📄 devfcb.c
字号:
thisEa->NextEntryOffset = ((PBYTE) valuePtr + thisEa->EaValueLength ) -
(PBYTE) thisEa;
// Set the password EA
thisEa = (PFILE_FULL_EA_INFORMATION) ((PBYTE) thisEa + thisEa->NextEntryOffset);
thisEa->Flags = 0;
thisEa->EaNameLength = sizeof("Password");
RtlCopyMemory( thisEa->EaName, "Password\0", thisEa->EaNameLength + 1 );
valuePtr = (PBYTE) thisEa->EaName + thisEa->EaNameLength + 1;
//thisEa->EaNameLength--; // don't include the null in the EaName length
thisEa->EaValueLength = sizeof(WCHAR);
RtlCopyMemory( valuePtr, L"\0", thisEa->EaValueLength );
thisEa->NextEntryOffset = ((PBYTE) valuePtr + thisEa->EaValueLength ) -
(PBYTE) thisEa;
// Set the domain EA
thisEa = (PFILE_FULL_EA_INFORMATION) ((PBYTE) thisEa + thisEa->NextEntryOffset);
thisEa->Flags = 0;
thisEa->EaNameLength = sizeof("Domain");
RtlCopyMemory( thisEa->EaName, "Domain\0", thisEa->EaNameLength + 1 );
valuePtr = (PBYTE) thisEa->EaName + thisEa->EaNameLength + 1;
//thisEa->EaNameLength--; // don't include the null in the EaName length
thisEa->EaValueLength = sizeof(L"WORKGROUP");
RtlCopyMemory( valuePtr, L"WORKGROUP", thisEa->EaValueLength );
thisEa->NextEntryOffset = 0;
return ((PBYTE) valuePtr + thisEa->EaValueLength) - (PBYTE) EaPtr;
}
#endif
NTSTATUS
GetConnectionHandle(
IN PUNICODE_STRING ConnectionName,
PVOID EaBuffer,
ULONG EaLength,
PHANDLE Handle )
{
NTSTATUS Status;
IO_STATUS_BLOCK IoStatusBlock;
OBJECT_ATTRIBUTES ObjectAttributes;
UNICODE_STRING FileName;
InitializeObjectAttributes(
&ObjectAttributes,
ConnectionName,
OBJ_CASE_INSENSITIVE,
NULL,
NULL);
Status = ZwCreateFile(
Handle,
SYNCHRONIZE,
&ObjectAttributes,
&IoStatusBlock,
NULL,
FILE_ATTRIBUTE_NORMAL,
FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
FILE_OPEN_IF,
FILE_CREATE_TREE_CONNECTION | FILE_SYNCHRONOUS_IO_NONALERT,
EaBuffer,
EaLength);
DbgPrint("ZwCreateFile returned %lx\n",Status);
if ( Status == STATUS_SUCCESS )
{
if ( *Handle != INVALID_HANDLE_VALUE ){
DbgPrint("ZwCreateFile returned success\n");
} else {
DbgPrint("ZwCreateFile failed\n");
}
}
return Status;
}
NTSTATUS
MRxSmbCreateConnection (
IN PRX_CONTEXT RxContext,
OUT PBOOLEAN PostToFsp
)
/*++
Routine Description:
Arguments:
IN PRX_CONTEXT RxContext - Describes the Fsctl and Context
Return Value:
RXSTATUS
--*/
{
NTSTATUS Status = STATUS_SUCCESS;
PLOWIO_CONTEXT LowIoContext = &RxContext->LowIoContext;
ULONG InBufferLength = LowIoContext->ParamsFor.IoCtl.InputBufferLength;
PBYTE InBuffer = LowIoContext->ParamsFor.IoCtl.pInputBuffer;
BOOLEAN Wait = BooleanFlagOn(RxContext->Flags, RX_CONTEXT_FLAG_WAIT);
BOOLEAN InFSD = !BooleanFlagOn(RxContext->Flags, RX_CONTEXT_FLAG_IN_FSP);
PAGED_CODE();
RxDbgTrace(+1, Dbg, ("MRxSmbCreateConnection - entry\n"));
if (!Wait) {
//just post right now!
*PostToFsp = TRUE;
return(STATUS_PENDING);
}
Status = STATUS_INVALID_PARAMETER;
try {
PSMBMRX_CONNECTINFO ConnectInfo;
UNICODE_STRING ConnectionName;
PBYTE EaBuffer;
ULONG EaLength;
ULONG Validator;
ULONG CompareLength;
HANDLE Handle;
if ( InBufferLength >= sizeof( PSMBMRX_CONNECTINFO ) )
{
ConnectInfo = (PSMBMRX_CONNECTINFO) InBuffer;
if (((ULONG)(FIELD_OFFSET(SMBMRX_CONNECTINFO, InfoArea)) + (USHORT)ConnectInfo->ConnectionNameOffset +
(USHORT)ConnectInfo->ConnectionNameLength <= InBufferLength) &&
((ULONG)(FIELD_OFFSET(SMBMRX_CONNECTINFO, InfoArea)) + (USHORT)ConnectInfo->EaDataOffset +
(USHORT)ConnectInfo->EaDataLength <= InBufferLength))
{
ConnectionName.Buffer = (PWCHAR) ((PBYTE) ConnectInfo->InfoArea +
ConnectInfo->ConnectionNameOffset);
ConnectionName.Length = (USHORT) ConnectInfo->ConnectionNameLength;
ConnectionName.MaximumLength = (USHORT) ConnectInfo->ConnectionNameLength;
EaLength = ConnectInfo->EaDataLength;
EaBuffer = ( EaLength > 0 ) ?
ConnectInfo->InfoArea + ConnectInfo->EaDataOffset : NULL;
// Validate the connection name. The name must start with our device name.
// We can't allow a create on some rogue pathname outside our device
CompareLength = sizeof(DD_SMBMRX_FS_DEVICE_NAME_U);
CompareLength -= ( CompareLength > 0 ) ? sizeof(WCHAR) : 0;
CompareLength = min( CompareLength, ConnectionName.Length );
Validator = (ULONG) RtlCompareMemory( ConnectionName.Buffer, DD_SMBMRX_FS_DEVICE_NAME_U,
CompareLength );
if ( Validator == CompareLength )
{
Status = GetConnectionHandle( &ConnectionName, EaBuffer, EaLength, &Handle );
if ( Status == STATUS_SUCCESS )
{
if ( Handle != INVALID_HANDLE_VALUE )
{
ZwClose( Handle );
}
else
{
Status = STATUS_BAD_NETWORK_NAME;
}
}
}
else
{
Status = STATUS_OBJECT_PATH_NOT_FOUND;
}
}
}
try_return(Status);
try_exit:NOTHING;
} finally {
RxDbgTrace(0, Dbg, ("MRxSmbCreateConnection - exit Status = %08lx\n", Status));
RxDbgTraceUnIndent(-1,Dbg);
}
return Status;
}
NTSTATUS
MRxSmbDeleteConnection (
IN PRX_CONTEXT RxContext,
OUT PBOOLEAN PostToFsp
)
/*++
Routine Description:
Arguments:
IN PRX_CONTEXT RxContext - Describes the Fsctl and Context
Return Value:
RXSTATUS
--*/
{
NTSTATUS Status = STATUS_SUCCESS;
PLOWIO_CONTEXT LowIoContext = &RxContext->LowIoContext;
ULONG InBufferLength = LowIoContext->ParamsFor.IoCtl.InputBufferLength;
PBYTE InBuffer = LowIoContext->ParamsFor.IoCtl.pInputBuffer;
BOOLEAN Wait = BooleanFlagOn(RxContext->Flags, RX_CONTEXT_FLAG_WAIT);
BOOLEAN InFSD = !BooleanFlagOn(RxContext->Flags, RX_CONTEXT_FLAG_IN_FSP);
PV_NET_ROOT VNetRoot;
PFILE_OBJECT pFileObject;
PAGED_CODE();
RxDbgTrace(+1, Dbg, ("MRxSmbDeleteConnection - entry\n"));
if (!Wait) {
//just post right now!
*PostToFsp = TRUE;
return(STATUS_PENDING);
}
Status = STATUS_INVALID_PARAMETER;
try {
PSMBMRX_CONNECTINFO ConnectInfo;
UNICODE_STRING ConnectionName;
PBYTE EaBuffer;
ULONG EaLength;
ULONG Validator;
ULONG CompareLength;
HANDLE Handle;
if ( InBufferLength >= sizeof( PSMBMRX_CONNECTINFO ) )
{
ConnectInfo = (PSMBMRX_CONNECTINFO) InBuffer;
if (((ULONG)(FIELD_OFFSET(SMBMRX_CONNECTINFO, InfoArea)) + (USHORT)ConnectInfo->ConnectionNameOffset +
(USHORT)ConnectInfo->ConnectionNameLength <= InBufferLength) &&
((ULONG)(FIELD_OFFSET(SMBMRX_CONNECTINFO, InfoArea)) + (USHORT)ConnectInfo->EaDataOffset +
(USHORT)ConnectInfo->EaDataLength <= InBufferLength))
{
ConnectionName.Buffer = (PWCHAR) ((PBYTE) ConnectInfo->InfoArea +
ConnectInfo->ConnectionNameOffset);
ConnectionName.Length = (USHORT) ConnectInfo->ConnectionNameLength;
ConnectionName.MaximumLength = (USHORT) ConnectInfo->ConnectionNameLength;
EaLength = ConnectInfo->EaDataLength;
EaBuffer = ( EaLength > 0 ) ?
ConnectInfo->InfoArea + ConnectInfo->EaDataOffset : NULL;
// Validate the connection name. The name must start with our device name.
// We can't allow a create on some rogue pathname outside our device
CompareLength = sizeof(DD_SMBMRX_FS_DEVICE_NAME_U);
CompareLength -= ( CompareLength > 0 ) ? sizeof(WCHAR) : 0;
CompareLength = min( CompareLength, ConnectionName.Length );
Validator = (ULONG) RtlCompareMemory( ConnectionName.Buffer, DD_SMBMRX_FS_DEVICE_NAME_U,
CompareLength );
if ( Validator == CompareLength )
{
Status = GetConnectionHandle( &ConnectionName, EaBuffer, EaLength, &Handle );
if ( Status == STATUS_SUCCESS )
{
if ( Handle != INVALID_HANDLE_VALUE )
{
Status = ObReferenceObjectByHandle( Handle,
0L,
NULL,
KernelMode,
(PVOID *)&pFileObject,
NULL );
if ( NT_SUCCESS(Status) )
{
// VNetRoot exists as FOBx in the FsContext2
VNetRoot = (PV_NET_ROOT) pFileObject->FsContext2;
// make sure the node looks right
if (NodeType(VNetRoot) == RDBSS_NTC_V_NETROOT)
{
RxDbgTrace(-1, Dbg, ("MRxSmbDeleteConnection - Calling RxFinalizeConnection"));
Status = RxFinalizeConnection(VNetRoot->NetRoot, VNetRoot, TRUE);
}
else
{
Status = STATUS_BAD_NETWORK_NAME;
}
ObDereferenceObject(pFileObject);
}
ZwClose(Handle);
}
else
{
Status = STATUS_BAD_NETWORK_NAME;
}
}
}
else
{
Status =STATUS_OBJECT_PATH_NOT_FOUND;
}
}
}
try_return(Status);
try_exit:NOTHING;
} finally {
RxDbgTrace(0, Dbg, ("MRxSmbDeleteConnection - exit Status = %08lx\n", Status));
RxDbgTraceUnIndent(-1,Dbg);
}
return Status;
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -