archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/base/fs/sis/tools/refcount/refcount.cpp

195 lines
4.5 KiB
Raw Normal View History

Add source files
4 years ago
  1. #include <stdio.h>
  2. #include <stdlib.h>
  4. #include <nt.h>
  5. #include <ntrtl.h>
  6. #include <nturtl.h>
  7. #include <ntioapi.h>
  9. #include <windows.h>
  10. #include <fcntl.h>
  11. #include <string.h>
  13. #include <assert.h>
  14. #include "..\..\filter\sis.h"
  16. void usage(void)
  17. {
  18. fprintf(stderr,"usage: refcount CommonStoreFileName\n");
  19. fprintf(stderr," prints out the backpointer stream info for the given CS file.\n");
  20. exit(1);
  21. }
  23. void
  24. printFileNameById(
  25. PLARGE_INTEGER fileId,
  26. HANDLE hFile) // hFile is for any file on the same volume as fileId
  27. {
  28. UNICODE_STRING fileIdString[1];
  29. NTSTATUS status;
  30. OBJECT_ATTRIBUTES Obja[1];
  31. HANDLE fileByIdHandle = NULL;
  32. IO_STATUS_BLOCK Iosb[1];
  33. struct {
  34. FILE_NAME_INFORMATION nameFileInfo[1];
  35. WCHAR nameBuffer[255];
  36. } nameFile;
  38. memset(&nameFile, 0, sizeof(nameFile));
  40. fileIdString->Length = fileIdString->MaximumLength = sizeof(LARGE_INTEGER);
  42. fileIdString->Buffer = (PWCHAR)fileId;
  44. InitializeObjectAttributes(
  45. Obja,
  46. fileIdString,
  47. OBJ_CASE_INSENSITIVE,
  48. hFile,
  49. NULL); // security descriptor
  51. status = NtCreateFile(
  52. &fileByIdHandle,
  53. FILE_READ_ATTRIBUTES | SYNCHRONIZE,
  54. Obja,
  55. Iosb,
  56. NULL, // allocation size
  57. FILE_ATTRIBUTE_NORMAL,
  58. FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
  59. FILE_OPEN,
  60. FILE_NON_DIRECTORY_FILE | FILE_OPEN_BY_FILE_ID,
  61. NULL, // EA buffer
  62. 0); // EA length
  64. if (!NT_SUCCESS(status)) {
  65. printf("open failed 0x%x",status);
  66. return;
  67. }
  69. status = NtQueryInformationFile(
  70. fileByIdHandle,
  71. Iosb,
  72. nameFile.nameFileInfo,
  73. sizeof(nameFile),
  74. FileNameInformation);
  76. if (!NT_SUCCESS(status)) {
  77. printf("couldn't query name 0x%x",status);
  78. NtClose(fileByIdHandle);
  79. return;
  80. }
  82. printf("%ws",nameFile.nameFileInfo->FileName);
  84. NtClose(fileByIdHandle);
  86. return;
  87. }
  90. void __cdecl main(int argc, char **argv)
  91. {
  92. if (argc != 2) usage();
  94. char *streamName = (char *)malloc(strlen(argv[1]) + 100);
  95. unsigned validReferences = 0;
  96. unsigned consecutiveMaxIndicesSeen = 0;
  98. strcpy(streamName,argv[1]);
  99. strcat(streamName,":sisBackpointers$");
  101. HANDLE hFile =
  102. CreateFile(
  103. streamName,
  104. GENERIC_READ,
  105. FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
  106. NULL,
  107. OPEN_EXISTING,
  108. FILE_ATTRIBUTE_NORMAL,
  109. NULL);
  111. if (hFile == INVALID_HANDLE_VALUE) {
  112. fprintf(stderr,"Unable to open backpointer stream for file %s, %d\n",streamName,GetLastError());
  113. exit(1);
  114. }
  116. const int backpointerEntriesPerSector = 512 / sizeof(SIS_BACKPOINTER);
  118. PSIS_BACKPOINTER sector = (PSIS_BACKPOINTER) malloc(512);
  120. int firstEntry = TRUE;
  122. assert(sector);
  124. ULONGLONG previousLinkIndex = 0;
  126. for (;;) {
  127. unsigned long bytesRead;
  129. if (!ReadFile(hFile,sector,512,&bytesRead,NULL)) {
  130. fprintf(stderr,"readFile of sector failed %d\n",GetLastError());
  131. exit(1);
  132. }
  134. if (0 == bytesRead) {
  135. break;
  136. }
  138. if (bytesRead < 512) {
  139. fprintf(stderr,"*** read %d of 512 bytes\n",bytesRead);
  140. }
  142. for (unsigned i = 0 ; i < backpointerEntriesPerSector; i++) {
  143. if (firstEntry) {
  144. firstEntry = FALSE;
  145. PSIS_BACKPOINTER_STREAM_HEADER header = (PSIS_BACKPOINTER_STREAM_HEADER)sector;
  147. printf("format version %d, magic 0x%x, checksum 0x%x.0x%x\n\n",
  148. header->FormatVersion,header->Magic,(DWORD)(header->FileContentChecksum >> 32),
  149. (DWORD)header->FileContentChecksum);
  151. } else {
  152. if (MAXLONGLONG != sector[i].LinkFileNtfsId.QuadPart) {
  154. if (0 != consecutiveMaxIndicesSeen) {
  155. printf("%d consecutive MaxIndices (ie., null entries)\n",consecutiveMaxIndicesSeen);
  156. consecutiveMaxIndicesSeen = 0;
  157. }
  159. printf("0x%08x.0x%08x -> 0x%08x.0x%08x\t%c ",sector[i].LinkFileIndex.HighPart,sector[i].LinkFileIndex.LowPart,
  160. sector[i].LinkFileNtfsId.HighPart,sector[i].LinkFileNtfsId.LowPart,
  161. sector[i].LinkFileIndex.QuadPart >= previousLinkIndex ? ' ' : '*');
  162. }
  164. previousLinkIndex = sector[i].LinkFileIndex.QuadPart;
  166. if (MAXLONGLONG == sector[i].LinkFileNtfsId.QuadPart) {
  168. if (0 == consecutiveMaxIndicesSeen) printf("\n");
  170. consecutiveMaxIndicesSeen++;
  171. } else {
  172. if (sector[i].LinkFileNtfsId.LowPart != 0xffffffff || sector[i].LinkFileNtfsId.HighPart != 0x7fffffff) {
  173. validReferences++;
  175. printFileNameById(&sector[i].LinkFileNtfsId,hFile);
  176. }
  177. printf("\n");
  178. }
  179. }
  180. }
  181. }
  183. if (0 != consecutiveMaxIndicesSeen) {
  184. printf("File ends with %d consecutive MaxIndices (ie., null entries)\n", consecutiveMaxIndicesSeen);
  185. }
  187. printf("%d Total valid references\n",validReferences);
  189. }