2002-06-25 22:23:06 +00:00
|
|
|
/*
|
|
|
|
|
* ReactOS kernel
|
2014-11-02 21:50:40 +00:00
|
|
|
* Copyright (C) 2002, 2003, 2014 ReactOS Team
|
2002-06-25 22:23:06 +00:00
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program; if not, write to the Free Software
|
2008-03-08 21:45:51 +00:00
|
|
|
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
|
2002-06-25 22:23:06 +00:00
|
|
|
*
|
|
|
|
|
* COPYRIGHT: See COPYING in the top level directory
|
|
|
|
|
* PROJECT: ReactOS kernel
|
2008-02-10 11:20:29 +00:00
|
|
|
* FILE: drivers/filesystem/ntfs/dirctl.c
|
2002-06-25 22:23:06 +00:00
|
|
|
* PURPOSE: NTFS filesystem driver
|
2014-11-02 21:50:40 +00:00
|
|
|
* PROGRAMMERS: Eric Kohl
|
|
|
|
|
* Pierre Schweitzer (pierre@reactos.org)
|
2014-11-02 22:56:38 +00:00
|
|
|
* Hervé Poussineau (hpoussin@reactos.org)
|
2002-06-25 22:23:06 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
/* INCLUDES *****************************************************************/
|
|
|
|
|
|
2005-07-20 02:52:52 +00:00
|
|
|
#include "ntfs.h"
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2004-06-05 08:28:37 +00:00
|
|
|
#define NDEBUG
|
2002-06-25 22:23:06 +00:00
|
|
|
#include <debug.h>
|
|
|
|
|
|
|
|
|
|
/* FUNCTIONS ****************************************************************/
|
|
|
|
|
|
2017-06-09 03:14:30 +00:00
|
|
|
/**
|
|
|
|
|
* @name NtfsAddFilenameToDirectory
|
|
|
|
|
* @implemented
|
|
|
|
|
*
|
|
|
|
|
* Adds a $FILE_NAME attribute to a given directory index.
|
|
|
|
|
*
|
|
|
|
|
* @param DeviceExt
|
|
|
|
|
* Points to the target disk's DEVICE_EXTENSION.
|
|
|
|
|
*
|
|
|
|
|
* @param DirectoryMftIndex
|
|
|
|
|
* Mft index of the parent directory which will receive the file.
|
|
|
|
|
*
|
|
|
|
|
* @param FileReferenceNumber
|
|
|
|
|
* File reference of the file to be added to the directory. This is a combination of the
|
|
|
|
|
* Mft index and sequence number.
|
|
|
|
|
*
|
|
|
|
|
* @param FilenameAttribute
|
|
|
|
|
* Pointer to the FILENAME_ATTRIBUTE of the file being added to the directory.
|
|
|
|
|
*
|
|
|
|
|
* @return
|
|
|
|
|
* STATUS_SUCCESS on success.
|
|
|
|
|
* STATUS_INSUFFICIENT_RESOURCES if an allocation fails.
|
|
|
|
|
* STATUS_NOT_IMPLEMENTED if target address isn't at the end of the given file record.
|
|
|
|
|
*
|
|
|
|
|
* @remarks
|
|
|
|
|
* WIP - Can only support an empty directory.
|
|
|
|
|
* One FILENAME_ATTRIBUTE is added to the directory's index for each link to that file. So, each
|
|
|
|
|
* file which contains one FILENAME_ATTRIBUTE for a long name and another for the 8.3 name, will
|
|
|
|
|
* get both attributes added to its parent directory.
|
|
|
|
|
*/
|
|
|
|
|
NTSTATUS
|
|
|
|
|
NtfsAddFilenameToDirectory(PDEVICE_EXTENSION DeviceExt,
|
|
|
|
|
ULONGLONG DirectoryMftIndex,
|
|
|
|
|
ULONGLONG FileReferenceNumber,
|
|
|
|
|
PFILENAME_ATTRIBUTE FilenameAttribute)
|
|
|
|
|
{
|
|
|
|
|
NTSTATUS Status = STATUS_SUCCESS;
|
|
|
|
|
PFILE_RECORD_HEADER ParentFileRecord;
|
2017-06-25 02:56:40 +00:00
|
|
|
PNTFS_ATTR_CONTEXT IndexRootContext;
|
2017-06-09 03:14:30 +00:00
|
|
|
PINDEX_ROOT_ATTRIBUTE I30IndexRoot;
|
|
|
|
|
ULONG IndexRootOffset;
|
|
|
|
|
ULONGLONG I30IndexRootLength;
|
|
|
|
|
PINDEX_ENTRY_ATTRIBUTE IndexNodeEntry;
|
|
|
|
|
ULONG LengthWritten;
|
|
|
|
|
PNTFS_ATTR_RECORD DestinationAttribute;
|
|
|
|
|
PINDEX_ROOT_ATTRIBUTE NewIndexRoot;
|
|
|
|
|
ULONG AttributeLength;
|
|
|
|
|
PNTFS_ATTR_RECORD NextAttribute;
|
|
|
|
|
|
|
|
|
|
// Allocate memory for the parent directory
|
|
|
|
|
ParentFileRecord = ExAllocatePoolWithTag(NonPagedPool,
|
|
|
|
|
DeviceExt->NtfsInfo.BytesPerFileRecord,
|
|
|
|
|
TAG_NTFS);
|
|
|
|
|
if (!ParentFileRecord)
|
|
|
|
|
{
|
|
|
|
|
DPRINT1("ERROR: Couldn't allocate memory for file record!\n");
|
|
|
|
|
return STATUS_INSUFFICIENT_RESOURCES;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Open the parent directory
|
|
|
|
|
Status = ReadFileRecord(DeviceExt, DirectoryMftIndex, ParentFileRecord);
|
|
|
|
|
if (!NT_SUCCESS(Status))
|
|
|
|
|
{
|
|
|
|
|
ExFreePoolWithTag(ParentFileRecord, TAG_NTFS);
|
|
|
|
|
DPRINT1("ERROR: Couldn't read parent directory with index %I64u\n",
|
|
|
|
|
DirectoryMftIndex);
|
|
|
|
|
return Status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
DPRINT1("Dumping old parent file record:\n");
|
|
|
|
|
NtfsDumpFileRecord(DeviceExt, ParentFileRecord);
|
|
|
|
|
|
|
|
|
|
// Find the index root attribute for the directory
|
|
|
|
|
Status = FindAttribute(DeviceExt,
|
|
|
|
|
ParentFileRecord,
|
|
|
|
|
AttributeIndexRoot,
|
|
|
|
|
L"$I30",
|
|
|
|
|
4,
|
2017-06-25 02:56:40 +00:00
|
|
|
&IndexRootContext,
|
2017-06-09 03:14:30 +00:00
|
|
|
&IndexRootOffset);
|
|
|
|
|
if (!NT_SUCCESS(Status))
|
|
|
|
|
{
|
|
|
|
|
DPRINT1("ERROR: Couldn't find $I30 $INDEX_ROOT attribute for parent directory with MFT #: %I64u!\n",
|
|
|
|
|
DirectoryMftIndex);
|
|
|
|
|
ExFreePoolWithTag(ParentFileRecord, TAG_NTFS);
|
|
|
|
|
return Status;
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-25 02:56:40 +00:00
|
|
|
I30IndexRootLength = AttributeDataLength(&IndexRootContext->Record);
|
2017-06-09 03:14:30 +00:00
|
|
|
|
|
|
|
|
// Allocate memory for the index root data
|
|
|
|
|
I30IndexRoot = (PINDEX_ROOT_ATTRIBUTE)ExAllocatePoolWithTag(NonPagedPool, I30IndexRootLength, TAG_NTFS);
|
|
|
|
|
if (!I30IndexRoot)
|
|
|
|
|
{
|
|
|
|
|
DPRINT1("ERROR: Couldn't allocate memory for index root attribute!\n");
|
2017-06-25 02:56:40 +00:00
|
|
|
ReleaseAttributeContext(IndexRootContext);
|
2017-06-09 03:14:30 +00:00
|
|
|
ExFreePoolWithTag(ParentFileRecord, TAG_NTFS);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Read the Index Root
|
2017-06-25 02:56:40 +00:00
|
|
|
Status = ReadAttribute(DeviceExt, IndexRootContext, 0, (PCHAR)I30IndexRoot, I30IndexRootLength);
|
2017-06-09 03:14:30 +00:00
|
|
|
if (!NT_SUCCESS(Status))
|
|
|
|
|
{
|
|
|
|
|
DPRINT1("ERROR: Couln't read index root attribute for Mft index #%I64u\n", DirectoryMftIndex);
|
2017-06-25 02:56:40 +00:00
|
|
|
ReleaseAttributeContext(IndexRootContext);
|
2017-06-09 03:14:30 +00:00
|
|
|
ExFreePoolWithTag(I30IndexRoot, TAG_NTFS);
|
|
|
|
|
ExFreePoolWithTag(ParentFileRecord, TAG_NTFS);
|
|
|
|
|
return Status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Make sure it's empty (temporarily)
|
|
|
|
|
IndexNodeEntry = (PINDEX_ENTRY_ATTRIBUTE)((ULONG_PTR)I30IndexRoot + I30IndexRoot->Header.FirstEntryOffset + 0x10);
|
|
|
|
|
if (IndexNodeEntry->Data.Directory.IndexedFile != 0 || IndexNodeEntry->Flags != 2)
|
|
|
|
|
{
|
|
|
|
|
DPRINT1("FIXME: File-creation is only supported in empty directories right now! Be patient! :)\n");
|
2017-06-25 02:56:40 +00:00
|
|
|
ReleaseAttributeContext(IndexRootContext);
|
2017-06-09 03:14:30 +00:00
|
|
|
ExFreePoolWithTag(I30IndexRoot, TAG_NTFS);
|
|
|
|
|
ExFreePoolWithTag(ParentFileRecord, TAG_NTFS);
|
|
|
|
|
return STATUS_NOT_IMPLEMENTED;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Now we need to setup a new index root attribute to replace the old one
|
|
|
|
|
NewIndexRoot = ExAllocatePoolWithTag(NonPagedPool, DeviceExt->NtfsInfo.BytesPerIndexRecord, TAG_NTFS);
|
|
|
|
|
if (!NewIndexRoot)
|
|
|
|
|
{
|
|
|
|
|
DPRINT1("ERROR: Unable to allocate memory for new index root attribute!\n");
|
2017-06-25 02:56:40 +00:00
|
|
|
ReleaseAttributeContext(IndexRootContext);
|
2017-06-09 03:14:30 +00:00
|
|
|
ExFreePoolWithTag(I30IndexRoot, TAG_NTFS);
|
|
|
|
|
ExFreePoolWithTag(ParentFileRecord, TAG_NTFS);
|
|
|
|
|
return STATUS_INSUFFICIENT_RESOURCES;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Setup the new index record
|
|
|
|
|
RtlZeroMemory(NewIndexRoot, DeviceExt->NtfsInfo.BytesPerIndexRecord); // shouldn't be necessary but aids in debugging
|
|
|
|
|
|
|
|
|
|
NewIndexRoot->AttributeType = AttributeFileName;
|
|
|
|
|
NewIndexRoot->CollationRule = COLLATION_FILE_NAME;
|
|
|
|
|
NewIndexRoot->SizeOfEntry = DeviceExt->NtfsInfo.BytesPerIndexRecord;
|
|
|
|
|
// If Bytes per index record is less than cluster size, clusters per index record becomes sectors per index
|
|
|
|
|
if(NewIndexRoot->SizeOfEntry < DeviceExt->NtfsInfo.BytesPerCluster)
|
|
|
|
|
NewIndexRoot->ClustersPerIndexRecord = NewIndexRoot->SizeOfEntry / DeviceExt->NtfsInfo.BytesPerSector;
|
|
|
|
|
else
|
|
|
|
|
NewIndexRoot->ClustersPerIndexRecord = NewIndexRoot->SizeOfEntry / DeviceExt->NtfsInfo.BytesPerCluster;
|
|
|
|
|
|
|
|
|
|
// Setup the Index node header
|
|
|
|
|
NewIndexRoot->Header.FirstEntryOffset = 0x10;
|
|
|
|
|
NewIndexRoot->Header.Flags = INDEX_ROOT_SMALL;
|
|
|
|
|
// still need to calculate sizes
|
|
|
|
|
|
|
|
|
|
// The first index node entry will be for the filename we're adding
|
|
|
|
|
IndexNodeEntry = (PINDEX_ENTRY_ATTRIBUTE)((ULONG_PTR)NewIndexRoot + NewIndexRoot->Header.FirstEntryOffset + 0x10);
|
|
|
|
|
IndexNodeEntry->Data.Directory.IndexedFile = FileReferenceNumber;
|
|
|
|
|
IndexNodeEntry->Flags = INDEX_ROOT_SMALL;
|
|
|
|
|
IndexNodeEntry->KeyLength = FIELD_OFFSET(FILENAME_ATTRIBUTE, Name) + (2 * FilenameAttribute->NameLength);
|
|
|
|
|
IndexNodeEntry->Length = ALIGN_UP_BY(IndexNodeEntry->KeyLength, 8) + FIELD_OFFSET(INDEX_ENTRY_ATTRIBUTE, FileName);
|
|
|
|
|
|
|
|
|
|
// Now we can calculate the Node length (temp logic)
|
|
|
|
|
NewIndexRoot->Header.TotalSizeOfEntries = NewIndexRoot->Header.FirstEntryOffset + IndexNodeEntry->Length + 0x10;
|
|
|
|
|
NewIndexRoot->Header.AllocatedSize = NewIndexRoot->Header.TotalSizeOfEntries;
|
|
|
|
|
|
|
|
|
|
DPRINT1("New Index Node Entry Stream Length: %u\nNew Inde Node Entry Length: %u\n",
|
|
|
|
|
IndexNodeEntry->KeyLength,
|
|
|
|
|
IndexNodeEntry->Length);
|
|
|
|
|
|
|
|
|
|
// copy over the attribute proper
|
|
|
|
|
RtlCopyMemory(&IndexNodeEntry->FileName, FilenameAttribute, IndexNodeEntry->KeyLength);
|
|
|
|
|
|
|
|
|
|
// Now setup the dummy key
|
|
|
|
|
IndexNodeEntry = (PINDEX_ENTRY_ATTRIBUTE)((ULONG_PTR)IndexNodeEntry + IndexNodeEntry->Length);
|
|
|
|
|
|
|
|
|
|
IndexNodeEntry->Data.Directory.IndexedFile = 0;
|
|
|
|
|
IndexNodeEntry->Length = 0x10;
|
|
|
|
|
IndexNodeEntry->KeyLength = 0;
|
|
|
|
|
IndexNodeEntry->Flags = NTFS_INDEX_ENTRY_END;
|
|
|
|
|
|
|
|
|
|
// This is when we'd normally setup the length (already done above)
|
|
|
|
|
|
|
|
|
|
// Write back the new index root attribute to the parent directory file record
|
|
|
|
|
|
|
|
|
|
// First, we need to make sure the attribute is large enough.
|
|
|
|
|
// We can't set the size as we normally would, because if we extend past the file record,
|
|
|
|
|
// we must create an index allocation and index bitmap (TODO). Also TODO: support file records with
|
|
|
|
|
// $ATTRIBUTE_LIST's.
|
|
|
|
|
AttributeLength = NewIndexRoot->Header.AllocatedSize + FIELD_OFFSET(INDEX_ROOT_ATTRIBUTE, Header);
|
|
|
|
|
DestinationAttribute = (PNTFS_ATTR_RECORD)((ULONG_PTR)ParentFileRecord + IndexRootOffset);
|
|
|
|
|
|
|
|
|
|
NextAttribute = (PNTFS_ATTR_RECORD)((ULONG_PTR)DestinationAttribute + DestinationAttribute->Length);
|
|
|
|
|
if (NextAttribute->Type != AttributeEnd)
|
|
|
|
|
{
|
|
|
|
|
DPRINT1("FIXME: For now, only resizing index root at the end of a file record is supported!\n");
|
|
|
|
|
ExFreePoolWithTag(NewIndexRoot, TAG_NTFS);
|
2017-06-25 02:56:40 +00:00
|
|
|
ReleaseAttributeContext(IndexRootContext);
|
2017-06-09 03:14:30 +00:00
|
|
|
ExFreePoolWithTag(I30IndexRoot, TAG_NTFS);
|
|
|
|
|
ExFreePoolWithTag(ParentFileRecord, TAG_NTFS);
|
|
|
|
|
return STATUS_NOT_IMPLEMENTED;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Update the length of the attribute in the file record of the parent directory
|
2017-06-25 02:56:40 +00:00
|
|
|
InternalSetResidentAttributeLength(IndexRootContext,
|
2017-06-09 03:14:30 +00:00
|
|
|
ParentFileRecord,
|
|
|
|
|
IndexRootOffset,
|
|
|
|
|
AttributeLength);
|
|
|
|
|
|
|
|
|
|
Status = UpdateFileRecord(DeviceExt, DirectoryMftIndex, ParentFileRecord);
|
|
|
|
|
if (!NT_SUCCESS(Status))
|
|
|
|
|
{
|
|
|
|
|
DPRINT1("ERROR: Failed to update file record of directory with index: %llx\n", DirectoryMftIndex);
|
|
|
|
|
ExFreePoolWithTag(ParentFileRecord, TAG_NTFS);
|
|
|
|
|
ExFreePoolWithTag(NewIndexRoot, TAG_NTFS);
|
|
|
|
|
ExFreePoolWithTag(I30IndexRoot, TAG_NTFS);
|
|
|
|
|
return Status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Update the parent directory with the new index root
|
|
|
|
|
Status = WriteAttribute(DeviceExt,
|
2017-06-25 02:56:40 +00:00
|
|
|
IndexRootContext,
|
2017-06-09 03:14:30 +00:00
|
|
|
0,
|
|
|
|
|
(PUCHAR)NewIndexRoot,
|
|
|
|
|
AttributeLength,
|
|
|
|
|
&LengthWritten);
|
|
|
|
|
if (!NT_SUCCESS(Status) )
|
|
|
|
|
{
|
|
|
|
|
DPRINT1("ERROR: Unable to write new index root attribute to parent directory!\n");
|
|
|
|
|
ExFreePoolWithTag(NewIndexRoot, TAG_NTFS);
|
2017-06-25 02:56:40 +00:00
|
|
|
ReleaseAttributeContext(IndexRootContext);
|
2017-06-09 03:14:30 +00:00
|
|
|
ExFreePoolWithTag(I30IndexRoot, TAG_NTFS);
|
|
|
|
|
ExFreePoolWithTag(ParentFileRecord, TAG_NTFS);
|
|
|
|
|
return Status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// re-read the parent file record, so we can dump it
|
|
|
|
|
Status = ReadFileRecord(DeviceExt, DirectoryMftIndex, ParentFileRecord);
|
|
|
|
|
if (!NT_SUCCESS(Status))
|
|
|
|
|
{
|
|
|
|
|
DPRINT1("ERROR: Couldn't read parent directory after messing with it!\n");
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
DPRINT1("Dumping new parent file record:\n");
|
|
|
|
|
NtfsDumpFileRecord(DeviceExt, ParentFileRecord);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Cleanup
|
|
|
|
|
ExFreePoolWithTag(NewIndexRoot, TAG_NTFS);
|
2017-06-25 02:56:40 +00:00
|
|
|
ReleaseAttributeContext(IndexRootContext);
|
2017-06-09 03:14:30 +00:00
|
|
|
ExFreePoolWithTag(I30IndexRoot, TAG_NTFS);
|
|
|
|
|
ExFreePoolWithTag(ParentFileRecord, TAG_NTFS);
|
|
|
|
|
|
|
|
|
|
return Status;
|
|
|
|
|
}
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2015-07-05 19:04:05 +00:00
|
|
|
ULONGLONG
|
2015-06-28 21:26:19 +00:00
|
|
|
NtfsGetFileSize(PDEVICE_EXTENSION DeviceExt,
|
|
|
|
|
PFILE_RECORD_HEADER FileRecord,
|
2015-07-05 19:04:05 +00:00
|
|
|
PCWSTR Stream,
|
|
|
|
|
ULONG StreamLength,
|
|
|
|
|
PULONGLONG AllocatedSize)
|
2015-06-28 20:55:29 +00:00
|
|
|
{
|
2015-07-05 19:04:05 +00:00
|
|
|
ULONGLONG Size = 0ULL;
|
|
|
|
|
ULONGLONG Allocated = 0ULL;
|
2015-06-28 21:26:19 +00:00
|
|
|
NTSTATUS Status;
|
|
|
|
|
PNTFS_ATTR_CONTEXT DataContext;
|
2015-06-28 20:55:29 +00:00
|
|
|
|
2016-06-22 21:20:50 +00:00
|
|
|
Status = FindAttribute(DeviceExt, FileRecord, AttributeData, Stream, StreamLength, &DataContext, NULL);
|
2015-06-28 21:26:19 +00:00
|
|
|
if (NT_SUCCESS(Status))
|
2015-06-28 20:55:29 +00:00
|
|
|
{
|
2015-06-28 21:26:19 +00:00
|
|
|
Size = AttributeDataLength(&DataContext->Record);
|
2015-07-05 19:04:05 +00:00
|
|
|
Allocated = AttributeAllocatedLength(&DataContext->Record);
|
2015-06-28 21:26:19 +00:00
|
|
|
ReleaseAttributeContext(DataContext);
|
2015-06-28 20:55:29 +00:00
|
|
|
}
|
|
|
|
|
|
2015-07-05 19:04:05 +00:00
|
|
|
if (AllocatedSize != NULL) *AllocatedSize = Allocated;
|
|
|
|
|
|
2015-06-28 20:55:29 +00:00
|
|
|
return Size;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2002-06-25 22:23:06 +00:00
|
|
|
static NTSTATUS
|
2014-10-15 21:02:05 +00:00
|
|
|
NtfsGetNameInformation(PDEVICE_EXTENSION DeviceExt,
|
|
|
|
|
PFILE_RECORD_HEADER FileRecord,
|
2015-06-27 13:40:05 +00:00
|
|
|
ULONGLONG MFTIndex,
|
2014-10-15 21:02:05 +00:00
|
|
|
PFILE_NAMES_INFORMATION Info,
|
|
|
|
|
ULONG BufferLength)
|
2002-06-25 22:23:06 +00:00
|
|
|
{
|
2014-10-15 21:02:05 +00:00
|
|
|
ULONG Length;
|
|
|
|
|
PFILENAME_ATTRIBUTE FileName;
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
DPRINT("NtfsGetNameInformation() called\n");
|
2002-06-25 22:23:06 +00:00
|
|
|
|
[NTFS]
Totally rewrite the way MFT records attributes are handled.
Up to now, we were having really similar loops, only looking at the resident part of the attribute list, not really caring about how the loop was going.
This was leading to some issues:
- In case the attribute we were looking for was stored in the non-resident part of the attribute list, we would miss it (excepted in the case of FindAttribute() which was properly browsing the whole attribute list).
- In the specific case of FindAttribute(), one would have been able to setup a broken MFT record with the resident attribute list pointing on the non resident attribute list which itself would point to the resident attribute list. In such case, the driver would loop forever caught on the loop, allocating tones of memory. It was possible to trigger this by user space, from a non-privileged user, just by browsing the right directory entry.
- In the case of the other loops (non FindAttribute()), another issue (other than missing attributes) was present, one would have been able to setup a broken MFT record with an attribute of null-length. This would have caused the driver to loop forever on the attribute list. This could be triggered from usermode too. And could be triggered by a non-privileged user.
This commit introduces a new set of functions for attributes browsing: FindFirstAttribute(), FindNextAttribute(), FindCloseAttribute(). It allows safely browsing attributes and handles broken cases. It also performs reading of the attribute list when present and makes sure there's only one read. This method should be the only one to use to browse the attributes.
The whole NTFS code base has been converted to use this newly set of functions. This really simplifies the implementation of FindAttribute(), and prevent unsafe code duplication.
CORE-10037 #resolve #comment Fixed with r68829
svn path=/trunk/; revision=68829
2015-08-26 18:20:04 +00:00
|
|
|
FileName = GetBestFileNameFromRecord(DeviceExt, FileRecord);
|
2015-06-27 13:40:05 +00:00
|
|
|
if (FileName == NULL)
|
|
|
|
|
{
|
|
|
|
|
DPRINT1("No name information for file ID: %#I64x\n", MFTIndex);
|
2015-06-27 15:06:25 +00:00
|
|
|
NtfsDumpFileAttributes(DeviceExt, FileRecord);
|
2015-06-27 13:40:05 +00:00
|
|
|
return STATUS_OBJECT_NAME_NOT_FOUND;
|
|
|
|
|
}
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-19 16:29:38 +00:00
|
|
|
Length = FileName->NameLength * sizeof (WCHAR);
|
2014-10-15 21:02:05 +00:00
|
|
|
if ((sizeof(FILE_NAMES_INFORMATION) + Length) > BufferLength)
|
|
|
|
|
return(STATUS_BUFFER_OVERFLOW);
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
Info->FileNameLength = Length;
|
|
|
|
|
Info->NextEntryOffset =
|
|
|
|
|
ROUND_UP(sizeof(FILE_NAMES_INFORMATION) + Length, sizeof(ULONG));
|
|
|
|
|
RtlCopyMemory(Info->FileName, FileName->Name, Length);
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
return(STATUS_SUCCESS);
|
2002-06-25 22:23:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static NTSTATUS
|
2014-10-15 21:02:05 +00:00
|
|
|
NtfsGetDirectoryInformation(PDEVICE_EXTENSION DeviceExt,
|
|
|
|
|
PFILE_RECORD_HEADER FileRecord,
|
2015-01-08 20:29:04 +00:00
|
|
|
ULONGLONG MFTIndex,
|
2014-10-15 21:02:05 +00:00
|
|
|
PFILE_DIRECTORY_INFORMATION Info,
|
|
|
|
|
ULONG BufferLength)
|
2002-06-25 22:23:06 +00:00
|
|
|
{
|
2014-10-15 21:02:05 +00:00
|
|
|
ULONG Length;
|
|
|
|
|
PFILENAME_ATTRIBUTE FileName;
|
2015-01-08 20:28:25 +00:00
|
|
|
PSTANDARD_INFORMATION StdInfo;
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
DPRINT("NtfsGetDirectoryInformation() called\n");
|
2002-06-25 22:23:06 +00:00
|
|
|
|
[NTFS]
Totally rewrite the way MFT records attributes are handled.
Up to now, we were having really similar loops, only looking at the resident part of the attribute list, not really caring about how the loop was going.
This was leading to some issues:
- In case the attribute we were looking for was stored in the non-resident part of the attribute list, we would miss it (excepted in the case of FindAttribute() which was properly browsing the whole attribute list).
- In the specific case of FindAttribute(), one would have been able to setup a broken MFT record with the resident attribute list pointing on the non resident attribute list which itself would point to the resident attribute list. In such case, the driver would loop forever caught on the loop, allocating tones of memory. It was possible to trigger this by user space, from a non-privileged user, just by browsing the right directory entry.
- In the case of the other loops (non FindAttribute()), another issue (other than missing attributes) was present, one would have been able to setup a broken MFT record with an attribute of null-length. This would have caused the driver to loop forever on the attribute list. This could be triggered from usermode too. And could be triggered by a non-privileged user.
This commit introduces a new set of functions for attributes browsing: FindFirstAttribute(), FindNextAttribute(), FindCloseAttribute(). It allows safely browsing attributes and handles broken cases. It also performs reading of the attribute list when present and makes sure there's only one read. This method should be the only one to use to browse the attributes.
The whole NTFS code base has been converted to use this newly set of functions. This really simplifies the implementation of FindAttribute(), and prevent unsafe code duplication.
CORE-10037 #resolve #comment Fixed with r68829
svn path=/trunk/; revision=68829
2015-08-26 18:20:04 +00:00
|
|
|
FileName = GetBestFileNameFromRecord(DeviceExt, FileRecord);
|
2015-06-27 13:40:05 +00:00
|
|
|
if (FileName == NULL)
|
|
|
|
|
{
|
|
|
|
|
DPRINT1("No name information for file ID: %#I64x\n", MFTIndex);
|
2015-06-27 15:06:25 +00:00
|
|
|
NtfsDumpFileAttributes(DeviceExt, FileRecord);
|
2015-06-27 13:40:05 +00:00
|
|
|
return STATUS_OBJECT_NAME_NOT_FOUND;
|
|
|
|
|
}
|
2002-06-25 22:23:06 +00:00
|
|
|
|
[NTFS]
Totally rewrite the way MFT records attributes are handled.
Up to now, we were having really similar loops, only looking at the resident part of the attribute list, not really caring about how the loop was going.
This was leading to some issues:
- In case the attribute we were looking for was stored in the non-resident part of the attribute list, we would miss it (excepted in the case of FindAttribute() which was properly browsing the whole attribute list).
- In the specific case of FindAttribute(), one would have been able to setup a broken MFT record with the resident attribute list pointing on the non resident attribute list which itself would point to the resident attribute list. In such case, the driver would loop forever caught on the loop, allocating tones of memory. It was possible to trigger this by user space, from a non-privileged user, just by browsing the right directory entry.
- In the case of the other loops (non FindAttribute()), another issue (other than missing attributes) was present, one would have been able to setup a broken MFT record with an attribute of null-length. This would have caused the driver to loop forever on the attribute list. This could be triggered from usermode too. And could be triggered by a non-privileged user.
This commit introduces a new set of functions for attributes browsing: FindFirstAttribute(), FindNextAttribute(), FindCloseAttribute(). It allows safely browsing attributes and handles broken cases. It also performs reading of the attribute list when present and makes sure there's only one read. This method should be the only one to use to browse the attributes.
The whole NTFS code base has been converted to use this newly set of functions. This really simplifies the implementation of FindAttribute(), and prevent unsafe code duplication.
CORE-10037 #resolve #comment Fixed with r68829
svn path=/trunk/; revision=68829
2015-08-26 18:20:04 +00:00
|
|
|
StdInfo = GetStandardInformationFromRecord(DeviceExt, FileRecord);
|
2015-01-08 20:28:25 +00:00
|
|
|
ASSERT(StdInfo != NULL);
|
|
|
|
|
|
2014-10-19 16:29:38 +00:00
|
|
|
Length = FileName->NameLength * sizeof (WCHAR);
|
2014-10-15 21:02:05 +00:00
|
|
|
if ((sizeof(FILE_DIRECTORY_INFORMATION) + Length) > BufferLength)
|
|
|
|
|
return(STATUS_BUFFER_OVERFLOW);
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
Info->FileNameLength = Length;
|
|
|
|
|
Info->NextEntryOffset =
|
|
|
|
|
ROUND_UP(sizeof(FILE_DIRECTORY_INFORMATION) + Length, sizeof(ULONG));
|
|
|
|
|
RtlCopyMemory(Info->FileName, FileName->Name, Length);
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-19 19:48:52 +00:00
|
|
|
Info->CreationTime.QuadPart = FileName->CreationTime;
|
|
|
|
|
Info->LastAccessTime.QuadPart = FileName->LastAccessTime;
|
|
|
|
|
Info->LastWriteTime.QuadPart = FileName->LastWriteTime;
|
|
|
|
|
Info->ChangeTime.QuadPart = FileName->ChangeTime;
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
/* Convert file flags */
|
2015-01-08 20:28:25 +00:00
|
|
|
NtfsFileFlagsToAttributes(FileName->FileAttributes | StdInfo->FileAttribute, &Info->FileAttributes);
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2015-07-05 20:31:54 +00:00
|
|
|
Info->EndOfFile.QuadPart = NtfsGetFileSize(DeviceExt, FileRecord, L"", 0, (PULONGLONG)&Info->AllocationSize.QuadPart);
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2015-01-08 20:29:04 +00:00
|
|
|
Info->FileIndex = MFTIndex;
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
return STATUS_SUCCESS;
|
2002-06-25 22:23:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static NTSTATUS
|
2014-10-15 21:02:05 +00:00
|
|
|
NtfsGetFullDirectoryInformation(PDEVICE_EXTENSION DeviceExt,
|
|
|
|
|
PFILE_RECORD_HEADER FileRecord,
|
2014-12-15 21:44:52 +00:00
|
|
|
ULONGLONG MFTIndex,
|
2014-10-15 21:02:05 +00:00
|
|
|
PFILE_FULL_DIRECTORY_INFORMATION Info,
|
|
|
|
|
ULONG BufferLength)
|
2002-06-25 22:23:06 +00:00
|
|
|
{
|
2014-10-15 21:02:05 +00:00
|
|
|
ULONG Length;
|
|
|
|
|
PFILENAME_ATTRIBUTE FileName;
|
2015-01-08 20:28:25 +00:00
|
|
|
PSTANDARD_INFORMATION StdInfo;
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
DPRINT("NtfsGetFullDirectoryInformation() called\n");
|
2002-06-25 22:23:06 +00:00
|
|
|
|
[NTFS]
Totally rewrite the way MFT records attributes are handled.
Up to now, we were having really similar loops, only looking at the resident part of the attribute list, not really caring about how the loop was going.
This was leading to some issues:
- In case the attribute we were looking for was stored in the non-resident part of the attribute list, we would miss it (excepted in the case of FindAttribute() which was properly browsing the whole attribute list).
- In the specific case of FindAttribute(), one would have been able to setup a broken MFT record with the resident attribute list pointing on the non resident attribute list which itself would point to the resident attribute list. In such case, the driver would loop forever caught on the loop, allocating tones of memory. It was possible to trigger this by user space, from a non-privileged user, just by browsing the right directory entry.
- In the case of the other loops (non FindAttribute()), another issue (other than missing attributes) was present, one would have been able to setup a broken MFT record with an attribute of null-length. This would have caused the driver to loop forever on the attribute list. This could be triggered from usermode too. And could be triggered by a non-privileged user.
This commit introduces a new set of functions for attributes browsing: FindFirstAttribute(), FindNextAttribute(), FindCloseAttribute(). It allows safely browsing attributes and handles broken cases. It also performs reading of the attribute list when present and makes sure there's only one read. This method should be the only one to use to browse the attributes.
The whole NTFS code base has been converted to use this newly set of functions. This really simplifies the implementation of FindAttribute(), and prevent unsafe code duplication.
CORE-10037 #resolve #comment Fixed with r68829
svn path=/trunk/; revision=68829
2015-08-26 18:20:04 +00:00
|
|
|
FileName = GetBestFileNameFromRecord(DeviceExt, FileRecord);
|
2015-06-27 13:40:05 +00:00
|
|
|
if (FileName == NULL)
|
|
|
|
|
{
|
|
|
|
|
DPRINT1("No name information for file ID: %#I64x\n", MFTIndex);
|
2015-06-27 15:06:25 +00:00
|
|
|
NtfsDumpFileAttributes(DeviceExt, FileRecord);
|
2015-06-27 13:40:05 +00:00
|
|
|
return STATUS_OBJECT_NAME_NOT_FOUND;
|
|
|
|
|
}
|
2002-06-25 22:23:06 +00:00
|
|
|
|
[NTFS]
Totally rewrite the way MFT records attributes are handled.
Up to now, we were having really similar loops, only looking at the resident part of the attribute list, not really caring about how the loop was going.
This was leading to some issues:
- In case the attribute we were looking for was stored in the non-resident part of the attribute list, we would miss it (excepted in the case of FindAttribute() which was properly browsing the whole attribute list).
- In the specific case of FindAttribute(), one would have been able to setup a broken MFT record with the resident attribute list pointing on the non resident attribute list which itself would point to the resident attribute list. In such case, the driver would loop forever caught on the loop, allocating tones of memory. It was possible to trigger this by user space, from a non-privileged user, just by browsing the right directory entry.
- In the case of the other loops (non FindAttribute()), another issue (other than missing attributes) was present, one would have been able to setup a broken MFT record with an attribute of null-length. This would have caused the driver to loop forever on the attribute list. This could be triggered from usermode too. And could be triggered by a non-privileged user.
This commit introduces a new set of functions for attributes browsing: FindFirstAttribute(), FindNextAttribute(), FindCloseAttribute(). It allows safely browsing attributes and handles broken cases. It also performs reading of the attribute list when present and makes sure there's only one read. This method should be the only one to use to browse the attributes.
The whole NTFS code base has been converted to use this newly set of functions. This really simplifies the implementation of FindAttribute(), and prevent unsafe code duplication.
CORE-10037 #resolve #comment Fixed with r68829
svn path=/trunk/; revision=68829
2015-08-26 18:20:04 +00:00
|
|
|
StdInfo = GetStandardInformationFromRecord(DeviceExt, FileRecord);
|
2015-01-08 20:28:25 +00:00
|
|
|
ASSERT(StdInfo != NULL);
|
|
|
|
|
|
2014-10-19 16:29:38 +00:00
|
|
|
Length = FileName->NameLength * sizeof (WCHAR);
|
2014-10-15 21:02:05 +00:00
|
|
|
if ((sizeof(FILE_FULL_DIRECTORY_INFORMATION) + Length) > BufferLength)
|
|
|
|
|
return(STATUS_BUFFER_OVERFLOW);
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
Info->FileNameLength = Length;
|
|
|
|
|
Info->NextEntryOffset =
|
|
|
|
|
ROUND_UP(sizeof(FILE_FULL_DIRECTORY_INFORMATION) + Length, sizeof(ULONG));
|
|
|
|
|
RtlCopyMemory(Info->FileName, FileName->Name, Length);
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-19 19:48:52 +00:00
|
|
|
Info->CreationTime.QuadPart = FileName->CreationTime;
|
|
|
|
|
Info->LastAccessTime.QuadPart = FileName->LastAccessTime;
|
|
|
|
|
Info->LastWriteTime.QuadPart = FileName->LastWriteTime;
|
|
|
|
|
Info->ChangeTime.QuadPart = FileName->ChangeTime;
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
/* Convert file flags */
|
2015-01-08 20:28:25 +00:00
|
|
|
NtfsFileFlagsToAttributes(FileName->FileAttributes | StdInfo->FileAttribute, &Info->FileAttributes);
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2015-07-05 20:31:54 +00:00
|
|
|
Info->EndOfFile.QuadPart = NtfsGetFileSize(DeviceExt, FileRecord, L"", 0, (PULONGLONG)&Info->AllocationSize.QuadPart);
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-12-15 21:44:52 +00:00
|
|
|
Info->FileIndex = MFTIndex;
|
2014-10-15 21:02:05 +00:00
|
|
|
Info->EaSize = 0;
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
return STATUS_SUCCESS;
|
2002-06-25 22:23:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static NTSTATUS
|
2014-10-15 21:02:05 +00:00
|
|
|
NtfsGetBothDirectoryInformation(PDEVICE_EXTENSION DeviceExt,
|
|
|
|
|
PFILE_RECORD_HEADER FileRecord,
|
2014-12-15 21:44:52 +00:00
|
|
|
ULONGLONG MFTIndex,
|
2014-10-15 21:02:05 +00:00
|
|
|
PFILE_BOTH_DIR_INFORMATION Info,
|
|
|
|
|
ULONG BufferLength)
|
2002-06-25 22:23:06 +00:00
|
|
|
{
|
2014-10-15 21:02:05 +00:00
|
|
|
ULONG Length;
|
2014-10-26 19:10:39 +00:00
|
|
|
PFILENAME_ATTRIBUTE FileName, ShortFileName;
|
2015-01-08 20:28:25 +00:00
|
|
|
PSTANDARD_INFORMATION StdInfo;
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
DPRINT("NtfsGetBothDirectoryInformation() called\n");
|
2002-06-25 22:23:06 +00:00
|
|
|
|
[NTFS]
Totally rewrite the way MFT records attributes are handled.
Up to now, we were having really similar loops, only looking at the resident part of the attribute list, not really caring about how the loop was going.
This was leading to some issues:
- In case the attribute we were looking for was stored in the non-resident part of the attribute list, we would miss it (excepted in the case of FindAttribute() which was properly browsing the whole attribute list).
- In the specific case of FindAttribute(), one would have been able to setup a broken MFT record with the resident attribute list pointing on the non resident attribute list which itself would point to the resident attribute list. In such case, the driver would loop forever caught on the loop, allocating tones of memory. It was possible to trigger this by user space, from a non-privileged user, just by browsing the right directory entry.
- In the case of the other loops (non FindAttribute()), another issue (other than missing attributes) was present, one would have been able to setup a broken MFT record with an attribute of null-length. This would have caused the driver to loop forever on the attribute list. This could be triggered from usermode too. And could be triggered by a non-privileged user.
This commit introduces a new set of functions for attributes browsing: FindFirstAttribute(), FindNextAttribute(), FindCloseAttribute(). It allows safely browsing attributes and handles broken cases. It also performs reading of the attribute list when present and makes sure there's only one read. This method should be the only one to use to browse the attributes.
The whole NTFS code base has been converted to use this newly set of functions. This really simplifies the implementation of FindAttribute(), and prevent unsafe code duplication.
CORE-10037 #resolve #comment Fixed with r68829
svn path=/trunk/; revision=68829
2015-08-26 18:20:04 +00:00
|
|
|
FileName = GetBestFileNameFromRecord(DeviceExt, FileRecord);
|
2015-06-27 13:40:05 +00:00
|
|
|
if (FileName == NULL)
|
|
|
|
|
{
|
|
|
|
|
DPRINT1("No name information for file ID: %#I64x\n", MFTIndex);
|
2015-06-27 15:06:25 +00:00
|
|
|
NtfsDumpFileAttributes(DeviceExt, FileRecord);
|
2015-06-27 13:40:05 +00:00
|
|
|
return STATUS_OBJECT_NAME_NOT_FOUND;
|
|
|
|
|
}
|
[NTFS]
Totally rewrite the way MFT records attributes are handled.
Up to now, we were having really similar loops, only looking at the resident part of the attribute list, not really caring about how the loop was going.
This was leading to some issues:
- In case the attribute we were looking for was stored in the non-resident part of the attribute list, we would miss it (excepted in the case of FindAttribute() which was properly browsing the whole attribute list).
- In the specific case of FindAttribute(), one would have been able to setup a broken MFT record with the resident attribute list pointing on the non resident attribute list which itself would point to the resident attribute list. In such case, the driver would loop forever caught on the loop, allocating tones of memory. It was possible to trigger this by user space, from a non-privileged user, just by browsing the right directory entry.
- In the case of the other loops (non FindAttribute()), another issue (other than missing attributes) was present, one would have been able to setup a broken MFT record with an attribute of null-length. This would have caused the driver to loop forever on the attribute list. This could be triggered from usermode too. And could be triggered by a non-privileged user.
This commit introduces a new set of functions for attributes browsing: FindFirstAttribute(), FindNextAttribute(), FindCloseAttribute(). It allows safely browsing attributes and handles broken cases. It also performs reading of the attribute list when present and makes sure there's only one read. This method should be the only one to use to browse the attributes.
The whole NTFS code base has been converted to use this newly set of functions. This really simplifies the implementation of FindAttribute(), and prevent unsafe code duplication.
CORE-10037 #resolve #comment Fixed with r68829
svn path=/trunk/; revision=68829
2015-08-26 18:20:04 +00:00
|
|
|
ShortFileName = GetFileNameFromRecord(DeviceExt, FileRecord, NTFS_FILE_NAME_DOS);
|
2002-06-25 22:23:06 +00:00
|
|
|
|
[NTFS]
Totally rewrite the way MFT records attributes are handled.
Up to now, we were having really similar loops, only looking at the resident part of the attribute list, not really caring about how the loop was going.
This was leading to some issues:
- In case the attribute we were looking for was stored in the non-resident part of the attribute list, we would miss it (excepted in the case of FindAttribute() which was properly browsing the whole attribute list).
- In the specific case of FindAttribute(), one would have been able to setup a broken MFT record with the resident attribute list pointing on the non resident attribute list which itself would point to the resident attribute list. In such case, the driver would loop forever caught on the loop, allocating tones of memory. It was possible to trigger this by user space, from a non-privileged user, just by browsing the right directory entry.
- In the case of the other loops (non FindAttribute()), another issue (other than missing attributes) was present, one would have been able to setup a broken MFT record with an attribute of null-length. This would have caused the driver to loop forever on the attribute list. This could be triggered from usermode too. And could be triggered by a non-privileged user.
This commit introduces a new set of functions for attributes browsing: FindFirstAttribute(), FindNextAttribute(), FindCloseAttribute(). It allows safely browsing attributes and handles broken cases. It also performs reading of the attribute list when present and makes sure there's only one read. This method should be the only one to use to browse the attributes.
The whole NTFS code base has been converted to use this newly set of functions. This really simplifies the implementation of FindAttribute(), and prevent unsafe code duplication.
CORE-10037 #resolve #comment Fixed with r68829
svn path=/trunk/; revision=68829
2015-08-26 18:20:04 +00:00
|
|
|
StdInfo = GetStandardInformationFromRecord(DeviceExt, FileRecord);
|
2015-01-08 20:28:25 +00:00
|
|
|
ASSERT(StdInfo != NULL);
|
|
|
|
|
|
2014-10-19 16:29:38 +00:00
|
|
|
Length = FileName->NameLength * sizeof (WCHAR);
|
2014-10-15 21:02:05 +00:00
|
|
|
if ((sizeof(FILE_BOTH_DIR_INFORMATION) + Length) > BufferLength)
|
|
|
|
|
return(STATUS_BUFFER_OVERFLOW);
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
Info->FileNameLength = Length;
|
|
|
|
|
Info->NextEntryOffset =
|
|
|
|
|
ROUND_UP(sizeof(FILE_BOTH_DIR_INFORMATION) + Length, sizeof(ULONG));
|
|
|
|
|
RtlCopyMemory(Info->FileName, FileName->Name, Length);
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-26 19:10:39 +00:00
|
|
|
if (ShortFileName)
|
|
|
|
|
{
|
|
|
|
|
/* Should we upcase the filename? */
|
|
|
|
|
ASSERT(ShortFileName->NameLength <= ARRAYSIZE(Info->ShortName));
|
|
|
|
|
Info->ShortNameLength = ShortFileName->NameLength * sizeof(WCHAR);
|
|
|
|
|
RtlCopyMemory(Info->ShortName, ShortFileName->Name, Info->ShortNameLength);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
Info->ShortName[0] = 0;
|
|
|
|
|
Info->ShortNameLength = 0;
|
|
|
|
|
}
|
|
|
|
|
|
2014-10-19 19:48:52 +00:00
|
|
|
Info->CreationTime.QuadPart = FileName->CreationTime;
|
|
|
|
|
Info->LastAccessTime.QuadPart = FileName->LastAccessTime;
|
|
|
|
|
Info->LastWriteTime.QuadPart = FileName->LastWriteTime;
|
|
|
|
|
Info->ChangeTime.QuadPart = FileName->ChangeTime;
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
/* Convert file flags */
|
2015-01-08 20:28:25 +00:00
|
|
|
NtfsFileFlagsToAttributes(FileName->FileAttributes | StdInfo->FileAttribute, &Info->FileAttributes);
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2015-07-05 20:31:54 +00:00
|
|
|
Info->EndOfFile.QuadPart = NtfsGetFileSize(DeviceExt, FileRecord, L"", 0, (PULONGLONG)&Info->AllocationSize.QuadPart);
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-12-15 21:44:52 +00:00
|
|
|
Info->FileIndex = MFTIndex;
|
2014-10-15 21:02:05 +00:00
|
|
|
Info->EaSize = 0;
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
return STATUS_SUCCESS;
|
2002-06-25 22:23:06 +00:00
|
|
|
}
|
|
|
|
|
|
2013-06-16 12:15:06 +00:00
|
|
|
|
2008-03-09 13:58:25 +00:00
|
|
|
NTSTATUS
|
|
|
|
|
NtfsQueryDirectory(PNTFS_IRP_CONTEXT IrpContext)
|
2002-06-25 22:23:06 +00:00
|
|
|
{
|
2013-06-16 12:15:06 +00:00
|
|
|
PIRP Irp;
|
2014-10-15 21:02:05 +00:00
|
|
|
PDEVICE_OBJECT DeviceObject;
|
|
|
|
|
PDEVICE_EXTENSION DeviceExtension;
|
|
|
|
|
LONG BufferLength = 0;
|
2013-06-16 12:15:06 +00:00
|
|
|
PUNICODE_STRING SearchPattern = NULL;
|
2014-10-15 21:02:05 +00:00
|
|
|
FILE_INFORMATION_CLASS FileInformationClass;
|
2013-06-16 12:15:06 +00:00
|
|
|
ULONG FileIndex = 0;
|
|
|
|
|
PUCHAR Buffer = NULL;
|
|
|
|
|
PFILE_NAMES_INFORMATION Buffer0 = NULL;
|
2014-10-15 21:02:05 +00:00
|
|
|
PNTFS_FCB Fcb;
|
2013-06-16 12:15:06 +00:00
|
|
|
PNTFS_CCB Ccb;
|
|
|
|
|
BOOLEAN First = FALSE;
|
|
|
|
|
PIO_STACK_LOCATION Stack;
|
|
|
|
|
PFILE_OBJECT FileObject;
|
2014-10-15 21:02:05 +00:00
|
|
|
NTSTATUS Status = STATUS_SUCCESS;
|
|
|
|
|
PFILE_RECORD_HEADER FileRecord;
|
2014-11-02 20:18:34 +00:00
|
|
|
ULONGLONG MFTRecord, OldMFTRecord = 0;
|
2014-10-15 21:02:05 +00:00
|
|
|
UNICODE_STRING Pattern;
|
2013-06-16 12:15:06 +00:00
|
|
|
|
|
|
|
|
DPRINT1("NtfsQueryDirectory() called\n");
|
|
|
|
|
|
|
|
|
|
ASSERT(IrpContext);
|
|
|
|
|
Irp = IrpContext->Irp;
|
2014-10-15 21:02:05 +00:00
|
|
|
DeviceObject = IrpContext->DeviceObject;
|
2013-06-16 12:15:06 +00:00
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
DeviceExtension = DeviceObject->DeviceExtension;
|
2013-06-16 12:15:06 +00:00
|
|
|
Stack = IoGetCurrentIrpStackLocation(Irp);
|
|
|
|
|
FileObject = Stack->FileObject;
|
|
|
|
|
|
|
|
|
|
Ccb = (PNTFS_CCB)FileObject->FsContext2;
|
2014-10-15 21:02:05 +00:00
|
|
|
Fcb = (PNTFS_FCB)FileObject->FsContext;
|
2013-06-16 12:15:06 +00:00
|
|
|
|
|
|
|
|
/* Obtain the callers parameters */
|
2014-10-15 21:02:05 +00:00
|
|
|
BufferLength = Stack->Parameters.QueryDirectory.Length;
|
2013-06-16 12:15:06 +00:00
|
|
|
SearchPattern = Stack->Parameters.QueryDirectory.FileName;
|
2014-10-15 21:02:05 +00:00
|
|
|
FileInformationClass = Stack->Parameters.QueryDirectory.FileInformationClass;
|
2013-06-16 12:15:06 +00:00
|
|
|
FileIndex = Stack->Parameters.QueryDirectory.FileIndex;
|
|
|
|
|
|
2016-02-14 22:44:54 +00:00
|
|
|
if (NtfsFCBIsCompressed(Fcb))
|
|
|
|
|
{
|
|
|
|
|
DPRINT1("Compressed directory!\n");
|
|
|
|
|
UNIMPLEMENTED;
|
|
|
|
|
return STATUS_NOT_IMPLEMENTED;
|
|
|
|
|
}
|
|
|
|
|
|
2016-02-23 22:19:38 +00:00
|
|
|
if (!ExAcquireResourceSharedLite(&Fcb->MainResource,
|
|
|
|
|
BooleanFlagOn(IrpContext->Flags, IRPCONTEXT_CANWAIT)))
|
|
|
|
|
{
|
|
|
|
|
return STATUS_PENDING;
|
|
|
|
|
}
|
|
|
|
|
|
2013-06-16 12:15:06 +00:00
|
|
|
if (SearchPattern != NULL)
|
2002-06-25 22:23:06 +00:00
|
|
|
{
|
2013-06-16 12:15:06 +00:00
|
|
|
if (!Ccb->DirectorySearchPattern)
|
|
|
|
|
{
|
|
|
|
|
First = TRUE;
|
2014-11-02 20:18:27 +00:00
|
|
|
Pattern.Length = 0;
|
|
|
|
|
Pattern.MaximumLength = SearchPattern->Length + sizeof(WCHAR);
|
|
|
|
|
Ccb->DirectorySearchPattern = Pattern.Buffer =
|
|
|
|
|
ExAllocatePoolWithTag(NonPagedPool, Pattern.MaximumLength, TAG_NTFS);
|
2013-06-16 12:15:06 +00:00
|
|
|
if (!Ccb->DirectorySearchPattern)
|
|
|
|
|
{
|
2016-02-23 22:19:38 +00:00
|
|
|
ExReleaseResourceLite(&Fcb->MainResource);
|
2013-06-16 12:15:06 +00:00
|
|
|
return STATUS_INSUFFICIENT_RESOURCES;
|
|
|
|
|
}
|
|
|
|
|
|
2014-11-23 15:49:24 +00:00
|
|
|
memcpy(Ccb->DirectorySearchPattern, SearchPattern->Buffer, SearchPattern->Length);
|
2013-06-16 12:15:06 +00:00
|
|
|
Ccb->DirectorySearchPattern[SearchPattern->Length / sizeof(WCHAR)] = 0;
|
|
|
|
|
}
|
2002-06-25 22:23:06 +00:00
|
|
|
}
|
2013-06-16 12:15:06 +00:00
|
|
|
else if (!Ccb->DirectorySearchPattern)
|
2002-06-25 22:23:06 +00:00
|
|
|
{
|
2013-06-16 12:15:06 +00:00
|
|
|
First = TRUE;
|
|
|
|
|
Ccb->DirectorySearchPattern = ExAllocatePoolWithTag(NonPagedPool, 2 * sizeof(WCHAR), TAG_NTFS);
|
|
|
|
|
if (!Ccb->DirectorySearchPattern)
|
|
|
|
|
{
|
2016-02-23 22:19:38 +00:00
|
|
|
ExReleaseResourceLite(&Fcb->MainResource);
|
2013-06-16 12:15:06 +00:00
|
|
|
return STATUS_INSUFFICIENT_RESOURCES;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Ccb->DirectorySearchPattern[0] = L'*';
|
|
|
|
|
Ccb->DirectorySearchPattern[1] = 0;
|
2002-06-25 22:23:06 +00:00
|
|
|
}
|
|
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
RtlInitUnicodeString(&Pattern, Ccb->DirectorySearchPattern);
|
2014-11-02 20:18:27 +00:00
|
|
|
DPRINT("Search pattern '%S'\n", Ccb->DirectorySearchPattern);
|
|
|
|
|
DPRINT("In: '%S'\n", Fcb->PathName);
|
2013-06-16 12:15:06 +00:00
|
|
|
|
|
|
|
|
/* Determine directory index */
|
|
|
|
|
if (Stack->Flags & SL_INDEX_SPECIFIED)
|
|
|
|
|
{
|
|
|
|
|
Ccb->Entry = Ccb->CurrentByteOffset.u.LowPart;
|
|
|
|
|
}
|
|
|
|
|
else if (First || (Stack->Flags & SL_RESTART_SCAN))
|
|
|
|
|
{
|
|
|
|
|
Ccb->Entry = 0;
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-25 17:45:04 +00:00
|
|
|
/* Get Buffer for result */
|
|
|
|
|
Buffer = NtfsGetUserBuffer(Irp, FALSE);
|
2013-06-16 12:15:06 +00:00
|
|
|
|
|
|
|
|
DPRINT("Buffer=%p tofind=%S\n", Buffer, Ccb->DirectorySearchPattern);
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2016-02-25 20:49:31 +00:00
|
|
|
if (!ExAcquireResourceExclusiveLite(&DeviceExtension->DirResource,
|
|
|
|
|
BooleanFlagOn(IrpContext->Flags, IRPCONTEXT_CANWAIT)))
|
|
|
|
|
{
|
|
|
|
|
ExReleaseResourceLite(&Fcb->MainResource);
|
|
|
|
|
return STATUS_PENDING;
|
|
|
|
|
}
|
|
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
while (Status == STATUS_SUCCESS && BufferLength > 0)
|
2002-06-25 22:23:06 +00:00
|
|
|
{
|
2014-10-15 21:02:05 +00:00
|
|
|
Status = NtfsFindFileAt(DeviceExtension,
|
|
|
|
|
&Pattern,
|
|
|
|
|
&Ccb->Entry,
|
|
|
|
|
&FileRecord,
|
|
|
|
|
&MFTRecord,
|
2017-06-24 04:36:28 +00:00
|
|
|
Fcb->MFTIndex,
|
|
|
|
|
(Stack->Flags & SL_CASE_SENSITIVE));
|
2014-10-15 21:02:05 +00:00
|
|
|
|
|
|
|
|
if (NT_SUCCESS(Status))
|
|
|
|
|
{
|
2014-11-02 20:18:34 +00:00
|
|
|
/* HACK: files with both a short name and a long name are present twice in the index.
|
|
|
|
|
* Ignore the second entry, if it is immediately following the first one.
|
|
|
|
|
*/
|
|
|
|
|
if (MFTRecord == OldMFTRecord)
|
|
|
|
|
{
|
2015-07-05 19:04:05 +00:00
|
|
|
DPRINT1("Ignoring duplicate MFT entry 0x%x\n", MFTRecord);
|
2014-11-02 20:18:34 +00:00
|
|
|
Ccb->Entry++;
|
|
|
|
|
ExFreePoolWithTag(FileRecord, TAG_NTFS);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
OldMFTRecord = MFTRecord;
|
|
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
switch (FileInformationClass)
|
|
|
|
|
{
|
|
|
|
|
case FileNameInformation:
|
|
|
|
|
Status = NtfsGetNameInformation(DeviceExtension,
|
|
|
|
|
FileRecord,
|
2015-06-27 13:40:05 +00:00
|
|
|
MFTRecord,
|
2014-10-15 21:02:05 +00:00
|
|
|
(PFILE_NAMES_INFORMATION)Buffer,
|
|
|
|
|
BufferLength);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case FileDirectoryInformation:
|
|
|
|
|
Status = NtfsGetDirectoryInformation(DeviceExtension,
|
|
|
|
|
FileRecord,
|
2015-01-08 20:29:04 +00:00
|
|
|
MFTRecord,
|
2014-10-15 21:02:05 +00:00
|
|
|
(PFILE_DIRECTORY_INFORMATION)Buffer,
|
|
|
|
|
BufferLength);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case FileFullDirectoryInformation:
|
|
|
|
|
Status = NtfsGetFullDirectoryInformation(DeviceExtension,
|
|
|
|
|
FileRecord,
|
2014-12-15 21:44:52 +00:00
|
|
|
MFTRecord,
|
2014-10-15 21:02:05 +00:00
|
|
|
(PFILE_FULL_DIRECTORY_INFORMATION)Buffer,
|
|
|
|
|
BufferLength);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case FileBothDirectoryInformation:
|
|
|
|
|
Status = NtfsGetBothDirectoryInformation(DeviceExtension,
|
|
|
|
|
FileRecord,
|
2014-12-15 21:44:52 +00:00
|
|
|
MFTRecord,
|
2014-10-15 21:02:05 +00:00
|
|
|
(PFILE_BOTH_DIR_INFORMATION)Buffer,
|
|
|
|
|
BufferLength);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
Status = STATUS_INVALID_INFO_CLASS;
|
|
|
|
|
}
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
if (Status == STATUS_BUFFER_OVERFLOW)
|
|
|
|
|
{
|
|
|
|
|
if (Buffer0)
|
|
|
|
|
{
|
|
|
|
|
Buffer0->NextEntryOffset = 0;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
if (Buffer0)
|
|
|
|
|
{
|
|
|
|
|
Buffer0->NextEntryOffset = 0;
|
|
|
|
|
}
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
if (First)
|
|
|
|
|
{
|
|
|
|
|
Status = STATUS_NO_SUCH_FILE;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
Status = STATUS_NO_MORE_FILES;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
}
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
Buffer0 = (PFILE_NAMES_INFORMATION)Buffer;
|
|
|
|
|
Buffer0->FileIndex = FileIndex++;
|
|
|
|
|
Ccb->Entry++;
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
if (Stack->Flags & SL_RETURN_SINGLE_ENTRY)
|
|
|
|
|
{
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
BufferLength -= Buffer0->NextEntryOffset;
|
|
|
|
|
Buffer += Buffer0->NextEntryOffset;
|
|
|
|
|
ExFreePoolWithTag(FileRecord, TAG_NTFS);
|
2002-06-25 22:23:06 +00:00
|
|
|
}
|
|
|
|
|
|
2013-06-16 12:15:06 +00:00
|
|
|
if (Buffer0)
|
|
|
|
|
{
|
|
|
|
|
Buffer0->NextEntryOffset = 0;
|
|
|
|
|
}
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2016-02-25 20:49:31 +00:00
|
|
|
ExReleaseResourceLite(&DeviceExtension->DirResource);
|
2016-02-23 22:19:38 +00:00
|
|
|
ExReleaseResourceLite(&Fcb->MainResource);
|
|
|
|
|
|
2013-06-16 12:15:06 +00:00
|
|
|
if (FileIndex > 0)
|
|
|
|
|
{
|
2014-10-15 21:02:05 +00:00
|
|
|
Status = STATUS_SUCCESS;
|
2013-06-16 12:15:06 +00:00
|
|
|
}
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2014-10-15 21:02:05 +00:00
|
|
|
return Status;
|
2002-06-25 22:23:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2013-06-16 12:15:06 +00:00
|
|
|
NTSTATUS
|
2015-05-10 10:17:29 +00:00
|
|
|
NtfsDirectoryControl(PNTFS_IRP_CONTEXT IrpContext)
|
2002-06-25 22:23:06 +00:00
|
|
|
{
|
2013-06-16 12:15:06 +00:00
|
|
|
NTSTATUS Status = STATUS_UNSUCCESSFUL;
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2013-06-16 12:15:06 +00:00
|
|
|
DPRINT1("NtfsDirectoryControl() called\n");
|
2002-06-25 22:23:06 +00:00
|
|
|
|
2015-05-10 10:17:29 +00:00
|
|
|
switch (IrpContext->MinorFunction)
|
2008-03-09 13:58:25 +00:00
|
|
|
{
|
2015-05-10 10:17:29 +00:00
|
|
|
case IRP_MN_QUERY_DIRECTORY:
|
|
|
|
|
Status = NtfsQueryDirectory(IrpContext);
|
|
|
|
|
break;
|
2013-06-16 12:15:06 +00:00
|
|
|
|
2015-05-10 10:17:29 +00:00
|
|
|
case IRP_MN_NOTIFY_CHANGE_DIRECTORY:
|
|
|
|
|
DPRINT1("IRP_MN_NOTIFY_CHANGE_DIRECTORY\n");
|
|
|
|
|
Status = STATUS_NOT_IMPLEMENTED;
|
|
|
|
|
break;
|
2013-06-16 12:15:06 +00:00
|
|
|
|
2015-05-10 10:17:29 +00:00
|
|
|
default:
|
|
|
|
|
Status = STATUS_INVALID_DEVICE_REQUEST;
|
|
|
|
|
break;
|
2008-03-09 13:58:25 +00:00
|
|
|
}
|
2013-06-16 12:15:06 +00:00
|
|
|
|
2016-02-24 07:54:20 +00:00
|
|
|
if (Status == STATUS_PENDING && IrpContext->Flags & IRPCONTEXT_COMPLETE)
|
|
|
|
|
{
|
|
|
|
|
return NtfsMarkIrpContextForQueue(IrpContext);
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-10 10:17:29 +00:00
|
|
|
IrpContext->Irp->IoStatus.Information = 0;
|
2013-06-16 12:15:06 +00:00
|
|
|
|
|
|
|
|
return Status;
|
2002-06-25 22:23:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* EOF */
|