Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results

Before Posting...
Please check out the Community Guidelines in the Announcements and Administration Category.

Paging I/O is increasing EOF for file ,thereby making it corrupted.

Pooja_BansalPooja_Bansal Member - All Emails Posts: 44

Hi All,

I am working on minifilter based Encryption file system driver.I am facing an issue w.r.t. file corruption.

Through filetest.exe ,I do following operations
1. Create file on NAS share with FILE_FLAG_NO_BUFFERING flag, WriteFile of 1536 bytes, CloseHandle.
2. Truncate file from 1536 to 1303 bytes.(CreateFile for same file with FILE_FLAG_NO_BUFFERING flag, SetEOF to 1303, CloseHandle)
3. Truncate file from 1303 to 1287bytes.(CreateFile for same file with FILE_FLAG_NO_BUFFERING flag, SetEOF to 1287, CloseHandle)

Now, If i check the content of file, then till 1287 bytes file data is OK. But from 1288th byte to 1536th byte, junk is filled.
Expected result is file should have been truncated to 1287 bytes.

I see EndOfFile is 1536 bytes(Query FILE_STANDARD_INFORMATION)

Through Procmon, I see that Bit defender is doing memory mapped operations on same file.After each truncate operation on file , there is a paging write followed by Set EOF .

Now the problem is FltWriteFile for paging I/O write returns Byteswritten as 1536 (instead of 1303 in 2nd step and 1287 in 3rd step), which seems like paging write is extending EOF in this case.

I have read at many places in OSR links as Paging I/O write cannot extend beyond EOF. I might be lagging something in my understanding wr.t. paging I/O writes.

Can anyone help me to understand why file size is getting extended??

Any help is highly appreciated..Thanks in Advance.

Comments

Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Upcoming OSR Seminars
Writing WDF Drivers 21 Oct 2019 OSR Seminar Space & ONLINE
Internals & Software Drivers 18 Nov 2019 Dulles, VA
Kernel Debugging 30 Mar 2020 OSR Seminar Space
Developing Minifilters 27 Apr 2020 OSR Seminar Space & ONLINE