//---------------------------------------------------------------------------- // Save data to file int CSTATEngine::SaveTheFile(CString path, const char *pContents, const unsigned long ulLength) { int ret = E_BADFILENAME; EnterCriticalSection(&CriticalSection); // ensure the path exists CreateAllDirectories(path); DeleteFile(path); CFile script_file; if (script_file.Open(path, CFile::modeCreate | CFile::modeWrite | CFile::shareDenyWrite)) { try { // might be a zero-length file if (pContents && ulLength) script_file.Write(pContents, ulLength); ret = ITS_OK; } catch(CFileException *e) { e->Delete(); ret = GENERAL_FAILURE; } script_file.Abort(); } LeaveCriticalSection(&CriticalSection); return ret; }
//---------------------------------------------------------------------------- // Execute a script file int CSTATEngine::RunScript(ScriptProgressMonitor *const monitor) { int ret = ITS_OK; iCurrentCommand = 0; eStopProcessing = STAT_RUN; iDeviceCode = 0; // anything smaller can cause problems and doesn't make sense anyway! if (iMaxTimeLimit < 1000) iMaxTimeLimit = 1000; // pointers to our command structures CSTATScriptCommand *pSendCommand; CSTATScriptCommand *pRecvCommand; char lastCommand = NULL; receivedData.Empty( ); // get a command from the script while (pDecoder->GetNextCommand(&pSendCommand) && ret == ITS_OK) { iCurrentCommand++; if (StopProcessing()) { pComms->Send(STAT_RESYNCID); ret = E_USERCANCEL; break; } if (lastCommand == STAT_REBOOT) { ret = ITS_OK; break; } switch(pSendCommand->cCommandID) { case 'P': Message(pSendCommand->Command()); Sleep(atol(pSendCommand->Command())); break; case '/': Message(pSendCommand->Command()); break; case '#': { Message(pSendCommand->Command()); cScreenshotDirectory = pSendCommand->Command(); if(cScreenshotDirectory.Right(1) != _T("\\")) cScreenshotDirectory += _T("\\"); CreateAllDirectories(cScreenshotDirectory); } break; default: { // send the command and retrieve a response int iResyncErrors = 0; while ((ret = SendCommand(pSendCommand, &pRecvCommand)) == E_RESYNCCOMMAND) { Sleep(STAT_RETRYDELAY); iResyncErrors++; if (iResyncErrors > STAT_MAXERRORS) { Message("Too many resync errors - stopping"); ret = E_COMMANDFAILED; break; } } if (ret == ITS_OK) { // perform special operations for these commands switch(pSendCommand->cCommandID) { case 'D': StoreData(pRecvCommand->Command(), pRecvCommand->Length(), pDeviceInfo); AppendCommandToSTATLog("*** DEVICE INFORMATION ***", pRecvCommand->Command(), pRecvCommand->Length()); break; case 'S': { // convert and save the data returned in the response CString image = pSendCommand->Command(); ret = ConvertAndSaveScreeenshot(image, pRecvCommand->Command(), pRecvCommand->Length()); // imave verification if (ret == ITS_OK) { if (pImageVerify->IsActive() && pConverter->bWriteToFile) { ret = pImageVerify->VerifyImage(image); if (ret == VERIFICATION_PASS) ret = ITS_OK; } } break; } case 'T': { if(dataSocket==NULL) { // filename has been sent, now send the file itself CSTATScriptCommand oSendCommand; oSendCommand.cCommandID = pRecvCommand->cCommandID; // read and send the file contents if ((ret = ReadTransferFile(pSendCommand->Command(), &oSendCommand)) == ITS_OK) { int iResyncErrors = 0; while ((ret = SendCommand(&oSendCommand, &pRecvCommand)) == E_RESYNCCOMMAND) { Sleep(STAT_RETRYDELAY); iResyncErrors++; if (iResyncErrors > STAT_MAXERRORS) { Message("Too many resync errors - stopping"); ret = E_COMMANDFAILED; break; } } } } else { //release the socket ret = ReleaseSocket(); } break; } case 'R': case 'X': { if(dataSocket==NULL) { // save the file contents ret = SaveTransferFile(pSendCommand->Command(), pRecvCommand->Command(), pRecvCommand->Length()); } else { //release the socket ret = ReleaseSocket(); } break; } case 'G': { // upload the device log file and write to STAT log file AppendCommandToSTATLog("*** DEVICE LOG ***", pRecvCommand->Command(), pRecvCommand->Length()); break; } case STAT_REFRESH: case STAT_END: { ret = END_SCRIPT; break; } case 'N': { // Retrieve the TEF shared data StoreData(pRecvCommand->Command(), pRecvCommand->Length(), iTEFSharedData); AppendCommandToSTATLog("*** RETRIEVE TEF SHARED DATA ***", pRecvCommand->Command(), pRecvCommand->Length()); } break; default: { Sleep(iDelay); break; } } } if (ret == ITS_OK) { // Data received from certain of the commands is stored // for retreival later. switch(pSendCommand->cCommandID) { case 'W': case 'V': //execute returns pid case 'J': //poll returns 0 1 case '3': receivedData += oRecvCommand.Command(); break; default: break; } } } break; } lastCommand = pSendCommand->cCommandID; if(monitor) { monitor->OnCompleteCommand( iCurrentCommand ); } } pDecoder->Release(); return ret; }
VOID CopyFileIfBeingDeleted( PFLT_CALLBACK_DATA Data, __in PCFLT_RELATED_OBJECTS FltObjects, PFLT_FILE_NAME_INFORMATION pFileNameInformation ) { NTSTATUS status; BOOLEAN isDirectory; FltIsDirectory(Data->Iopb->TargetFileObject,FltObjects->Instance,&isDirectory); if(isDirectory) { return; } if(Data->Iopb->MajorFunction == IRP_MJ_SET_INFORMATION) { if(Data->Iopb->Parameters.SetFileInformation.FileInformationClass == FileDispositionInformation) { PFILE_DISPOSITION_INFORMATION pFileInfo = (PFILE_DISPOSITION_INFORMATION)Data->Iopb->Parameters.SetFileInformation.InfoBuffer; /* If the file is marked for deletion back it up */ if(pFileInfo->DeleteFile && FltIsOperationSynchronous(Data)) { //pFileEvent->majorFileEventType = 0x99; status = FltParseFileNameInformation(pFileNameInformation); if(NT_SUCCESS(status)) { if(fileManager.bCollectDeletedFiles) { UNICODE_STRING completeFilePath; //UNICODE_STRING logDirectory; UNICODE_STRING fileDirectory; UNICODE_STRING fileDosDrive; //DbgPrint("On Delete: IoStatus - %08x\n", Data->IoStatus.Status); //DbgPrint("On Delete: FinalStatus - %08x\n", Data->Iopb->TargetFileObject->FinalStatus); //RtlUnicodeStringInit(&logDirectory, L"\\??\\I:\\logs\\deleted_files"); /* Get the Dos drive name this file event was initiated on */ GetDosDeviceName(Data->Iopb->TargetFileObject->DeviceObject, &pFileNameInformation->Share, &fileDosDrive); //DbgPrint("DosDrive: %wZ\n", &fileDosDrive); /* Allocate enough room to hold to whole path to the copied file */ /* <CAPTURE LOG DIRECTORY>\<DOS DRIVE>\<FILE DIRECTORY>\<FILE NAME> */ completeFilePath.Length = 0; completeFilePath.MaximumLength = fileManager.logDirectory.MaximumLength + fileDosDrive.MaximumLength + pFileNameInformation->FinalComponent.MaximumLength + pFileNameInformation->ParentDir.MaximumLength + 2; completeFilePath.Buffer = ExAllocatePoolWithTag(NonPagedPool, completeFilePath.MaximumLength, FILE_POOL_TAG); if(completeFilePath.Buffer != NULL) { /* Construct complete file path of where the copy of the deleted file is to be put */ RtlUnicodeStringCat(&completeFilePath, &fileManager.logDirectory); RtlUnicodeStringCat(&completeFilePath, &fileDosDrive); RtlUnicodeStringCat(&completeFilePath, &pFileNameInformation->ParentDir); RtlUnicodeStringCat(&completeFilePath, &pFileNameInformation->FinalComponent); } //DbgPrint("ParentDir: %wZ\n", &pFileNameInformation->ParentDir); //DbgPrint("FinalComponent: %wZ\n", &pFileNameInformation->FinalComponent); //DbgPrint("CompleteFilePath: %wZ\n", &completeFilePath); /* Allocate space for the file directory */ fileDirectory.Length = 0; fileDirectory.MaximumLength = pFileNameInformation->ParentDir.MaximumLength + fileDosDrive.MaximumLength + 2; fileDirectory.Buffer = ExAllocatePoolWithTag(NonPagedPool, fileDirectory.MaximumLength, FILE_POOL_TAG); if(fileDirectory.Buffer != NULL) { /* Append the dos drive name, and then the directory */ RtlUnicodeStringCat(&fileDirectory, &fileDosDrive); RtlUnicodeStringCat(&fileDirectory, &pFileNameInformation->ParentDir); //DbgPrint("FileDirectory: %wZ\n", &fileDirectory); } /* Create all the directories in the fileDirectory string */ CreateAllDirectories(FltObjects->Instance, &fileManager.logDirectory, &fileDirectory); /* Path should exist now so copy the file */ CopyFile(Data, FltObjects, &completeFilePath); /* Free all the UNICODE_STRING we allocated space for */ if(completeFilePath.Buffer != NULL) ExFreePoolWithTag(completeFilePath.Buffer, FILE_POOL_TAG); if(fileDirectory.Buffer != NULL) ExFreePoolWithTag(fileDirectory.Buffer, FILE_POOL_TAG); if(fileDosDrive.Buffer != NULL) ExFreePoolWithTag(fileDosDrive.Buffer, FILE_POOL_TAG); } } else { DbgPrint("CaptureFileMonitor: ERROR - FltParseFileNameInformation - %08x\n", status); } } } } }