:IRJ_MJ_SET_INFORMATION related query

NTFSD
1

I think the answer is PreviousMode.
You previous mode is UserMode. The IoCreateFile does not change the previous
mode( opposite to ZwCreateFile ). Object name, handle and status block are
all from the kernel mode buffers or kernel mode stack, so the parameter
checking returns Error( c0000005 ), because for system it looks like an
attempt to crash the system from the user mode.
There are two solutions

  • Call IoCreateFile in a system thread( where PreviousMode is always
    KernelMode )
  • Set IO_NO_PARAMETER_CHECKING flag( documented in IFSDK ), this avert the
    parameters validation.

P.S. I think FILE_NON_DIRECTORY_FILE may prevent to open the target
directory.

“rahul naik” wrote in message news:xxxxx@ntfsd…
> Hi,
>
> i m trying to open target directory nbut it is giving
> error c0000005
> status = IoCreateFile( &trg_dir_handle, GENERIC_WRITE,
> &object, &io_status, NULL, 0,
> FILE_SHARE_READ | FILE_SHARE_WRITE, FILE_OPEN,
> FILE_NON_DIRECTORY_FILE,
> NULL, 0, CreateFileTypeNone, NULL,
> IO_OPEN_TARGET_DIRECTORY );
>
> Thanks,
> Rahul
>
> — Slava Imameyev wrote:
>
>> Use IoCreateFile( … , IO_OPEN_TARGET_DIRECTORY
>> ) instead ZwCreateFile.
>> IoCreateFile is documented in the WDK( and in the
>> IFSDK ).
>>
>> “rahul naik” wrote in
>> message news:xxxxx@ntfsd…
>> > Hi,
>> >
>> > i made changes as per ur suggestion but i m still
>> > getting error c0000033.
>> >
>> > i also tried with RootDirectory field in
>> > FILE_RENAME_INFORMATION structure but it renames
>> the
>> > file into source directory instead of target
>> > directory. I am passing handle of target directory
>> in
>> > link_info->RootDirectory and link_info->FileName
>> as
>> > “0.tmp”
>> >
>> > DWORD HoldFileBack( PDEVICE_OBJECT next_device,
>> > PFILE_OBJECT file_obj )
>> > {
>> > PFILE_RENAME_INFORMATION link_info = NULL;
>> > NTSTATUS status;
>> > UNICODE_STRING obj_name;
>> > OBJECT_ATTRIBUTES object;
>> > IO_STATUS_BLOCK io_status;
>> > HANDLE trg_dir_handle;
>> > PFILE_OBJECT trg_file_obj;
>> >
>> > //allocate memory for link_info
>> > link_info = ExAllocatePool( NonPagedPool, sizeof(
>> > FILE_RENAME_INFORMATION )
>> > + MAX_FILENAME_LENGTH );
>> > if( NULL == link_info )
>> > {
>> > DbgPrint( “No memory for Link_info\n” );
>> > return 1;
>> > }
>> >
>> > memset( link_info, 0, sizeof(
>> FILE_RENAME_INFORMATION
>> > ) + MAX_FILENAME_LENGTH );
>> >
>> > //create link filename
>> > wcscpy( link_info->FileName, L"\??\C:\hlink" );
>> > RtlInitUnicodeString( &obj_name,
>> link_info->FileName
>> > );
>> >
>> >
>>
> InitializeObjectAttributes(&object,&obj_name,OBJ_KERNEL_HANDLE
>> > ,NULL,NULL);
>> > status = ZwCreateFile( &trg_dir_handle,
>> > GENERIC_WRITE, &object, &io_status, NULL, 0,
>> > FILE_SHARE_READ | FILE_SHARE_WRITE, FILE_OPEN,
>> > FILE_DIRECTORY_FILE,
>> > NULL, 0 );
>> > if ( status != STATUS_SUCCESS )
>> > {
>> > DbgPrint( “Error Opening target directory\n” );
>> > return 1;
>> > }
>> >
>> > status = ObReferenceObjectByHandle(
>> trg_dir_handle,
>> > GENERIC_WRITE, NULL,
>> > KernelMode, (PVOID*)&trg_file_obj,
>> > NULL );
>> > if ( status != STATUS_SUCCESS )
>> > {
>> > DbgPrint( “Error Opening target directory\n” );
>> > ZwClose( trg_dir_handle );
>> > return 1;
>> > }
>> >
>> > wcscpy( link_info->FileName,
>> > L"\??\C:\hlink\0.tmp" );
>> > link_info->FileNameLength = wcslen(
>> > link_info->FileName ) * 2;
>> >
>> > //now pass the rename irp down
>> > status = SetFileInfo( next_device, file_obj,
>> > trg_file_obj, link_info,
>> > sizeof( FILE_RENAME_INFORMATION ) +
>> > link_info->FileNameLength,
>> > FileRenameInformation, NULL );
>> > if( status != STATUS_SUCCESS )
>> > {
>> > DbgPrint( “rename Failed\n” );
>> > ExFreePool( link_info );
>> > return 1;
>> > }
>> > ExFreePool( link_info );
>> >
>> > return 0;
>> > }
>> >
>> > — Slava Imameyev wrote:
>> >
>> >> This request must contain the valid
>> >> Parameters.SetFile.FileObject, this
>> >> FileObject is created by the system which calls
>> >> IoCreateFile(
>> >> FILE_RENAME_INFORMATION->FileName ). The FSD uses
>> >> Parameters.SetFile.FileObject instead the fully
>> >> qualified file name. If
>> >> Parameters.SetFile.FileObject is NULL then this
>> is a
>> >> relative rename.
>> >
>> >
>> >
>> >
>> > Do You Yahoo!?
>> > Tired of spam? Yahoo! Mail has the best spam
>> protection around
>> > http://mail.yahoo.com
>> >
>>
>>
>>
>> —
>> Questions? First check the IFS FAQ at
>> https://www.osronline.com/article.cfm?id=17
>>
>> You are currently subscribed to ntfsd as:
>> xxxxx@yahoo.com
>> To unsubscribe send a blank email to
>> xxxxx@lists.osr.com
>>
>
>
>
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>

2

Thanks alot Slava for ur help, Now i m able to os the
rename properly.

Rahul

— Slava Imameyev wrote:

>
> I think the answer is PreviousMode.
> You previous mode is UserMode. The IoCreateFile does
> not change the previous
> mode( opposite to ZwCreateFile ). Object name,
> handle and status block are
> all from the kernel mode buffers or kernel mode
> stack, so the parameter
> checking returns Error( c0000005 ), because for
> system it looks like an
> attempt to crash the system from the user mode.
> There are two solutions
> - Call IoCreateFile in a system thread( where
> PreviousMode is always
> KernelMode )
> - Set IO_NO_PARAMETER_CHECKING flag( documented in
> IFSDK ), this avert the
> parameters validation.
>
> P.S. I think FILE_NON_DIRECTORY_FILE may prevent to
> open the target
> directory.
>
> “rahul naik” wrote in
> message news:xxxxx@ntfsd…
> > Hi,
> >
> > i m trying to open target directory nbut it is
> giving
> > error c0000005
> > status = IoCreateFile( &trg_dir_handle,
> GENERIC_WRITE,
> > &object, &io_status, NULL, 0,
> > FILE_SHARE_READ | FILE_SHARE_WRITE, FILE_OPEN,
> > FILE_NON_DIRECTORY_FILE,
> > NULL, 0, CreateFileTypeNone, NULL,
> > IO_OPEN_TARGET_DIRECTORY );
> >
> > Thanks,
> > Rahul
> >
> > — Slava Imameyev wrote:
> >
> >> Use IoCreateFile( … ,
> IO_OPEN_TARGET_DIRECTORY
> >> ) instead ZwCreateFile.
> >> IoCreateFile is documented in the WDK( and in the
> >> IFSDK ).
> >>
> >> “rahul naik” wrote in
> >> message news:xxxxx@ntfsd…
> >> > Hi,
> >> >
> >> > i made changes as per ur suggestion but i m
> still
> >> > getting error c0000033.
> >> >
> >> > i also tried with RootDirectory field in
> >> > FILE_RENAME_INFORMATION structure but it
> renames
> >> the
> >> > file into source directory instead of target
> >> > directory. I am passing handle of target
> directory
> >> in
> >> > link_info->RootDirectory and
> link_info->FileName
> >> as
> >> > “0.tmp”
> >> >
> >> > DWORD HoldFileBack( PDEVICE_OBJECT next_device,
> >> > PFILE_OBJECT file_obj )
> >> > {
> >> > PFILE_RENAME_INFORMATION link_info = NULL;
> >> > NTSTATUS status;
> >> > UNICODE_STRING obj_name;
> >> > OBJECT_ATTRIBUTES object;
> >> > IO_STATUS_BLOCK io_status;
> >> > HANDLE trg_dir_handle;
> >> > PFILE_OBJECT trg_file_obj;
> >> >
> >> > //allocate memory for link_info
> >> > link_info = ExAllocatePool( NonPagedPool,
> sizeof(
> >> > FILE_RENAME_INFORMATION )
> >> > + MAX_FILENAME_LENGTH );
> >> > if( NULL == link_info )
> >> > {
> >> > DbgPrint( “No memory for Link_info\n” );
> >> > return 1;
> >> > }
> >> >
> >> > memset( link_info, 0, sizeof(
> >> FILE_RENAME_INFORMATION
> >> > ) + MAX_FILENAME_LENGTH );
> >> >
> >> > //create link filename
> >> > wcscpy( link_info->FileName, L"\??\C:\hlink"
> );
> >> > RtlInitUnicodeString( &obj_name,
> >> link_info->FileName
> >> > );
> >> >
> >> >
> >>
> >
>
InitializeObjectAttributes(&object,&obj_name,OBJ_KERNEL_HANDLE
> >> > ,NULL,NULL);
> >> > status = ZwCreateFile( &trg_dir_handle,
> >> > GENERIC_WRITE, &object, &io_status, NULL, 0,
> >> > FILE_SHARE_READ | FILE_SHARE_WRITE, FILE_OPEN,
> >> > FILE_DIRECTORY_FILE,
> >> > NULL, 0 );
> >> > if ( status != STATUS_SUCCESS )
> >> > {
> >> > DbgPrint( “Error Opening target directory\n” );
> >> > return 1;
> >> > }
> >> >
> >> > status = ObReferenceObjectByHandle(
> >> trg_dir_handle,
> >> > GENERIC_WRITE, NULL,
> >> > KernelMode, (PVOID*)&trg_file_obj,
> >> > NULL );
> >> > if ( status != STATUS_SUCCESS )
> >> > {
> >> > DbgPrint( “Error Opening target directory\n” );
> >> > ZwClose( trg_dir_handle );
> >> > return 1;
> >> > }
> >> >
> >> > wcscpy( link_info->FileName,
> >> > L"\??\C:\hlink\0.tmp" );
> >> > link_info->FileNameLength = wcslen(
> >> > link_info->FileName ) * 2;
> >> >
> >> > //now pass the rename irp down
> >> > status = SetFileInfo( next_device, file_obj,
> >> > trg_file_obj, link_info,
> >> > sizeof( FILE_RENAME_INFORMATION ) +
> >> > link_info->FileNameLength,
> >> > FileRenameInformation, NULL );
> >> > if( status != STATUS_SUCCESS )
> >> > {
> >> > DbgPrint( “rename Failed\n” );
> >> > ExFreePool( link_info );
> >> > return 1;
> >> > }
> >> > ExFreePool( link_info );
> >> >
> >> > return 0;
> >> > }
> >> >
> >> > — Slava Imameyev
> wrote:
> >> >
> >> >> This request must contain the valid
> >> >> Parameters.SetFile.FileObject, this
> >> >> FileObject is created by the system which
> calls
> >> >> IoCreateFile(
> >> >> FILE_RENAME_INFORMATION->FileName ). The FSD
> uses
> >> >> Parameters.SetFile.FileObject instead the
> fully
> >> >> qualified file name. If
> >> >> Parameters.SetFile.FileObject is NULL then
> this
> >> is a
> >> >> relative rename.
> >> >
> >> >
> >> >
> >> >
>
> >> > Do You Yahoo!?
> >> > Tired of spam? Yahoo! Mail has the best spam
> >> protection around
> >> > http://mail.yahoo.com
> >> >
> >>
> >>
> >>
> >> —
> >> Questions? First check the IFS FAQ at
> >> https://www.osronline.com/article.cfm?id=17
> >>
> >> You are currently subscribed to ntfsd as:
> >> xxxxx@yahoo.com
> >> To unsubscribe send a blank email to
> >> xxxxx@lists.osr.com
> >>
> >
> >
> >
> > Do You Yahoo!?
> > Tired of spam? Yahoo! Mail has the best spam
> protection around
> > http://mail.yahoo.com
> >
>
>
=== message truncated ===

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com