驱动开发与系统原理-获取文件属性
0环代码```
#define CTL_GETARR_PATH IRP_IOCTRL_CODE(10)
...
...
NTSTATUS GetArrIoCall(char* SzFilePath) {
NTSTATUS ntSTATUS = STATUS_SUCCESS;
//文件句柄
HANDLE hFile = NULL;
//文件属性结构体
FILE_NETWORK_OPEN_INFORMATION finfo = { 0 };
//完成状态
IO_STATUS_BLOCK Iostatus = { 0 };
//对象属性
OBJECT_ATTRIBUTES ObjectAtt = { 0 };
//三环c:\a.txt
//0环:\\??\\c:\a.txt
//将三环路径转换成驱动使用的路径
ANSI_STRING asFilePath = { 0 };
UNICODE_STRING usFilePath = { 0 };
UNICODE_STRING usDriverFilePath = { 0 };
UNICODE_STRING usDrvPath = { 0 };
WCHARwcBuffer;
ULONG wcbufferLen = 256 * sizeof(WCHAR);
RtlInitEmptyUnicodeString(&usDrvPath, &wcBuffer, wcbufferLen);
RtlInitUnicodeString(&usDriverFilePath, L"\\??\\");
RtlInitAnsiString(&asFilePath, SzFilePath);
RtlAnsiStringToUnicodeString(&usFilePath, &asFilePath, TRUE);
RtlAppendUnicodeStringToString(&usDrvPath, &usDriverFilePath);
RtlAppendUnicodeStringToString(&usDrvPath, &usFilePath);
RtlFreeUnicodeString(&usFilePath);
InitializeObjectAttributes(&ObjectAtt, &usDrvPath, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, NULL, NULL);
RtlZeroMemory(&finfo, sizeof(FILE_NETWORK_OPEN_INFORMATION));
ntSTATUS = ZwQueryFullAttributesFile(&ObjectAtt, &finfo);
if (!NT_SUCCESS(ntSTATUS))
{
return ntSTATUS;
}
RtlZeroMemory(g_Buffer, sizeof(g_Buffer));
if (finfo.FileAttributes & FILE_ATTRIBUTE_ARCHIVE)
{
ULONG uLength = strlen("ARCHIVE");
RtlCopyMemory(g_Buffer, "ARCHIVE", uLength);
}
if (finfo.FileAttributes & FILE_ATTRIBUTE_DIRECTORY)
{
ULONG uLength = strlen("DIRECTORY");
RtlCopyMemory(g_Buffer, "DIRECTORY", uLength);
}
if (finfo.FileAttributes & FILE_ATTRIBUTE_READONLY)
{
ULONG uLength = strlen("READONLY");
RtlCopyMemory(g_Buffer, "READONLY", uLength);
}
return ntSTATUS;
}
...
...
case CTL_GETARR_PATH:{
ntStatus = GetArrIoCall(pInputBuffer);
if (NT_SUCCESS(ntStatus))
{
RtlZeroMemory(pOutputBuffer, 1024);
ULONG uRetlength = strlen(g_Buffer);
RtlCopyMemory(pOutputBuffer, g_Buffer, uRetlength);
pIrp->IoStatus.Status = STATUS_SUCCESS;
pIrp->IoStatus.Information = uRetlength;
IoCompleteRequest(pIrp, IO_NO_INCREMENT);
}
else {
RtlZeroMemory(pOutputBuffer, 1024);
ULONG uRetlength = strlen("GetArr Failed!");
RtlCopyMemory(pOutputBuffer, "GetArr Failed!", uRetlength);
pIrp->IoStatus.Status = STATUS_SUCCESS;
pIrp->IoStatus.Information = uRetlength;
IoCompleteRequest(pIrp, IO_NO_INCREMENT);
}
return STATUS_SUCCESS;
}
```
文件属性通过与操作判断,成功后会赋值到g_Buffer中返回到3环
3环代码
```
#define CTL_GETARR_PATH IRP_IOCTRL_CODE(10)
...
...
case'8':
{
RetNumber = 0;
memset(InputBuffer, 0, sizeof(InputBuffer));
memset(OutputBuffer, 0, sizeof(OutputBuffer));
printf("请输入需要获取属性的文件路径:\n");
scanf("%s", InputBuffer);
DeviceIoControl(hDriver, CTL_GETARR_PATH, InputBuffer, sizeof(InputBuffer), OutputBuffer, sizeof(OutputBuffer), &RetNumber, NULL);
printf("返回数据: %s\n", OutputBuffer);
system("pause");
break;
}
```
学习一下!!!
页:
[1]