0

Given the below code snippet, can anyone tell me why line 17 only prints "Name:"?

#include <Windows.h>
#include <stdio.h>
#pragma comment(lib, "Ws2_32.lib")

// Caller supplies function with a buffer to copy the name into as
// mentioned by nobugz here: https://social.msdn.microsoft.com/Forums/en-US/6547d2bf-2884-4ad2-b600-adaab0fa1031/warning-c4172-returning-address-of-local-variable-or-temporary?forum=Vsexpressvc
BOOL getName(int num, LPWSTR buffer) {
    DWORD size = sizeof(buffer);
    return GetComputerNameEx((COMPUTER_NAME_FORMAT)num, buffer, &size);
}

void main(int argc, char ** argv) {
    printf("%s\n", "RAT POC RUNNING");

    TCHAR buffer[256];
    getName((COMPUTER_NAME_FORMAT)1, buffer);
    printf("Name: %ws\n", buffer);

    TCHAR hostName[MAX_COMPUTERNAME_LENGTH + 1];
    DWORD hNsize = sizeof(hostName) / sizeof(hostName[0]);
    GetComputerNameEx((COMPUTER_NAME_FORMAT)1, hostName, &hNsize);
    printf("Hostname: %ws\n", hostName);

    TCHAR domainName[MAX_COMPUTERNAME_LENGTH + 1];
    DWORD dNsize = sizeof(domainName) / sizeof(domainName[0]);
    GetComputerNameEx((COMPUTER_NAME_FORMAT)2, domainName, &dNsize);
    printf("Domain name: %ws\n", domainName);
  }

By setting a breakpoint at line 17, I find that the buffer variable contains 256 entries of the value 52428, which I suspect is because I'm doing this in unicode. But I'm not sure why the GetComputerNameEx isn't filling said buffer with the actual name? Line 22, which calls the same GetComputerNameEx returns the correct name.

IInspectable
  • 46,945
  • 8
  • 85
  • 181
MadsRC
  • 197
  • 1
  • 12
  • I rolled back the edit, as it tries to add an answer to the question (which is not how Stack Overflow works). It was also wrong: A pointer is a valid argument for `sizeof`. – IInspectable Oct 31 '18 at 12:10

1 Answers1

1

in the function getname

BOOL getName(int num, LPWSTR buffer) {
    DWORD size = sizeof(buffer);
    ....

buffer is of type LPWSTR which is essentially a pointer to w_char

In the function, the parameter buffer will decay to a pointer. The sizeof operator will return the size of pointers in your system. Typically 4 or 8. The call to GetComputerNameEx gets wrong parameters.

You need to modify the function to take the parameter of size as input

BOOL getName(int num, LPWSTR buffer, int size) {
    return GetComputerNameEx((COMPUTER_NAME_FORMAT)num, buffer, &size);
}

Call it with.

TCHAR buffer[256];
getName((COMPUTER_NAME_FORMAT)1, buffer,sizeof(buffer)/sizeof(buffer[0]));
Rishikesh Raje
  • 8,556
  • 2
  • 16
  • 31
  • Thank you! Why is it that you call `sizeof(buffer)/sizeof(buffer[0])` instead of just `sizeof(buffer)`? Edit: I just found the answer here: https://stackoverflow.com/questions/35020540/how-and-why-sizeofa-sizeofa0-in-c-is-used-to-calculate-the-number-of-eleme – MadsRC Oct 31 '18 at 12:02
  • `sizeof(buffer)` is `sizeof(TCHAR) * 256`. `sizeof(TCHAR)` is 2 for UNICODE, so `sizeof(buffer)` is 512 bytes. You need to pass the number of `TCHAR` elements to `GetComputerNameEx()`, not the number of bytes, so you need to pass 256 and not 512 – Remy Lebeau Oct 31 '18 at 20:53