
366	0	}