I'm just a beginner and I have a need to parse a NTFS partition for the purpose of extracting Security Descriptors. (I been trying to use the native functions of the Windows API, but my conclusion is that something is seriously wrong with the functions' behavior, or their documentation.)
I was wondering if anybody here experienced with such requirement, and could give me few hints, references, guidance... where to begin?
(I've found www.ntfs.com, seems to have NTFS structure information, but I'm afraid I'll need something more to get started...)
My intention is to use it under Windows XP.
Here's some pretty low-level documentation:
http://sourceforge.net/projects/linux-ntfs/files/NTFS%20Documentation/
Also, have you looked at Microsoft's technical reference for NTFS?:
http://technet.microsoft.com/en-us/library/cc758691(WS.10).aspx
Otherway to start with linux based open source NTFS projects like linux-ntfs or captive or NTFS-3G . That will give you some idea about NTFS read/write operations
Related
I would like to write some basic disk scanner utility. Basically I would like to be able to read raw bytes of a certain file(s) as written to the disk in the way system's disk utilities (like error checking and defragmentation in windows) do it. I would like to do it in C.
What should be my first steps? Obviously fopen is not enough.
Any guidance would be much appreciated (I don't ask for a solution, just a bit of theory and push in a right direction as I don't even know where to start from...).
The following resources might be of use:
http://support.microsoft.com/kb/100027
http://www.codeproject.com/KB/system/rawsectorio.aspx
You are venturing into the land of the driver here. Most of the file access APIs still hold you at a level higher than the disk itself. You could be talking to a file system on a CD, a RAMDisk, a SAN or HDD and you shouldn't care.
If you need to hit the disk directly then the Volume Managment API should help you out on Windows:
Volume Management API
fopen and fread will work. If you want to use an unbuffered interface, use open and read instead. Open and read are part of the POSIX standard, so they work in Windows too, although you may want to find manual pages for windows to be sure to catch any subtle differences in behaviour.
Can anybody point me to a simple (can't stress this enough) implementation of an in memory file system? If I can create a file and do a simple cat file.txt it's more than enough.
I would like to use it as part of my toy OS.
The OSDev wiki site might help you. You can also ask your questions there and if you look at wiki and their forum you will pretty likely get your answer.
In my opinion, in-memory file systems should be as basic as possible. Here is a virtual file system implemented in user-mode from Windows, but its design principals can be used in your own OS. http://www.flipcode.com/archives/Programming_a_Virtual_File_System-Part_I.shtml . Even this might be too much for your basic OS. I say just wing it and create a linked list of file descriptors that include only file attributes, file name, and file path with each file.
This belongs on Super User IMHO, but anyway, you might want to look at ImDisk. It should be more than enough for just creating a RAM disk.
Wait, I misread... this is for your "toy OS"? Your toy OS supports file systems? You're going to have to implement it yourself, since there's no way something preexisting will work with your home-made OS.
I work on linux. I donot have much idea in windows. How the permissions of files are organized in windows? Do we have any api like chmod in unix to change the permissions?
for windows there is a tool called cacls, but it behaves differently than chmod, so you would better to read docs: http://technet.microsoft.com/en-us/library/bb490872.aspx
The Win32 API has a function named SetFileAttributes for managing file attributes, among them permissions.
Here's an example from MSDN.
The security model in Windows NT-based systems is very different from the Unix one that the overwhelming majority of Linux systems use. They work from ACLs (Access Control Lists) and can get very ornate in terms of who gets what permission where. Further they apply to almost every (perhaps even every?) object in the Win32 API, not just files. (This doesn't apply to the pathological FAT file systems if memory serves.)
I would recommend looking closely at how the Win32 security model works before you start messing with tools like cacls (the closest to chmod you're going to find) because you can hurt your system pretty badly if you mess with permissions without understanding them. It's a whole lot more complex than vanilla Linux.
Is there a standard way of reading a kind of configuration like INI files for Linux using C?
I am working on a Linux based handheld and writing code in C.
Otherwise, I shall like to know about any alternatives.
Final update:
I have explored and even used LibConfig. But the footprint is high and my usage is too simple. So, to reduce the footprint, I have rolled out my own implementation. The implementation is not too generic, in fact quite coupled as of now. The configuration file is parsed once at the time of starting the application and set to some global variables.
Try libconfig:
a simple library for processing structured configuration files, like this one: test.cfg. This file format is more compact and more readable than XML. And unlike XML, it is type-aware, so it is not necessary to do string parsing in application code.
Libconfig is very compact — a fraction of the size of the expat XML parser library. This makes it well-suited for memory-constrained systems like handheld devices.
The library includes bindings for both the C and C++ languages. It works on POSIX-compliant UNIX and UNIX-like systems (GNU/Linux, Mac OS X, Solaris, FreeBSD), Android, and Windows (2000, XP and later)...
No, there isn't one standard way. I'm sorry, but that is probably the most precise answer :)
You could look at this list of Linux configuration file libraries, though. That might be helpful.
Here are four options:
Iniparser
libini
sdl-cfg
RWini
If you can use the (excellent, in any C-based application) glib, it has a key-value file parser that is suitable for .ini-style files. Of course, you'd also get access to the various (very nice) data structures in glib, "for free".
There is an updated fork of iniparser at ccan, the original author has not been able to give it much attention over the years. Disclaimer - I maintain it.
Additionally, iniparser contains a dictionary that is very useful on its own.
If you need a fast and small code just for reading config files I suggest the inih
It loads the config file content just once, parse the content and calls a callback function for each key/value pair.
Really small. It can be used on embedded systems too.
I hate to suggest something entirely different in suggesting XML, but libexpat is pretty minimal, but does XML.
I came to this conclusion as I had the same question as you did, but then I realized the project already had libexpat linked-in--and I should probably just use that.
I'm looking for a tool that, given a bit of C, will tell you what symbols (types, precompiler definitions, functions, etc) are used from a given header file. I'm doing a port of a large driver from Solaris to Windows and figuring out where things are coming from is getting to be difficult, so this would be a huge help. Any ideas?
Edit: Not an absolute requirement, but tools that work on Windows would be a plus.
Edit #2: To clarify what I'm trying to do, I have a codebase I'm trying to port, which brings in a large number of headers. What I'd like is a tool that, given foo.c, will tell me which symbols it uses from bar.h.
I like KScope, which copes with very large projects.
KScope http://img110.imageshack.us/img110/4605/99101zd3.png
I use on both Linux and Windows :
gvim + ctags + cscope.
Same environment will work on solaris as well, but this is of course force you to use vim as editor, i pretty sure that emacs can work with both ctags and cscope as well.
You might want give a try to vim, it's a bit hard at first, but soon you can't work another way. The most efficient editor (IMHO).
Comment replay:
Look into the cscope man:
...
Find functions called by this function:
Find functions calling this function:
...
I think it's exactly what are you looking for ... Please clarify if not.
Comment replay 2:
ok, now i understand you. The tools i suggested can help you understand code flow, and find there certain symbol is defined, but not what are you looking for.
Not what you asking for but since we are talking i have some experience with porting and drivers (feel free to ignore)
It seems like compiler is good enough for your task. You just starting with original file and let compiler find what missing part, it will be a lot of empty stubs and you will get you code compiled.
At least for beginning i suggest you to create a lot of stubs and modifying original code as less as possible, later on once you get it working you can optimize.
It's might be more complex depending on the type of driver your are porting (I'm assuming kernel driver), the Windows and Solaris subsystems are not so alike. We do have a driver working on both solaris and windows, but it was designed to be multi platform from the beginning.
emacs and etags.
And I leverage make to run the tag indexing for me---that way I can index a large project with one command. I've been thinking about building a master index and separate module indecies, but haven't gotten around to implementing this yet...
#Ilya: Would pistols at dawn be acceptable?
Try doxygen, it can produce graphs and/or HTML and highly customizable