static NTSTATUS
CopyLoop (
HANDLE FileHandleSource,
HANDLE FileHandleDest,
LARGE_INTEGER SourceFileSize,
LPPROGRESS_ROUTINE lpProgressRoutine,
LPVOID lpData,
BOOL *pbCancel,
BOOL *KeepDest
)
{
NTSTATUS errCode;
IO_STATUS_BLOCK IoStatusBlock;
UCHAR *lpBuffer = NULL;
SIZE_T RegionSize = 0x10000;
LARGE_INTEGER BytesCopied;
DWORD CallbackReason;
DWORD ProgressResult;
BOOL EndOfFileFound;
*KeepDest = FALSE;
errCode = NtAllocateVirtualMemory(NtCurrentProcess(),
(PVOID *)&lpBuffer,
0,
&RegionSize,
MEM_RESERVE | MEM_COMMIT,
PAGE_READWRITE);
if (NT_SUCCESS(errCode))
{
BytesCopied.QuadPart = 0;
EndOfFileFound = FALSE;
CallbackReason = CALLBACK_STREAM_SWITCH;
while (! EndOfFileFound &&
NT_SUCCESS(errCode) &&
(NULL == pbCancel || ! *pbCancel))
{
if (NULL != lpProgressRoutine)
{
ProgressResult = (*lpProgressRoutine)(SourceFileSize,
BytesCopied,
SourceFileSize,
BytesCopied,
0,
CallbackReason,
FileHandleSource,
FileHandleDest,
lpData);
switch (ProgressResult)
{
case PROGRESS_CANCEL:
TRACE("Progress callback requested cancel\n");
errCode = STATUS_REQUEST_ABORTED;
break;
case PROGRESS_STOP:
TRACE("Progress callback requested stop\n");
errCode = STATUS_REQUEST_ABORTED;
*KeepDest = TRUE;
break;
case PROGRESS_QUIET:
lpProgressRoutine = NULL;
break;
case PROGRESS_CONTINUE:
default:
break;
}
CallbackReason = CALLBACK_CHUNK_FINISHED;
}
if (NT_SUCCESS(errCode))
{
errCode = NtReadFile(FileHandleSource,
NULL,
NULL,
NULL,
(PIO_STATUS_BLOCK)&IoStatusBlock,
lpBuffer,
RegionSize,
NULL,
NULL);//如果文件很大的情况下NtReadFile怎么判断我当前copy到文件的什么位置了呢??copy文件指针在哪里??
if (NT_SUCCESS(errCode) && (NULL == pbCancel || ! *pbCancel))
{
errCode = NtWriteFile(FileHandleDest,
NULL,
NULL,
NULL,
(PIO_STATUS_BLOCK)&IoStatusBlock,
lpBuffer,
IoStatusBlock.Information,
NULL,
NULL);
if (NT_SUCCESS(errCode))
{
BytesCopied.QuadPart += IoStatusBlock.Information;
}
else
{
WARN("Error 0x%08x reading writing to dest\n", errCode);
}
}
else if (!NT_SUCCESS(errCode))
{
if (STATUS_END_OF_FILE == errCode)
{
EndOfFileFound = TRUE;
errCode = STATUS_SUCCESS;
}
else
{
WARN("Error 0x%08x reading from source\n", errCode);
}
}
}
}
if (! EndOfFileFound && (NULL != pbCancel && *pbCancel))
{
TRACE("User requested cancel\n");
errCode = STATUS_REQUEST_ABORTED;
}
NtFreeVirtualMemory(NtCurrentProcess(),
(PVOID *)&lpBuffer,
&RegionSize,
MEM_RELEASE);
}
else
{
TRACE("Error 0x%08x allocating buffer of %d bytes\n", errCode, RegionSize);
}
return errCode;
}
[课程]FART 脱壳王!加量不加价!FART作者讲授!
