我正在尝试通过PInvoke从Powershell使用GetFileSecurity。调用本身有效,但System.Runtime.InteropServices.Marshal.GetLastWin32Error和GetLastError(我为测试导入)都返回错误的错误代码。看起来PInvoke签名中的SetLastError = true根本没有任何影响,因为在启动新的Powershell实例后第一次运行脚本时,都返回203(ERROR_ENVVAR_NOT_FOUND),但是如果我调用相同的脚本再次,两者都返回0。
作为一个快速测试,我掀起了一个等效的C程序,并且GetLastError在那里返回了期望值(122 == ERROR_INSUFFICIENT_BUFFER)。
请注意,我是Powershell和.NET的新手,所以请原谅任何明显的失礼。
$signature = @'
[DllImport("advapi32.dll", SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool GetFileSecurity(
string lpFileName,
int RequestedInformation,
byte [] pSecurityDescriptor,
uint nLength,
out int lpnLengthNeeded
);
[DllImport("Kernel32.dll")]
public static extern uint GetLastError();
'@
$enum = @'
namespace Win32 {
public enum SECURITY_INFORMATION : uint
{
OWNER_SECURITY_INFORMATION = 0x00000001,
GROUP_SECURITY_INFORMATION = 0x00000002,
DACL_SECURITY_INFORMATION = 0x00000004,
SACL_SECURITY_INFORMATION = 0x00000008,
UNPROTECTED_SACL_SECURITY_INFORMATION = 0x10000000,
UNPROTECTED_DACL_SECURITY_INFORMATION = 0x20000000,
PROTECTED_SACL_SECURITY_INFORMATION = 0x40000000,
PROTECTED_DACL_SECURITY_INFORMATION = 0x80000000
}
}
'@
Add-Type -TypeDefinition $enum
Add-Type -MemberDefinition $signature -Name API -Namespace Win32
$len = 0
$sec = New-Object byte[] 0
$info = new-object Win32.SECURITY_INFORMATION
$info = [Win32.SECURITY_INFORMATION]::OWNER_SECURITY_INFORMATION -bor
[Win32.SECURITY_INFORMATION]::GROUP_SECURITY_INFORMATION -bor
[Win32.SECURITY_INFORMATION]::DACL_SECURITY_INFORMATION
[Win32.API]::GetFileSecurity("c:\temp", $info, $sec, $sec.Length, [ref] $len)
[System.Runtime.InteropServices.Marshal]::GetLastWin32Error()
[Win32.API]::GetLastError()
答案 0 :(得分:2)
而是直接进行pinvoking,我会创建一个包装器C#类来进行GetFileSecurity调用然后获取错误。 PowerShell在GetFileSecurity()pinvoke调用和GetLastWin32Error()pinvoke调用之间对Win32 API进行的任何调用都可能正在重置Win32错误号。