Forums

Forums for the discussion of JADE technologies and solutions

Skip to content

Determining if the current node is from ODBC

Forums for specific tips, techniques and example code
Post Reply
ConvertFromOldNGs
Posts: 5321
Joined: Wed Aug 05, 2009 5:19 pm

Determining if the current node is from ODBC

Postby ConvertFromOldNGs » Fri Aug 07, 2009 2:49 pm

by allistar >> Mon, 2 Feb 2004 21:55:42 GMT

Hi all,
You may be aware of an issue I have been having, and that is to be able to implement decent security for ODBC connections. Note that any external solution is not acceptable, ini files and ODBC setup can be changed by our users and hence isn't secure. The only solution to be able to detect whether or not the current node is from the ODBC driver.

I have implemented some external functions for detecting whether jadodbc.dll (or any named module) is in the module list for the current process. This enumerates windows processes and looks for the desired module, returning a Boolean "true" if it is loaded against the current module.

The biggest issue is that getting this information from the OS is done differently in NT as it is in all other Windows flavours, which meant I needed to manually link the functions from the relevant dlls (kernel32 and psapi) so the dll itself would at least load under all operating systems flavours.

Here is the method that does this for non NT systems:

int isModuleLoadedNonNT(CREATESNAPSHOT pCreateSnapshot, MODULE32FIRST pModule32First, MODULE32NEXT pModule32Next, char *moduleName) {
//sees whether the "moduleName" module is loaded
HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
MODULEENTRY32 me32;

// Take a snapshot of all modules in the specified process.
hModuleSnap = pCreateSnapshot( TH32CS_SNAPMODULE,
GetCurrentProcessId() );
if( hModuleSnap == INVALID_HANDLE_VALUE )
{
return 0;
}

// Set the size of the structure before using it.
me32.dwSize = sizeof( MODULEENTRY32 );

// Retrieve information about the first module,
// and exit if unsuccessful
if( !pModule32First( hModuleSnap, &me32 ) )
{
CloseHandle( hModuleSnap );
return 0;
}

// Now walk the module list of the process,
// and display information about each module
do
{
if (stricmp(me32.szModule, moduleName) == 0) {
//we found a match!
CloseHandle( hModuleSnap );
return 1;
}
} while( pModule32Next( hModuleSnap, &me32 ) );

// Do not forget to clean up the snapshot object.
CloseHandle( hModuleSnap );
return 0;
}

(Hopefully that formatted ok).

Anyway, this seems to work well. If anyone would like the full source for this let me know.

Regards,
Allistar.
--
------------------------------------------------------------------
Allistar Melville
Software Developer, Analyst allistar@silvermoon.co.nz
Auckland, NEW ZEALAND

Silvermoon Software
Specialising in JADE development and consulting
Visit us at: http://www.silvermoon.co.nz
*NEW* Simple web access to Jade at: www.silvermoon.co.nz/jhp.html ------------------------------------------------------------------
Top
Post Reply

Return to “Tips and Techniques”

Who is online

Users browsing this forum: No registered users and 16 guests

Powered by phpBB® Forum Software © phpBB Limited
 

 

cron