Fix original file being read when it was longer than emulated

Sewer56 · Aug 25, 2024 · a8c18e5 · a8c18e5
1 parent 6cf50e8
commit a8c18e5
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 17 deletions.
diff --git a/FileEmulationFramework/FileAccessServer.cs b/FileEmulationFramework/FileAccessServer.cs
@@ -103,7 +103,7 @@ private static void DequeueHandles()
     }
 
     [UnmanagedCallersOnly(CallConvs = new[] { typeof(CallConvStdcall) })]
-    private static int QueryInformationFileImpl(IntPtr hfile, IO_STATUS_BLOCK* ioStatusBlock, byte* fileInformation, uint length, FileInformationClass fileInformationClass)
+    private static NT_STATUS QueryInformationFileImpl(IntPtr hfile, IO_STATUS_BLOCK* ioStatusBlock, byte* fileInformation, uint length, FileInformationClass fileInformationClass)
     {
         var result = _getFileSizeHook.OriginalFunction.Value.Invoke(hfile, ioStatusBlock, fileInformation, length, fileInformationClass);
         if (fileInformationClass != FileInformationClass.FileStandardInformation || !HandleToInfoMap.TryGetValue(hfile, out var info))
@@ -139,12 +139,12 @@ private static int QueryAttributesFileImpl(OBJECT_ATTRIBUTES* attributes, FILE_N
     }
 
     [UnmanagedCallersOnly(CallConvs = new[] { typeof(CallConvStdcall) })]
-    private static int SetInformationFileHook(IntPtr hfile, IO_STATUS_BLOCK* ioStatusBlock, byte* fileInformation, uint length, FileInformationClass fileInformationClass)
+    private static NT_STATUS SetInformationFileHook(IntPtr hfile, IO_STATUS_BLOCK* ioStatusBlock, byte* fileInformation, uint length, FileInformationClass fileInformationClass)
     {
         return SetInformationFileImpl(hfile, ioStatusBlock, fileInformation, length, fileInformationClass);
     }
 
-    private static int SetInformationFileImpl(IntPtr hfile, IO_STATUS_BLOCK* ioStatusBlock, byte* fileInformation, uint length, FileInformationClass fileInformationClass)
+    private static NT_STATUS SetInformationFileImpl(IntPtr hfile, IO_STATUS_BLOCK* ioStatusBlock, byte* fileInformation, uint length, FileInformationClass fileInformationClass)
     {
         if (fileInformationClass != FileInformationClass.FilePositionInformation || !HandleToInfoMap.TryGetValue(hfile, out var info))
             return _setFilePointerHook.OriginalFunction.Value.Invoke(hfile, ioStatusBlock, fileInformation, length, fileInformationClass);
@@ -159,7 +159,7 @@ private static int SetInformationFileImpl(IntPtr hfile, IO_STATUS_BLOCK* ioStatu
     }
 
     [UnmanagedCallersOnly(CallConvs = new[] { typeof(CallConvStdcall) })]
-    private static int NtReadFileImpl(IntPtr handle, IntPtr hEvent, IntPtr* apcRoutine, IntPtr* apcContext,
+    private static NT_STATUS NtReadFileImpl(IntPtr handle, IntPtr hEvent, IntPtr* apcRoutine, IntPtr* apcContext,
         IO_STATUS_BLOCK* ioStatus, byte* buffer, uint length, long* byteOffset, IntPtr key)
     {
         // Check if this is one of our files.
@@ -184,18 +184,24 @@ private static int NtReadFileImpl(IntPtr handle, IntPtr hEvent, IntPtr* apcRouti
             requestedOffset += numReadBytes;
             SetInformationFileImpl(handle, ioStatus, (byte*)&requestedOffset, sizeof(long), FileInformationClass.FilePositionInformation);
 
-            // Set number of read bytes.
-            ioStatus->Status = 0;
+            // Set status
+            ioStatus->Status = NT_STATUS.STATUS_SUCCESS;
             ioStatus->Information = new(numReadBytes);
-            return 0;
+            return NT_STATUS.STATUS_SUCCESS;
+        }
+        else
+        {
+            _logger.Debug("[FileAccessServer] Read Fail, Length: {0}, Offset: {1}", numReadBytes, requestedOffset);
+
+            // Set status (note that we're assuming that if File.ReadData fails then we're at the end of the file)
+            ioStatus->Status = NT_STATUS.STATUS_END_OF_FILE;
+            ioStatus->Information = new(numReadBytes);
+            return NT_STATUS.STATUS_END_OF_FILE;
         }
-
-        return _readFileHook.OriginalFunction.Value.Invoke(handle, hEvent, apcRoutine, apcContext, ioStatus, buffer,
-            length, byteOffset, key);
     }
 
     [UnmanagedCallersOnly(CallConvs = new[] { typeof(CallConvStdcall) })]
-    private static int NtCreateFileImpl(IntPtr* handle, FileAccess access, OBJECT_ATTRIBUTES* objectAttributes, IO_STATUS_BLOCK* ioStatus, long* allocSize, uint fileAttributes, FileShare share, uint createDisposition, uint createOptions, IntPtr eaBuffer, uint eaLength)
+    private static NT_STATUS NtCreateFileImpl(IntPtr* handle, FileAccess access, OBJECT_ATTRIBUTES* objectAttributes, IO_STATUS_BLOCK* ioStatus, long* allocSize, uint fileAttributes, FileShare share, uint createDisposition, uint createOptions, IntPtr eaBuffer, uint eaLength)
     {
         lock (ThreadLock)
         {

diff --git a/FileEmulationFramework/Utilities/Native.cs b/FileEmulationFramework/Utilities/Native.cs
@@ -16,7 +16,7 @@ public struct CloseHandleFn
     {
         public FuncPtr<
             IntPtr, // handle 
-            int // status
+            NT_STATUS // status
         > Value;
     }
 
@@ -36,7 +36,7 @@ public FuncPtr<
             uint, // createOptions
             IntPtr, // eaBuffer
             uint, // eaLength
-            int // status
+            NT_STATUS // status
         > Value;
     }
 
@@ -54,7 +54,7 @@ public FuncPtr<
             uint, // length
             Ptr<long>, // byteOffset
             IntPtr, // key
-            int // status
+            NT_STATUS // status
         > Value;
     }
 
@@ -68,7 +68,7 @@ public FuncPtr<
             Ptr<byte>,   // fileInformation
             uint, // length
             FileInformationClass, // fileInformationClass
-            int // status
+            NT_STATUS // status
         > Value;
     }
 
@@ -82,7 +82,7 @@ public FuncPtr<
             Ptr<byte>,   // fileInformation
             uint, // length
             FileInformationClass, // fileInformationClass
-            int // status
+            NT_STATUS // status
         > Value;
     }
 
@@ -104,7 +104,7 @@ public FuncPtr<
     [StructLayout(LayoutKind.Sequential)]
     public struct IO_STATUS_BLOCK
     {
-        public UInt32 Status;
+        public NT_STATUS Status;
         public IntPtr Information;
     }
 
@@ -197,4 +197,17 @@ public enum FileInformationClass
         FileMaximumInformation,
 #pragma warning restore CS1591
     }
+
+    /// <summary>
+    /// An enumeration of Status values returned by functions.
+    /// There are a lot so only including ones that we actually need to use.
+    /// </summary>
+    public enum NT_STATUS : uint
+    {
+        #pragma warning disable CS1591
+        STATUS_SUCCESS = 0,
+        STATUS_END_OF_FILE = 0xC0000011,
+#pragma warning restore CS1591
+    }
+
 }