从用户模式打开驱动程序的句柄

发布于 2024-11-01 20:38:53 字数 454 浏览 3 评论 0原文

我有一个驱动程序,并为其创建了一个符号名称。符号名称是...

L"\\DosDevices\\hook"

当我尝试从用户模式使用CreateFile()访问设备对象时,我总是收到错误,“系统找不到指定的文件”。

我尝试使用 CreateFile() 与以下路径...

"\\.\hook"
"\\Device\\hook"
"\\\\.\\hook"
"\\.\hook"

但它仍然不起作用。 但是,如果我在 Visual Basic 6 中尝试相同的 API 调用,“\\.\\hook”工作正常,但文档说它应该是“\\\\.\\hook”。 这里有什么问题吗?所有这些“\”的目的是什么以及如何使其与 Visual C++ 一起工作?

I have a driver and I created a symbolic name to it. The symbolic name is ...

L"\\DosDevices\\hook"

When I try to access the device object using CreateFile() from usermode, I always get an error, "The system cannot find the file specified".

I tried using CreateFile() with the following paths ...

"\\.\hook"
"\\Device\\hook"
"\\\\.\\hook"
"\\.\hook"

but it still doesn't work.
However if i try the same API call in Visual Basic 6, "\\.\\hook" works correctly, however the documentation says that it should be "\\\\.\\hook".
What is the problem here ? What is the purpose of all these "\" and how do i make it work with Visual C++ ?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

萌酱 2024-11-08 20:38:53

首先是克里斯指出的

"\\.\hook"       -> "\\\\.\\hook"

因此你给出的第三个变体应该有效。 “\\Device\\hook” 绝对不适用于 Win32 API。这些仅限于 \\DosDevices\\?? 及其变体(每个会话命名空间)之下的内容。 \\DosDevices\\?? 通常位于同一位置,其中一个是另一个的符号链接,具体取决于确切的操作系统版本。

其失败的可能原因有多种。其中之一是命名空间,而您弄错了。在内部,路径 \\.\ (我在这里省略了反斜杠的语法转义)转换为 \??\,这是在 Win32 和本机 API 之间的边界完成的。后一个路径 (\??\...) 是本机 API 和操作系统本身所理解的。任何其他原因都需要您发布您尝试运行的实际代码(特别是 CreateFile 调用)。因此,需要更多信息。一个问题是您是否意外地将宽字符串传递给 ANSI 函数,从而最终寻找一条不存在的路径。还有许多其他可能性,当您发布代码时,所有这些可能性都很容易排除。

\\DosDevices\... 也是对象的本机路径。不要从 Win32 API 使用它。请参阅 DefineDosDevice/QueryDosDevice 了解底层机制。

对于实验,我建议使用 Sysinternals 的 WinObj 并阅读“Windows Internals”系列书籍或任何有关 Windows 驱动程序的书籍都应该对主题进行细分。

First comes what Chris was pointing out

"\\.\hook"       -> "\\\\.\\hook"

Thus the third variant you gave should have worked. "\\Device\\hook" will most definitely not work with a Win32 API. Those are limited to what's beneath \\DosDevices or \\?? and its variation (per-session namespaces). \\DosDevices and \\?? are usually the same location with one being a symbolic link to the other depending on the exact OS version.

There are several possible reasons why it fails. One being the namespaces and that you got those wrong. Internally the path \\.\ (I left out the syntactic escaping of backslashes here) translates to \??\, which is done at the boundary between Win32 and native API. The latter path (\??\...) is what the native API and the OS itself understand. Any other reason would require that you post the actual code you are trying to run (the CreateFile call in particular). Thus, more information would be required. One question would be whether you accidentally pass a wide string to an ANSI function and thus end up looking for a path that does not exist. And there are a multitude of other possibilities all of which would be easy to rule out when you post your code.

\\DosDevices\... as well is the native path to the object. Don't use it from the Win32 API. See DefineDosDevice/QueryDosDevice for a glimpse on the mechanisms underneath.

For experimentation I recommend WinObj from Sysinternals and to read up the "Windows Internals" series of books or any book on Windows drivers should have a breakdown of the topics.

或十年 2024-11-08 20:38:53

在 C/C++ 中,当在字符串文字中遇到 \ 字符时,它会引入转义序列。

`\r`   - embed a CR
`\n`   - embeds a LF
`\040` - embeds an character using an octal code

因此,需要 \\ 来表示实际字符串中的单个 \ 字符。

因此,VB 字符串文字 "\\.\\hook" 将转换为 C 字符串文字:L"\\\\.\\\\hook"

In C/C++, when the \ character is encountered in a string literal, it introduces an escape sequence.

`\r`   - embed a CR
`\n`   - embeds a LF
`\040` - embeds an character using an octal code

\\ is thus necessary to represent a single \ character in the actual string.

So, the VB string literal "\\.\\hook", would translate to the C string literal: L"\\\\.\\\\hook".

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文