|
阅读:1550回复:3
构造Irp读文件,为什么得不到数据?请大家帮我分析分析下面是我根据某大牛的代码改写的构造irp读文件,在调试跟踪到IoCallDriver()后,程序进入pending状态,该状态结束之后的stat不成功,无读数据。请大家帮我分析分析。wowocock老牛也赶快献身救我! NTSTATUS RRead(WCHAR* name,char *buffer) { PFILE_OBJECT fileob; HANDLE handle; PIRP irp; KEVENT event; NTSTATUS stat; PMDL mdl; ULONG count; FSRTL_COMMON_FCB_HEADER* pFCBH; PIO_STACK_LOCATION irpsp; IO_STATUS_BLOCK ioStatus; //文件打开没问题 handle = openfile(name,FILE_READ_ATTRIBUTES,FILE_SHARE_READ); if(handle == 0) { return STATUS_UNSUCCESSFUL; } ObReferenceObjectByHandle(handle,GENERIC_READ,*IoFileObjectType,KernelMode,(PVOID*)&fileob,0); pFCBH = (FSRTL_COMMON_FCB_HEADER*)fileob->FsContext; count = (pFCBH->FileSize).LowPart; irp = IoAllocateIrp(fileob->DeviceObject->StackSize, TRUE); if(fileob->DeviceObject->Flags & DO_BUFFERED_IO) { irp->AssociatedIrp.SystemBuffer=buffer;//buffered } else if(fileob->DeviceObject->Flags & DO_DIRECT_IO) { mdl=IoAllocateMdl(buffer,count,0,0,0); MmBuildMdlForNonPagedPool(mdl); irp->MdlAddress=mdl;//direct } else { irp->UserBuffer=buffer;//neither i/o, use kernel buffer } irpsp = IoGetNextIrpStackLocation(irp); irpsp->FileObject=fileob; irpsp->MajorFunction=IRP_MJ_READ; irpsp->MinorFunction=IRP_MN_NORMAL; irpsp->Parameters.Read.ByteOffset.QuadPart=0; irpsp->Parameters.Read.Key=0; irpsp->Parameters.Read.Length=count; KeInitializeEvent(&event,NotificationEvent,FALSE); IoSetCompletionRoutine(irp,IoCompletion,&event,1,1,1); stat=IoCallDriver(fileob->DeviceObject,irp); if(stat==STATUS_PENDING)//程序为pending状态 { KeWaitForSingleObject(&event, Executive,KernelMode,FALSE,NULL); stat=irp->IoStatus.Status; } if(!NT_SUCCESS(stat))//跟踪调试到此不成功 { IoFreeIrp(irp); ObDereferenceObject(fileob); if(mdl){IoFreeMdl(mdl);}//if DO_DIRECT_IO return -1; } stat=irp->IoStatus.Information;//bytes read IoFreeIrp(irp); ObDereferenceObject(fileob); if(mdl){IoFreeMdl(mdl);}//if DO_DIRECT_IO return stat; } |
|
|
|
沙发#
发布于:2007-12-11 13:48
问题已解决。忘记了设置irpsp的设备对象。多谢!
|
|
|
|
板凳#
发布于:2007-12-11 13:54
用户被禁言,该主题自动屏蔽! |
|
|
地板#
发布于:2007-12-11 18:02
楼上的,你说的是用户态的那个吗?可能不大保险啊。会被HOOK的
|
|
|