Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Queries whether the execution policy allows execution of the code in the supplied buffer.
Syntax
HRESULT WldpCanExecuteBuffer(
[in] REFGUID host,
[in] WLDP_EXECUTION_EVALUATION_OPTIONS options,
[in] const BYTE *buffer,
[in] ULONG bufferSize,
[in, optional] PCWSTR auditInfo,
[out] WLDP_EXECUTION_POLICY *result
);
Parameters
[in] host
A GUID specifying the calling program. For the list of pre-defined GUIDs that can be used for this parameter, see WLDP Host GUIDs. For hosts for which a specific value is not defined, use GUID WLDP_HOST_GUID_OTHER.
[in] options
A value from the WLDP_EXECUTION_EVALUATION_OPTIONS specifying options for the execution authorization request.
[in] buffer
The buffer containing script code to be validated.
Important
Buffers passed to WldpCanExecuteBuffer should be read-only and the caller should not cache the security authorization on a specific buffer. These measures are necessary to prevent TOC/TOU vulnerabilities that could subvert script enforcement policy.
[in] bufferSize
The size of buffer, in bytes.
[in, optional] auditInfo
A string that should include relevant contextual information for the caller to use in debugging. If an authorization request fails this string will be recorded in the event log, under “Applocker/MSI and Scripts/Operational”. Callers should note that, while the AuditInfo is not size limited, the string should be less than 4K bytes in size because it will be placed in the event log.
[out] result
Receives a pointer to a value from the WLDP_EXECUTION_POLICY enumeration, indicating the execution policy result of the query.
Return value
Returns S_OK on success and a failure code otherwise.
Remarks
This method is provided as a replacement for WldpGetLockdownPolicy. This interface is differentiated from WldpGetLockdownPolicy in the following ways:
- Encourages callers to ensure that the subject (file, buffer, or stream) passes os execution policy.
- Allows calling apps to provide additional audit information for diagnostic purposes.
- Allows verification of buffers and streams of code.
- Simplifies the calling pattern.
- Supports fine grained execution policies like for example interactive mode in cmd or powershell
Requirements
Requirement | Value |
---|---|
Minimum supported client | Windows 11, Build 22621 |
Minimum supported server | Windows 11, Build 22621 |
Header | wldp.h |
Library | wldp.lib |
DLL | wldp.dll |