Explore Windows API integration in Go without relying on CGO in this GopherCon 2020 talk. Learn to leverage the unsafe and syscall packages for calling Windows APIs, loading DLLs, mapping C structs to Go, converting Win32 API function results, and avoiding unsafe package pitfalls. Dive into topics like pointer arithmetic, finding DLL call signatures, memory management, and designing for unmanaged memory. Gain practical insights through examples such as CreateJobObject, credential enumeration, and GetExtendedTcpTable, with full code available for reference.
Safety Not Guaranteed - Calling Windows APIs Using Unsafe and Syscall
Overview
Syllabus
Intro
Windows Containers 2016
No Syscalls on Windows
Pointer Arithmetic
Pointer Rules
Bad Pointers
Finding DLL and Call Signatures
Loading a DLL Procedure
Calling Windows APIs Mapping C Types
Primitive C-Type mappings
Mapping Parameters
Go string to string
Struct Types
Inspecting Return Value
CreateJobObject
Locking memory down during syscall
mkwinsyscall - source
Memory Management
Example: Designing For Unmanged Memory - Free
Example: Designing For Unmanged Memory- Iterating
Improvement - Copy & Free
Example: Copy & Free Design - Cred Enumerate
Example: Copy & Free Design - Credential/Attribute
Managed Memory: Generic Example
Example: GetExtendedTcp Table - Syscall Loop
Example: GetExtendedTcp Table - Table to Rows
Full Code Available
Taught by
Gopher Academy
