Solved

FindFirstFile in kernel-mode?

Posted on 1997-11-21
5
628 Views
Last Modified: 2013-12-03
I just want to do something like a findfirstfile in kernel-mode so that I can get a directory listing using wildcards.  Is there a function already there that I can use to do this?  I looked through the ntddk.h but I couldn't find anything.  A quick snip of source code would be great.  I'm using NT 4.0
0
Comment
Question by:vinniew
  • 3
  • 2
5 Comments
 
LVL 3

Author Comment

by:vinniew
ID: 1408722
P.S. If my driver works, I'll let you try it out.  It's just going to be a command completion driver that will work throughout the system on any input box, windows or dos boxes alike.  That means that you press a key, say the capslock, and you get the filename filled in for you.
0
 
LVL 1

Accepted Solution

by:
cph earned 50 total points
ID: 1408723
Well, you could use the function AX = 714Eh of the interruption 21h (FindFirst) and the function AX = 714Fh (FindNext).
It works with the long filename.

I can give you more detail on that if you want.

Another way could be to use the function FindFirstFile, which prototype look like this:
HANDLE FindFirstFile(LPCTSTR lpFileName,
      // pointer to name of file to search for  
    LPWIN32_FIND_DATA lpFindFileData
       // pointer to returned information
);

with FindNextFile. They are both define in the win32 API and are compatible with NT.

Hope this help,

CpH
0
 
LVL 3

Author Comment

by:vinniew
ID: 1408724
Okay, let me see if I understand you.  

If I just include the FindFirstFile prototype in my single .c file that I'm using, the operating system will know what to do to find that function when it starts?  Since this is kernel-mode, I won't need to include .libs or anything?

I'm new at this...

Thanks,
V

0
 
LVL 3

Author Comment

by:vinniew
ID: 1408725
I tried to use the FindFirstFile function in my device driver, but the compiler said no way.  Are you sure you can use that win32 function in a device driver?

Thanks,

V
0
 
LVL 1

Expert Comment

by:cph
ID: 1408726
Well if I don't know if you can use the findfirstfile function provide by windows in the kernel-mode, but I don't think it will matter. In fact, its the kernel itself who defines it so it should work.
However, if it doesn't, you can still use the interrupt function which will do the same job.

Hope this help,

CpH

BTW:the import library is kernel32.lib and the header file is winbase.h.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes how to add a user-defined command button to the Windows 7 Explorer toolbar.  In the previous article (http://www.experts-exchange.com/A_2172.html), we saw how to put the Delete button back there where it belongs.  "Delete" is …
zlib is a free compression library (a DLL) on which the popular gzip utility is built.  In this article, we'll see how to use the zlib functions to compress and decompress data in memory; that is, without needing to use a temporary file.  We'll be c…
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question