想遍历指定目录下的所有文件及文件夹,包括子目录,可是一直蓝屏,实在不知道问题在哪,求指教,以下是代码
typedef struct _LIST_NODE
{
LIST_ENTRY ListEntry;
LPWSTR lpDir;
} LIST_NODE, *PLIST_NODE;
NTSTATUS EnumFilesAndDir(LPWSTR lpPath)
{
HANDLE hFile = NULL;
UNICODE_STRING szFileName = {0};
OBJECT_ATTRIBUTES Oa = {0};
NTSTATUS ntStatus = 0;
IO_STATUS_BLOCK Iosb = {0};
ULONG uSize = sizeof(FILE_BOTH_DIR_INFORMATION);
FILE_BOTH_DIR_INFORMATION *pfbInfo = NULL;
BOOLEAN bIsStarted = TRUE;
LPWSTR lpTem = lpPath;
LIST_ENTRY listHead = { 0 }, queue = {0};
PLIST_NODE pListNode = NULL, QueueNode = NULL;
PLIST_ENTRY pEntry = NULL;
InitializeListHead(&listHead);
InitializeListHead(&queue);
QueueNode = (PLIST_NODE)ExAllocatePool(PagedPool, sizeof(LIST_NODE));
QueueNode->lpDir = lpTem;
InsertTailList(&queue, &QueueNode->ListEntry);
while(!IsListEmpty(&queue) || lpTem == NULL)
{
RtlInitUnicodeString(&szFileName, lpTem);
InitializeObjectAttributes(&Oa, &szFileName, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, NULL, NULL);
ntStatus = ZwCreateFile(&hFile, GENERIC_READ | SYNCHRONIZE, &Oa, &Iosb, 0, FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ, FILE_OPEN, FILE_SYNCHRONOUS_IO_NONALERT, NULL, 0);
if (!NT_SUCCESS(ntStatus))
break;
pfbInfo = ExAllocatePool(PagedPool, uSize);
if (pfbInfo == NULL)
{
ZwClose(hFile);
break;
}
while (TRUE)
{
lbl_retry:
RtlZeroMemory(pfbInfo, uSize);
ntStatus = ZwQueryDirectoryFile(hFile, 0, NULL, NULL, &Iosb, pfbInfo, uSize, FileBothDirectoryInformation, FALSE, NULL, bIsStarted);
if (STATUS_BUFFER_OVERFLOW == ntStatus)
{
ExFreePool(pfbInfo);
uSize = uSize * 2;
pfbInfo = ExAllocatePool(PagedPool, uSize);
if (pfbInfo == NULL)
{
ZwClose(hFile);
goto CleanUp;
}
goto lbl_retry;
}
else if (STATUS_SUCCESS != ntStatus)
{
ExFreePool(pfbInfo);
ZwClose(hFile);return 0;
goto CleanUp;
}
if (bIsStarted)
bIsStarted = FALSE;
while (TRUE)
{
size_t sSize = 0;
LPWSTR szWellFormedFileName = NULL;
RtlStringCbLengthW(lpTem, NTSTRSAFE_MAX_CCH * sizeof(WCHAR), &sSize);
sSize += pfbInfo->FileNameLength + 4;
szWellFormedFileName = (LPWSTR)ExAllocatePool(PagedPool, sSize);
if (!szWellFormedFileName)
break;
RtlZeroMemory(szWellFormedFileName, sSize);
RtlStringCbPrintfW(szWellFormedFileName, sSize, L"%s\\%s", lpTem, pfbInfo->FileName);
if(pfbInfo->FileAttributes & FILE_ATTRIBUTE_DIRECTORY)
{
pListNode = (PLIST_NODE)ExAllocatePool(PagedPool, sizeof(LIST_NODE));
pListNode->lpDir = szWellFormedFileName;
QueueNode = (PLIST_NODE)ExAllocatePool(PagedPool, sizeof(LIST_NODE));
QueueNode->lpDir = szWellFormedFileName;
InsertTailList(&listHead, &pListNode->ListEntry);
InsertTailList(&queue, &QueueNode->ListEntry);
KdPrint(("Directory Name: %S", szWellFormedFileName));
}
else
{
KdPrint(("File name is: %S\n", szWellFormedFileName));
ExFreePool(szWellFormedFileName);
}
if (pfbInfo->NextEntryOffset == 0)
break;
pfbInfo += pfbInfo->NextEntryOffset;
}
}
ZwClose(hFile);
ExFreePool(pfbInfo);
pEntry = RemoveHeadList(&queue);
QueueNode = CONTAINING_RECORD(pEntry, LIST_NODE, ListEntry);
if(!IsListEmpty(&queue))
lpTem = ((PLIST_NODE)(QueueNode->ListEntry.Flink))->lpDir;
else
lpTem = NULL;
ExFreePool(QueueNode);
}
CleanUp:
while(!IsListEmpty(&queue))
{
pEntry = RemoveTailList(&queue);
QueueNode = CONTAINING_RECORD(pEntry, LIST_NODE, ListEntry);
ExFreePool(QueueNode);
}
while (!IsListEmpty(&listHead))
{
pEntry = RemoveTailList(&listHead);
pListNode = CONTAINING_RECORD(pEntry, LIST_NODE, ListEntry);
ExFreePool(pListNode->lpDir);
ExFreePool(pListNode);
}
return 0;
}
[培训]《安卓高级研修班(网课)》月薪三万计划,掌握调试、分析还原ollvm、vmp的方法,定制art虚拟机自动化脱壳的方法
