windows内核读写文件

最新推荐文章于 2021-06-23 13:01:40 发布

wsgxiaomianao

最新推荐文章于 2021-06-23 13:01:40 发布

阅读量1.3k

点赞数

分类专栏： windows驱动编程

本文链接：https://blog.csdn.net/wsgxiaomianao/article/details/32324289

版权

windows驱动编程专栏收录该内容

39 篇文章 3 订阅

订阅专栏

///
///
/// Copyright (c) 2014 - <company name here>
///
/// Original filename: FileOperation.cpp
/// Project          : FileOperation
/// Date of creation : 2014-06-19
/// Author(s)        : <author name(s)>
///
/// Purpose          : <description>
///
/// Revisions:
///  0000 [2014-06-19] Initial revision.
///
///

// $Id$

#ifdef __cplusplus
extern "C" {
#endif
#include <ntddk.h>
#include <wdm.h>
#include <string.h>
#ifdef __cplusplus
}; // extern "C"
#endif

#include "FileOperation.h"


HANDLE g_FileHandle = NULL;
const WCHAR* g_wzFileName = L"\\??\\C:\\fileOper.txt";


VOID DriverUnload(
    IN PDRIVER_OBJECT		DriverObject
    )
{
	KdPrint(("DriverUnload....."));
}


NTSTATUS MCreateFile()
{

	UNICODE_STRING usFileName;
	OBJECT_ATTRIBUTES obj;
	LARGE_INTEGER lFileAllocationSize;
	IO_STATUS_BLOCK ioSB;
	NTSTATUS status = STATUS_SUCCESS;

	RtlInitUnicodeString(&usFileName,g_wzFileName);


		InitializeObjectAttributes(
		&obj,
		&usFileName,
		OBJ_CASE_INSENSITIVE /*|  OBJ_KERNEL_HANDLE*/,
		NULL,
		NULL);


		lFileAllocationSize = RtlConvertLongToLargeInteger((ULONG)1024);

	 
		status = ZwCreateFile(
		&g_FileHandle,
		FILE_ALL_ACCESS,
		&obj,
		&ioSB,
		&lFileAllocationSize,
		FILE_ATTRIBUTE_NORMAL,
		0,
		FILE_OVERWRITE_IF,
		/*FILE_DIRECTORY_FILE*/FILE_SYNCHRONOUS_IO_NONALERT,????
		NULL,
		0);

		if (!NT_SUCCESS(status))
		{
			KdPrint(("zwCreateFile Error"));
		}else
		{
			KdPrint(("zwCreateFile ok"));
		}


	return STATUS_SUCCESS;
}

NTSTATUS MWriteFile()
{

	NTSTATUS status;
	IO_STATUS_BLOCK ioSB;
	LARGE_INTEGER kOffset = RtlConvertLongToLargeInteger((ULONG)0);
	UNICODE_STRING usWriteData;
	ANSI_STRING asWriteData;
	RtlInitUnicodeString(&usWriteData,L"RtlConvertLongToLargeInteger中文测试");
	RtlUnicodeStringToAnsiString(&asWriteData,&usWriteData,TRUE);



	status = ZwWriteFile(
		g_FileHandle,
		NULL,
		NULL,
		NULL,
		&ioSB,
		asWriteData.Buffer,
		asWriteData.Length,
		&kOffset,
		NULL);

	RtlFreeAnsiString(&asWriteData);

	return STATUS_SUCCESS;

}

NTSTATUS MReadFile()
{

	NTSTATUS status;
	IO_STATUS_BLOCK ioSB;
	FILE_STANDARD_INFORMATION fsi;

	UNICODE_STRING usWriteData;
	LARGE_INTEGER kOffset = RtlConvertLongToLargeInteger((ULONG)0);

	
	//ANSI_STRING asWriteData;
	
	//RtlInitUnicodeString(&usWriteData,L"RtlConvertLongToLargeInteger中文测试");
	//RtlUnicodeStringToAnsiString(&asWriteData,&usWriteData,TRUE);

	ZwQueryInformationFile(g_FileHandle,&ioSB,&fsi,sizeof(FILE_STANDARD_INFORMATION),FileStandardInformation);



	
	PUCHAR Buffer = (PUCHAR)ExAllocatePool(PagedPool,(LONG)fsi.EndOfFile.QuadPart);



	status = ZwReadFile(
		g_FileHandle,
		NULL,
		NULL,
		NULL,
		&ioSB,
		Buffer,
		(LONG)fsi.EndOfFile.QuadPart,
		&kOffset,
		NULL);

	//RtlFreeAnsiString(&asWriteData);
	KdPrint(("readData:%s",Buffer));
	ExFreePool(Buffer);


	return STATUS_SUCCESS;
}

void MCloseFile()
{

	if (g_FileHandle)
	{
		ZwClose(g_FileHandle);
		g_FileHandle = NULL;
	}
	KdPrint(("Close File Handle..."));
}

NTSTATUS QueryFileAttributes()
{
	return STATUS_SUCCESS;

}

NTSTATUS SetFileAttributes()
{

	return STATUS_SUCCESS;
}
#ifdef __cplusplus
extern "C" {
#endif
NTSTATUS DriverEntry(
    IN OUT PDRIVER_OBJECT   DriverObject,
    IN PUNICODE_STRING      RegistryPath
    )
{
  
	KdPrint(("FileOperation:DriverEntry....."));

	MCreateFile();
	MWriteFile();
	MReadFile();
	MCloseFile();

    DriverObject->DriverUnload = DriverUnload;

    return STATUS_SUCCESS;
}
#ifdef __cplusplus
}; // extern "C"
#endif

wsgxiaomianao

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
windows内核读写文件

///////////////////////////////////////////////////////////////////////////////////// Copyright (c) 2014 - ////// Original filename: FileOperation.cpp/// Project : FileOperation/// Date
复制链接

扫一扫