Problem with paths to files (in Kernel Mode)

Home Forums Discussions General Problem with paths to files (in Kernel Mode)

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • September 30, 2007 at 1:46 pm #5135
    Samael6
    Participant

      Hello,
      I have written small NtCreateFile intercepter (legacy driver). It will a filter with a list of denied files.
      But I have a problem with paths to files.
      The problem is in the next: windows has a several types for paths (DOS path, UNC, using symbolic links, etc). For example, I have seen these variants:


      
- ??C:dirfile.ext
      
- DosDevicesC:dirfile.ext
      
- GLOBAL??C:dirfile.ext
      
- DeviceHarddisk0Partition1dirfile.ext
      
- DeviceHarddiskVolume1dirfile.ext
      
- ??C:WINDOWSsystem32shell32.dll
      
- DeviceLanmanRedirectorPHILKALINEAGE II - INTERLUDE (shared resource on PHILKA)
      
- ??UNCPHILKALINEAGE II - INTERLUDE (again)
      
- DEVICEHARDDISKVOLUME2PROGRAM FILESDEBUGVIEWDBGVIEW.EXE (starting app)

      As you can see, there are different variants to call a file.
      How can I support all these types? Is it possible to reduce all these types to one (any one)?

      Thank you.

      October 2, 2007 at 12:20 pm #6455
      Samael6
      Participant

        I have found a solution.
        No more help needed

        October 26, 2007 at 5:29 pm #6456
        alex_s
        Participant

          @Samael6 wrote:

          I have found a solution.
          No more help needed

          VolumeDeviceToDosName ?

          October 27, 2007 at 2:32 am #6457
          lovepkfilter
          Participant

            @alex_s wrote:

            @Samael6 wrote:

            I have found a solution.
            No more help needed

            VolumeDeviceToDosName ?

            3ks alex_s

          • Author
            Posts
          Viewing 4 posts - 1 through 4 (of 4 total)
          • You must be logged in to reply to this topic.