Buffer mode read

// Driver Layer Code

#ifdef __cplusplusextern "C" {#endifNTSTATUS DriverEntry(    IN OUT PDRIVER_OBJECT   DriverObject,    IN PUNICODE_STRING      RegistryPath    ){    PDEVICE_OBJECT pdoDeviceObj = 0;    NTSTATUS status = STATUS_UNSUCCESSFUL;    pdoGlobalDrvObj = DriverObject;    // Create the device object.    if(!NT_SUCCESS(status = IoCreateDevice(        DriverObject,        0,        &usDeviceName,        FILE_DEVICE_UNKNOWN,        FILE_DEVICE_SECURE_OPEN,        FALSE,        &pdoDeviceObj        )))    {        // Bail out (implicitly forces the driver to unload).        return status;    };    // Now create the respective symbolic link object    if(!NT_SUCCESS(status = IoCreateSymbolicLink(        &usSymlinkName,        &usDeviceName        )))    {        IoDeleteDevice(pdoDeviceObj);        return status;    }pdoDeviceObj->Flags=DO_BUFFERED_IO;    // NOTE: You need not provide your own implementation for any major function that    //       you do not want to handle. I have seen code using DDKWizard that left the    //       *empty* dispatch routines intact. This is not necessary at all!    DriverObject->MajorFunction[IRP_MJ_CREATE] =IRPTEST_Dispatch;DriverObject->MajorFunction[IRP_MJ_READ]=IRPTEST_DISPATCH_READ;DriverObject->MajorFunction[IRP_MJ_WRITE]=IRPTEST_Dispatch;DriverObject->MajorFunction[IRP_MJ_CLEANUP]=IRPTEST_Dispatch;DriverObject->MajorFunction[IRP_MJ_SET_INFORMATION]=IRPTEST_Dispatch;DriverObject->MajorFunction[IRP_MJ_SHUTDOWN]=IRPTEST_Dispatch;DriverObject->MajorFunction[IRP_MJ_SYSTEM_CONTROL]=IRPTEST_Dispatch;DriverObject->MajorFunction[IRP_MJ_CLOSE] = IRPTEST_Dispatch;    DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = IRPTEST_DispatchDeviceControl;    DriverObject->DriverUnload = IRPTEST_DriverUnload;    return STATUS_SUCCESS;}#ifdef __cplusplus}; // extern "C"#endif
Ntstatus irptest_dispatch_read (pdevice_object pdeviceobject, pirp) {// ensure that the flags subdomain of the device has the do_buffer_io mode kdprint ("driver_read \ r \ n ")); __try {pio_stack_location piostack = iogetcurrentirpstacklocation (pirp); ulong ulreadlen = piostack-> parameters. read. length; // number of bytes to be read in readfile if (irp_mj_read = piostack-> majorfunction) {rtlfillmemory (pir-> associatedirp. systembuffer, ulreadlen, 0xaa); pir-> iostatus. information = ulreadlen ;}__ handle T (exception_execute_handler) {pir-> iostatus. information = 0; kdprint ("read dispatch routine exception \ r \ n");} pir-> iostatus. status = STATUS_SUCCESS; iocompleterequest (pirp, io_no_increment); kdprint ("driver_read_end \ r \ n"); return STATUS_SUCCESS ;}
// Application Layer call
Int _ tmain (INT argc, _ tchar * argv []) {handle hdev = createfile (_ T ("\\\\. \ symlink_irptest "), generic_read | generic_write, 0, null, open_existing, file_attribute_normal, null); If (invalid_handle_value = hdev) {printf ("invalid device handle \ r \ n"); System ("pause"); Return-1;} uchar Buf [max_path] = {0 }; DWORD dwreaded = 0; If (readfile (hdev, Buf, 20, & dwreaded, null) {for (INT I = 0; I <dwreaded; I ++) {printf ("% 08x \ r \ n", Buf [I]) ;}} elseprintf ("data read failed \ r \ n"); closehandle (hdev ); system ("pause"); Return 0 ;}