1

I'm quite new to WDK, I'm trying to create, a virtual printer driver which will send data to user application using named pipe. I'm using 'XPSDrv Driver and Filter Sample' as start. I've added new filter at the end in which I've put this client code:

HANDLE hPipe; 
LPTSTR lpvMessage=TEXT("Message from UMDF!"); 

BOOL   fSuccess = FALSE; 
DWORD  cbToWrite, cbWritten, dwMode; 
LPTSTR lpszPipename = TEXT("\\\\.\\pipe\\mynamedpipe"); 

  hPipe = CreateFile( 
     lpszPipename,
     //GENERIC_READ |
     GENERIC_WRITE, 
     0,             
     NULL,          
     OPEN_EXISTING, 
     0,             
     NULL);         

dwMode =  PIPE_READMODE_MESSAGE; 
fSuccess = SetNamedPipeHandleState( 
  hPipe,    
  &dwMode,  
  NULL,     
  NULL);    

if (fSuccess) 
{
cbToWrite = (lstrlen(lpvMessage)+1)*sizeof(TCHAR);

fSuccess = WriteFile( 
  hPipe,
  lpvMessage,
  cbToWrite,
  &cbWritten,
  NULL);
}

Code works for a Console Application project, but doesn't work inside UMDF printer driver. Server is also a Console Application which is started all the time. Does someone has idea why? Or maybe you know easy way how can I debug printer drivers?

All the best, Daniel

SomeWittyUsername
  • 18,025
  • 3
  • 42
  • 85
user1214919
  • 384
  • 4
  • 14
  • Where in your print driver did you put this code? – Carey Gregory Nov 09 '12 at 04:26
  • Hello, thank you for replay! I've put this code inside StartOperation() method from IPrintPipelineFilter interface. I've also debugged the code and I'm having 'Access is denied' while calling CreateFile. I think that its problem with impersonation, because driver and my named pipe server are working on different accounts, but I have no idea how to impersonate my driver so it can access process on my account? I've tryed to implement IImpersonateCallback but I don't know which class should derive from it, and when and who will call IImpersonateCallback::OnImpersonate method? – user1214919 Nov 09 '12 at 07:28
  • Is it possible to use remote named pipes between UMDF and user application or service? – user1214919 Nov 09 '12 at 13:21
  • Yes, it's certainly possible to use pipes between a print driver and application or service. I've done so myself. What I would suggest is creating the pipe in the application rather than the driver, then just open it in the driver. – Carey Gregory Nov 09 '12 at 15:06
  • Thanks for response! I've written my driver and app just as you suggested, but account that drivers are working on lacks some privileges to send a message. Do you maybe know, where and how I can change privileges for this account? If client code from my driver and server are on the same account everything work fine, but between accounts it doesn't :( – user1214919 Nov 12 '12 at 10:17
  • Is this true: "This is by design. Named pipe endpoints created by non-Admin users on Windows 7 can only communicate with processes running as the same user."? I've found this here: http://www.codeproject.com/Questions/187239/Can-named-pipes-work-with-a-service in comments. So I understand that account on which driver is running should have administrator privileges? How can I add them? – user1214919 Nov 12 '12 at 12:23

2 Answers2

2

The reason can be found here:

There is an important difference between an empty and a nonexistent DACL. When a DACL is empty, it contains no access control entries (ACEs); therefore, no access rights are explicitly granted. As a result, access to the object is implicitly denied.

When an object has no DACL (when the pDacl parameter is NULL), no protection is assigned to the object, and all access requests are granted.

You're passing a null pDacl, so you're making the pipe accessible to everyone.

Carey Gregory
  • 6,836
  • 2
  • 26
  • 47
0

I've added those lines before CreateNamedPipe to my server and now it works, not sure why but it's working. If someone has any idea why I would love to know that. Before that I was haveing NULL passed despite m_pSecAttrib as last CreateNamedPipe parameter.

SECURITY_ATTRIBUTES m_pSecAttrib;
SECURITY_DESCRIPTOR* m_pSecDesc;

  m_pSecDesc = (SECURITY_DESCRIPTOR*)LocalAlloc(LPTR,SECURITY_DESCRIPTOR_MIN_LENGTH);
  InitializeSecurityDescriptor(m_pSecDesc,SECURITY_DESCRIPTOR_REVISION);
  SetSecurityDescriptorDacl(m_pSecDesc,TRUE,(PACL)NULL,FALSE);

  m_pSecAttrib.nLength = sizeof(SECURITY_ATTRIBUTES);
  m_pSecAttrib.bInheritHandle = TRUE;
  m_pSecAttrib.lpSecurityDescriptor = m_pSecDesc;

  Pipe[i].oOverlap.hEvent = hEvents[i]; 

  Pipe[i].hPipeInst = CreateNamedPipe(
     lpszPipename,
     PIPE_ACCESS_DUPLEX |
     FILE_FLAG_OVERLAPPED,
     PIPE_TYPE_MESSAGE |
     PIPE_READMODE_MESSAGE |
     PIPE_ACCEPT_REMOTE_CLIENTS |
     PIPE_WAIT,
     INSTANCES,
     BUFSIZE*sizeof(TCHAR),
     BUFSIZE*sizeof(TCHAR),
     PIPE_TIMEOUT,
     &m_pSecAttrib);
user1214919
  • 384
  • 4
  • 14