h->Length + sizeof(wchar_t));
RtlCopyMemory(ByteDosPathBuffer, pNtPath->Buffer, pNtPath->Length);
RtlCopyMemory(ByteNtPathBuffer, pNtPath->Buffer, pNtPath->Length);
DosPath.ByteBuffer.Buffer = ByteDosPathBuffer;
DosPath.ByteBuffer.StaticBuffer = ByteNtPathBuffer;
DosPath.String.Buffer = pNtPath->Buffer;
DosPath.String.Length = pNtPath->Length;
DosPath.String.MaximumLength = pNtPath->Length;
DosPath.ByteBuffer.Size = pNtPath->Length;
DosPath.ByteBuffer.StaticSize = pNtPath->Length;
Status = RtlNtPathNameToDosPathName(0, &DosPath, NULL, NULL);
if (NT_SUCCESS(Status))
{
if (_wcsnicmp(pNtPath->Buffer, ByteDosPathBuffer, pNtPath->Length) == 0)
{
Status = STATUS_UNSUCCESSFUL;
}
else
{
RtlCopyMemory(pszDosPath, ByteDosPathBuffer, wcslen(ByteDosPathBuffer) * sizeof(wchar_t));
}
}
else
{
//wprintf(L"GetLastError=%i\n", pRtlNtStatusToDosError(Status));
Status = STATUS_UNSUCCESSFUL;
}
SafeDeleteArraySize(ByteDosPathBuffer);
SafeDeleteArraySize(ByteNtPathBuffer);
return Status;
}
//\\Device\\HarddiskVolume1\x86.sys c:\x86.sys
BOOL DeviceDosPathToNtPath(wchar_t* pszDosPath, wchar_t* pszNtPath)
{
static TCHAR szDriveStr[MAX_PATH] = { 0 };
static TCHAR szDevName[MAX_PATH] = { 0 };
TCHAR szDrive[3];
INT cchDevName;
INT i;
//检查参数
if (IsBadReadPtr(pszDosPath, 1) != 0)return FALSE;
if (IsBadWritePtr(pszNtPath, 1) != 0)return FALSE;
//获取本地磁盘字符串
ZeroMemory(szDriveStr, ARRAYSIZE(szDriveStr));
ZeroMemory(szDevName, ARRAYSIZE(szDevName));
if (GetLogicalDriveStrings(sizeof(szDriveStr), szDriveStr))
{
for (i = 0; szDriveStr[i]; i += 4)
{
if (!lstrcmpi(&(szDriveStr[i]), _T("A:\\")) || !lstrcmpi(&(szDriveStr[i]), _T("B:\\")))
continue;
szDrive[0] = szDriveStr[i];
szDrive[1] = szDriveStr[i + 1];
szDrive[2] = '\0';
if (!QueryDosDevice(szDrive, szDevName, MAX_PATH))//查询 Dos 设备名
return FALSE;
cchDevName = lstrlen(szDevName);
if (_tcsnicmp(pszDosPath, szDevName, cchDevName) == 0)//命中
{
lstrcpy(pszNtPath, szDrive);//复制驱动器
lstrcat(pszNtPath, pszDosPath + cchDevName);//复制路径
return TRUE;
}
}
}
lstrcpy(pszNtPath, pszDosPath);
return FALSE;
}
NTSTATUS RtlInitUnicodeString(OUT PUNICODE_STRING DestinationString, IN PCWSTR SourceString)
{
#define ARGUMENT_PRESENT(ArgumentPointer) (\
(CHAR *)((ULONG_PTR)(ArgumentPointer)) != (CHAR *)(NULL) )
SIZE_T Length;
DestinationString->Length = 0;
DestinationString->MaximumLength = 0;
DestinationString->Buffer = (PWSTR)SourceString;
if (ARGUMENT_PRESENT(SourceString))
{
Length = wcslen(SourceString);
// We are actually limited to 32765 characters since we want to store a meaningful
// MaximumLength also.
if (Length > (UNICODE_STRING_MAX_CHARS - 1)) {
return STATUS_NAME_TOO_LONG;
}
Length *= sizeof(WCHAR);
DestinationString->Length = (USHORT)Length;
DestinationString->MaximumLength = (USHORT)(Length + sizeof(WCHAR));
}
return STATUS_SUCCESS;
}
int main()
{
NTSTATUS status;
wchar_t szWindowsDirectory[MAX_PATH] = { 0 };
wchar_t DosPathBuffer[MAX_PATH] = { 0 };
wchar_t szNtPath[MAX_PATH] = { 0 };
UNICOD |