public static Boolean TryNtQueryObject(IntPtr objectHandle, ObjectInfoamtionClass informationClass, out AllocatedMemoryHandle informationPtr, Int32 startSize = 0)
{
informationPtr = new AllocatedMemoryHandle(startSize);
var info = NtQueryObject(objectHandle, informationClass, informationPtr.DangerousGetHandle(), informationPtr.Size, out var actualSize);
if (info == NtStatus.InvalidHandle)
{
if (informationPtr.IsInvalid)
{
informationPtr.Close();
}
informationPtr = null;
return(false);
}
while (info == NtStatus.InfoLengthMismatch)
{
informationPtr.ChangeMemorySize(actualSize);
info = NtQueryObject(objectHandle, informationClass, informationPtr.DangerousGetHandle(), informationPtr.Size, out actualSize);
}
if (info != NtStatus.Success)
{
if (informationPtr.IsInvalid)
{
informationPtr.Close();
}
informationPtr = null;
return(false);
}
return(true);
}
public static Boolean TryQuerySystemInformation(SystemInfomationClass infoClass, out AllocatedMemoryHandle infoHandle, Int32 startSize = 0)
{
infoHandle = new AllocatedMemoryHandle(startSize);
var info = NtQuerySystemInformation(infoClass, infoHandle.DangerousGetHandle(), infoHandle.Size, out var actualSize);
while (info == NtStatus.InfoLengthMismatch)
{
infoHandle.ChangeMemorySize(actualSize);
info = NativeAPI.NtQuerySystemInformation(infoClass, infoHandle.DangerousGetHandle(), infoHandle.Size, out actualSize);
}
if (info != NtStatus.Success)
{
if (infoHandle.IsInvalid)
{
infoHandle.Close();
}
infoHandle = null;
return(false);
}
return(true);
}
private static Boolean IsFileOrDirectoryHandle(IntPtr localHandle)
{
AllocatedMemoryHandle handleType = null;
try
{
if (NativeAPI.TryNtQueryObject(localHandle, ObjectInfoamtionClass.ObjectTypeInformation, out handleType))
{
//https://msdn.microsoft.com/en-us/library/bb432383(
var length = Marshal.ReadInt16(handleType.DangerousGetHandle()) >> 1;
var result = Marshal.PtrToStringUni(handleType.DangerousGetHandle() + _HandleTypeStringOffset, length);
return(result.Equals("File") || result.Equals("Directory"));
}
return(false);
}
finally
{
if (handleType != null)
{
handleType.Close();
}
}
}
private static String GetFileNameFromHandle(IntPtr localHandle)
{
AllocatedMemoryHandle handleType = null;
try
{
if (NativeAPI.TryNtQueryObject(localHandle, ObjectInfoamtionClass.ObjectNameInformation, out handleType))
{
//https://msdn.microsoft.com/en-us/library/windows/hardware/ff550990
var length = Marshal.ReadInt16(handleType.DangerousGetHandle()) >> 1;
var result = Marshal.PtrToStringUni(handleType.DangerousGetHandle() + _FileNameStringOffset, length);
if (result.LastIndexOf(_DevicePre) != 0)
{
return(null);
}
var dosName = result.Substring(0, result.IndexOf(@"\", _DevicePre.Length));
var ret = _DeviceNameMap.TryGetValue(dosName, out var ntName);
if (!ret || !dosName.StartsWith(_DevicePre))
{
return(null);
}
return(@"\\?\" + result.Replace(dosName, ntName));
}
return(null);
}
catch
{
return(null);
}
finally
{
if (handleType != null)
{
handleType.Close();
}
}
}
