Skip to content
This repository was archived by the owner on Mar 30, 2026. It is now read-only.

fix ConnectedPrinters c implementation#109

Open
SemsYapar wants to merge 1 commit intoUnprotect-Project:mainfrom
SemsYapar:main
Open

fix ConnectedPrinters c implementation#109
SemsYapar wants to merge 1 commit intoUnprotect-Project:mainfrom
SemsYapar:main

Conversation

@SemsYapar
Copy link
Copy Markdown

@SemsYapar SemsYapar commented Sep 26, 2025

Connected printers

Authorship information

Technique Information

  • Technique Title: U1309 - Connected Printer
  • Technique category: Sandbox Evasion
  • Technique description: Same as the already existing description

Fix

Firstly here API info

BOOL EnumPrinters(
  _In_  DWORD   Flags,
  _In_  LPTSTR  Name,
  _In_  DWORD   Level,
  _Out_ LPBYTE  pPrinterEnum,
  _In_  DWORD   cbBuf,
  _Out_ LPDWORD pcbNeeded,
  _Out_ LPDWORD pcReturned
);
if (EnumPrinters(PRINTER_ENUM_LOCAL, NULL, 2, NULL, 0, &numPrinters, NULL)) {

this line broke because EnumPrinters API return error in this scenario

pcbNeeded does not mean numPrinters, the argument that gives the numPrinters information is pcReturned, but current implementation has given it to the API as NULL, so the API cannot work properly and return 0x57 (ERROR_INVALID_PARAMETER)

printerInfo = (PRINTER_INFO_2*)malloc(pcbNeeded * sizeof(PRINTER_INFO_2));

this part does not effect progress but its not true for document because enumprinter_msdn
says pcbNeeded = A pointer to a value that receives the number of bytes copied if the function succeeds or the number of bytes required if cbBuf is too small.
so all we need use pcbNeeded size to malloc

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@SemsYapar