I'm trying to get file owner information (domain and user name) with ctypes. In python to get files list I used os.walk.
for root, dirs, files in os.walk("c:\\"): for file in files: filename = os.path.join(root, file) owner = PL_Files.get_fileowner(filename) print(owner)to get owner information in 'PL_Files.get_fileowner', I'm using GetNamedSecurityInfoW. It's works well (it returns domain and user name).
@staticmethoddef get_fileowner(filename): dwRet = 0 pSidOwner = c_void_p() ppSecurityDescriptor = c_void_p() dwAcctName = DWORD() dwDomainName = DWORD() peUse = DWORD(SidTypeUnknown) dwRet = GetNamedSecurityInfoW(filename, SE_FILE_OBJECT, OWNER_SECURITY_INFORMATION, byref(pSidOwner), None, None, None, None) if dwRet != ERROR_SUCCESS: return "-1" LookupAccountSidW(None, pSidOwner, None, byref(dwAcctName), None, byref(dwDomainName), byref(peUse)) AcctName = create_unicode_buffer(dwAcctName.value + 2) DomainName = create_unicode_buffer(dwDomainName.value + 2) if LookupAccountSidW(None, pSidOwner, AcctName, byref(dwAcctName), DomainName, byref(dwDomainName), byref(peUse)): return "{}\{}".format(DomainName.value, AcctName.value) else: return "-1"The issue is that every every calls to PL_Files.get_fileowner(filename) my process memory increasing with about 2MB.
Same result when I commented (didn't call) LookupAccountSidW function. So I think I have a problem with GetNamedSecurityInfoW function. GetNamedSecurityInfoW doesn't need freeing memory (if you don't use ppSecurityDescriptor).
Function prototype:
GetNamedSecurityInfoW = ADVAPI32.GetNamedSecurityInfoWGetNamedSecurityInfoW.restype = DWORDGetNamedSecurityInfoW.argtypes = [c_wchar_p, INT, DWORD, c_void_p, c_void_p, c_void_p, c_void_p, c_void_p]
