菜鸟问题：ZwReadFile无法成功读取文件内容

hzhanhai · 发表于2009-12-31 15:30

菜鸟问题：ZwReadFile无法成功读取文件内容 [复制链接]

刚开始学的驱动程序，写了一个读文件测试函数，内容如下：

VOID ReadFileTest()
{
OBJECT_ATTRIBUTES objectAttributes;
IO_STATUS_BLOCK ioStatus;
HANDLE hFile;
UNICODE_STRING FileName;

//intialize unicode string
RtlInitUnicodeString(&FileName,
L"\\??\\D:\\1.log");
//Or: \\Device\\HarddiskVolume2\\1.log

//intialize object attributes
InitializeObjectAttributes(&objectAttributes,
&FileName,
OBJ_CASE_INSENSITIVE,
NULL,
NULL);

//create file
NTSTATUS ntStatus = ZwCreateFile(&hFile,
GENERIC_READ | GENERIC_WRITE,
&objectAttributes,
&ioStatus,
NULL,
FILE_ATTRIBUTE_NORMAL,
FILE_SHARE_READ,
FILE_OPEN_IF, //an important para
FILE_SYNCHRONOUS_IO_NONALERT,
NULL,
0);
if(!NT_SUCCESS(ntStatus))
{
KdPrint(("Create file unsuccessfully"));
}
//operations on file
//Write file
#define BUFFER_SIZE 1024
PUCHAR pBuffer = (PUCHAR)ExAllocatePool(PagedPool, BUFFER_SIZE);
RtlFillMemory(pBuffer, BUFFER_SIZE, 0X30);

KdPrint(("The program will write bytes: %d\n", BUFFER_SIZE));
ntStatus = ZwWriteFile(hFile, NULL, NULL, NULL, &ioStatus,
pBuffer, BUFFER_SIZE, NULL, NULL);
if(!NT_SUCCESS(ntStatus))
{
KdPrint(("Write file unsuccessfully\n"));
}
KdPrint(("The program really writes bytes: %d\n", ioStatus.Information));
//Query file length
FILE_STANDARD_INFORMATION fsi;
ntStatus = ZwQueryInformationFile(hFile,
&ioStatus,
&fsi,
sizeof(FILE_STANDARD_INFORMATION),
FileStandardInformation);
if(!NT_SUCCESS(ntStatus))
{
KdPrint(("Query file unsuccessfully\n"));
}
KdPrint(("The program will read bytes: %d\n", fsi.EndOfFile.QuadPart));
//allocate pool for file which is to be read
PUCHAR pBuffer2 = (PUCHAR)ExAllocatePool(PagedPool, (LONG)fsi.EndOfFile.QuadPart);
//read file
ntStatus = ZwReadFile(hFile, NULL, NULL, NULL, &ioStatus,
pBuffer2, (LONG)fsi.EndOfFile.QuadPart, 0, NULL);
if(!NT_SUCCESS(ntStatus))
{
//if sataus == STATUS_END_OF_FILE, the file has reached the end.
if(ntStatus == STATUS_END_OF_FILE)
{
KdPrint(("Error: %x\n", ntStatus));
}
}
else
{
KdPrint(("The program really reads bytes: %d\n", ioStatus.Information));
}
//Free the pools
ExFreePool(pBuffer);
ExFreePool(pBuffer2);
//close file handle
ZwClose(hFile);
}

调试信息如下：
Enter DriverEntry
The program will write bytes: 1024
The program really writes bytes: 1024
The program will read bytes: 1024
Error: c0000011
Leave DriverEntry

查看自己的代码多次，并没有发现什么问题。。。
文件成功创建并写入，，为何还是没法将内容读到Buffer2里？？而却返回STATUS_END_OF_FILE？？

分不多。。。请各位高手不吝帮帮忙哈~~谢谢了~~

youliam · 发表于2009-12-31 16:39

要注意
1、读之前要把指针移动到文件开头
2、文件句柄要正确
3、读之前可正确打开文件夹

liaorentai · 发表于2009-12-31 22:29

的确，如你所说，在写入文件了以后我没有更新文件指针：
ZwWriteFile updates the current file position by adding the number of bytes written when it completes the write operation, if it is using the current file position maintained by the I/O Manager.

加入如下代码就可以了：
FILE_POSITION_INFORMATION fpi;
fpi.CurrentByteOffset.QuadPart = 0i64;
ntStatus = ZwSetInformationFile(hFile, &ioStatus, &fpi,
sizeof(FILE_POSITION_INFORMATION),
FilePositionInformation);
if(!NT_SUCCESS(ntStatus))
{
KdPrint(("Set file pointer unsuccessfully\n"));
KdPrint(("Error: %x\n", ntStatus));
}
else
{
KdPrint(("Set file pointer successfully\n"));
}

ydq850524 · 发表于2009-12-31 22:42

谢谢提醒了！！！分给你吧~

菜鸟问题：ZwReadFile无法成功读取文件内容 [复制链接]

最新回复