|
阅读:2320回复:1
dos下访问ntfs分区,查找指定文件的源代码
哪位高手能帮我看下吗?我写的这个源代码有点儿问题!
程序功能: dos下在ntfs分区中查找一个文件,我主要只用了ntfs中的MFT表格,在表格中找文件记录,当然这样有点儿慢慢!但理论是行得通的.如果我手动把文件记录号设到要查找文件记录附近的话,这个程序就没有问题,但就是我设到用户开始文件记录(开始文件记录号24,我要查找的文件记录号大约为0bc8h号)就要出问题,就是死机!是哪儿的问题呢?哪位高手指点下吗?应该是一个好程序不懂ntfs都可以看哈. .386 .model small dseg segment USE16 buffer db 3fh*512 dup(0) dap db 10h,00,01,00,00,00,00,00,00,00,00,00,00,00,00 secperclu db ? MftSectorBase dd ? SectorsPerFrs dw ? namelength db 5 nextFRS dd ? findfilename dw \'n\',\'t\',\'l\',\'d\',\'r\' findend db \"no find file!\",24h findfile db \"File Find OK!\",24h dseg ends cseg segment USE16 ;16bit code segment assume cs:cseg;ds:dseg;es:dseg;ss:sseg start proc mov ax,dseg mov ds,ax mov es,ax mov si,offset dap mov [si+6],ax ;read sector segmeng address mov byte ptr [si+8],3fh ;set start lba mov ah,47h mov dl,80h int 13h mov ah,42h int 13h mov di,offset buffer mov ax,0aa55h cmp [di+1feh],ax ;is DBR end sign? jnz exit mov eax,5346544eh cmp [di+3],eax ;is ntfs? jnz exit mov ecx,[di+40h] ;cluster per MFT FRS neg cl mov eax,1 shl eax,cl movzx ebx,word ptr [di+0bh];byte per sector sub edx,edx div ebx ; eax = sectors per frs mov SectorsPerFrs, ax mov eax, [di+30h] ;MFT start cluster movzx ebx, [di+0dh] ;sector per cluster mul ebx add eax,[di+1ch] ;HiddenSectors mov MftSectorBase, eax ; SectorBase = mft starting sector mov nextFRS,24 ;start FRS 24# loopfrs: sub eax,eax mov ax,SectorsPerFrs mov ebx,nextFRS mul ebx ;FRSstartsector=FRS#*SectorsPerFrs+MftSectorBase inc nextFRS add eax,MftSectorBase mov si,offset dap mov bx,SectorsPerFrs mov [si+2],bx ;set read sector count mov [si+8],eax ;set start lba mov ah,47h mov dl,80h int 13h mov ah,42h int 13h mov di,offset buffer mov eax,454c4946h cmp eax,[di] ;is FRS ? jnz exit cmp byte ptr [di+16h],2 ;fies is dir,go nextFRs jz loopfrs sub eax,eax mov ax,offset buffer call lacattribre cmp eax,0 jz loopfrs ;go to next FRS mov ah,9 ;print find file mov dx,offset findfile int 21h jmp exit nofrs: mov ah,9 ;print find file end mov dx,offset findend int 21h exit: mov ah,4ch int 21h ;Find an file attribute in an FRS lacattribre proc push di push si push ecx add ax,[eax+14h] ;FRS FirstAttribute lacA: cmp [eax],0ffffffffh ;is Attribute list end jz exitlac mov ecx,30h ;is filename Attribute? cmp [eax],ecx jnz lacB ;find file attribute,cmp is find file name? mov cl,namelength cmp [eax+58h],cl ;+18h(size FRS attribe)+40h(length offset in filenameattribute) jnz lacB mov si, ax add si,5ah ;+18h+42h(filename offset in filename attribute) mov di,offset findfilename cld repe cmpsw ; zero flag is set if equal jnz exitlac ;no find file name pop ecx pop si pop di ret ;return eax=locate Attribute TypeCode lacB: add eax,[eax+4] ;next Attribute jmp lacA exitlac: sub eax,eax ;no find file Attribute,set eax=0 exit pop ecx pop si pop di ret lacattribre endp cseg ends end start |
|
|
|
沙发#
发布于:2005-04-29 11:50
对了这样子就对了
.386 .model small .stack 0200h dseg segment USE16 buffer db 3fh*512 dup(?) dap db 10h,00,01,00,00,00,00,00,00,00,00,00,00,00,00 secperclu db ? MftSectorBase dd ? SectorsPerFrs dd ? curreFRS dd ? namelength db 5 findfilename dw \'n\',\'t\',\'l\',\'d\',\'r\' findend db \"No Find File!\",24h findfile db \"File Find OK!\",24h dseg ends cseg segment USE16 ;16bit code segment assume cs:cseg;ds:dseg;es:dseg start proc mov ax,dseg mov ds,ax ;set segment address mov es,ax mov si,offset dap ;set pointer to Disk Address Packet mov [si+6],ax ;set read sector buffer segmeng address mov byte ptr [si+8],3fh ;set start lba mov ah,47h mov dl,80h int 13h mov ah,42h int 13h mov di,offset buffer ;set pointer to read buffer mov ax,0aa55h cmp [di+1feh],ax ;is Boot Record ID? jnz exit mov eax,5346544eh cmp [di+3],eax ;Version is NTFS? jnz exit mov ecx,[di+40h] ;cluster per MFT FRS neg cl mov eax,1 shl eax,cl ;byte per FRS movzx ebx,word ptr [di+0bh];byte per sector xor edx,edx div ebx ; eax = sectors per frs mov SectorsPerFrs, eax mov eax, [di+30h] ;MFT start cluster movzx ebx, [di+0dh] ;sector per cluster mul ebx add eax,[di+1ch] ;HiddenSectors mov MftSectorBase, eax ;MftSectorBase= MFT starting sector mov eax,SectorsPerFrs mov ebx,23 ;ebx=star frs(start user FRS#) mul ebx add eax,MftSectorBase ;FRSstartsector=23#FRS*SectorsPerFrs+MftSectorBase mov curreFRS,eax ;save FRSstartsector readfrs: mov eax,curreFRS mov ebx,SectorsPerFrs add eax,ebx ;eax=Next FRS mov curreFRS,eax mov [si+2],bx ;set read sector count mov [si+8],eax ;set start lba mov ah,47h mov dl,80h int 13h mov ah,42h int 13h mov eax,454c4946h cmp eax,[di] ;is FRS single? jnz nofrs ;loop exit xor eax,eax mov ax,offset buffer call lacattribre cmp eax,0 jz readfrs ;go to next FRS mov ah,9 ;print find file mov dx,offset findfile int 21h jmp exit nofrs: mov ah,9 ;print find file end mov dx,offset findend int 21h exit: mov ah,4ch int 21h ;Find an file attribute in an FRS lacattribre proc push edi push esi push ecx add ax,[eax+14h] ;FRS FirstAttribute lacA: mov ecx,0ffffffffh cmp [eax],ecx ;is Attribute list end? jz exitlac mov ecx,30h ;is filename Attribute? cmp [eax],ecx jnz lacB ;find file attribute,cmp is find file name? movzx ecx,namelength cmp [eax+58h],cl ;+18h(size FRS attribe)+40h(length offset in filenameattribute) jnz lacB mov esi, eax add si,5ah ;+18h+42h(filename offset in filename attribute) mov di,offset findfilename cld repe cmpsw ; zero flag is set if equal jnz exitlac ;no find file name pop ecx pop esi pop edi ret ;return eax=locate Attribute TypeCode lacB: add ax,[eax+4] ;next Attribute add eax,[eax+4] attrib length is 4B jmp lacA exitlac: xor eax,eax ;no find file Attribute,set eax=0 exit pop ecx pop esi pop edi ret lacattribre endp cseg ends end start |
|
|