S
Striebrovlas
Guest
I have project where I use Change Journals and it is working well under my laptop (windows 7 64bit). Both debug and release mod working well, but when I run released project on windows 10 64bit it give me errors.
Here is code where program throw errors under windows 10
// This is code from my WathFF function
READ_USN_JOURNAL_DATA_V1 ReadData = { 0,
USN_REASON_FILE_CREATE |
USN_REASON_FILE_DELETE |
USN_REASON_DATA_EXTEND |
USN_REASON_BASIC_INFO_CHANGE |
USN_REASON_DATA_OVERWRITE |
USN_REASON_RENAME_NEW_NAME |
USN_REASON_RENAME_OLD_NAME
, FALSE, 0, 0 };
PUSN_RECORD_V2 UsnRecord;
DWORD dwBytes;
DWORD dwRetBytes;
CHAR Buffer[BUF_LEN];
ReadData.UsnJournalID = jID;
ReadData.StartUsn = usn;
std::wstring comparePath;
for (int i = 0; i < 3; i++)
{
memset(Buffer, 0, BUF_LEN);
if (
!DeviceIoControl(
Volume
, FSCTL_READ_USN_JOURNAL
, &ReadData
, sizeof(READ_USN_JOURNAL_DATA_V1)//sizeof(ReadData)
, &Buffer
, BUF_LEN
, &dwBytes
, NULL
)
)
{
if (GetLastError() != (DWORD)1181)
{
wprintf(L"[ WatchFF ] Read journal failed (%d)\n", GetLastError());
// this throw error 87 ERROR_INVALID_PARAMETER (The parameter is incorrect.)
}
return;
}
void NTFS_WatchFiles::GetUSN(std::wstring path, USN & usn)
{
HANDLE ff;
DWORD mcl; // MaximumComponentLenght
DWORD oBytes;
PUSN_RECORD_V2 pusn_record;
std::wstring ppatch = path.substr(0, 3); // L"\\\\.\\" + path;
if ((ff = CreateFile(
path.c_str()
, NULL//GENERIC_READ
, FILE_SHARE_READ | FILE_SHARE_WRITE
, NULL
, OPEN_EXISTING
, FILE_FLAG_BACKUP_SEMANTICS
, NULL
)) == INVALID_HANDLE_VALUE)
{
std::wcout << "--\n";
std::wcout << L"[ GetUSN ] CreateFile failed "
<< std::to_wstring(GetLastError()) << L"\n";
std::wcout << "--\n";
return;
}
if (!GetVolumeInformation(ppatch.c_str(), NULL, NULL, NULL, &mcl, NULL, NULL, NULL))
{
std::wcout << "--\n";
std::wcout << L"[ GetUSN ] GetVolumeInformation failed "
<< std::to_wstring(GetLastError()) << L"\n";
std::wcout << "--\n";
return;
}
DWORD buffer_size = sizeof(USN_RECORD_V2) + mcl;
pusn_record = (PUSN_RECORD_V2)_aligned_malloc(buffer_size, 128);
if (!DeviceIoControl(
ff // handle to device
, FSCTL_READ_FILE_USN_DATA // dwIoControlCode
, NULL // input buffer
, 2048 // size of input buffer
, pusn_record // output buffer
, buffer_size // size of output buffer
, &oBytes // number of bytes returned
, NULL // OVERLAPPED structure
))
{
std::wcout << "--\n";
std::wcout << L"[ GetUSN ] FSCTL_READ_FILE_USN_DATA failed "
<< std::to_wstring(GetLastError()) << L"\n";
std::wcout << "--\n";
// this throw error 1784 ERROR_INVALID_USER_BUFFER (The supplied user buffer is not valid for the requested operation.)
return;
}
As you can see, it throw for each file two errors:
for WatchFF function : 87 ERROR_INVALID_PARAMETER (The parameter is incorrect.)
for GetUSN function : 1784 ERROR_INVALID_USER_BUFFER (The supplied user buffer is not valid for the requested operation.)
this functions work without any error on windows 7 64bit, but not on windows 10 64 bit.
Why it is not working, and how to make it work?
Continue reading...
Here is code where program throw errors under windows 10
// This is code from my WathFF function
READ_USN_JOURNAL_DATA_V1 ReadData = { 0,
USN_REASON_FILE_CREATE |
USN_REASON_FILE_DELETE |
USN_REASON_DATA_EXTEND |
USN_REASON_BASIC_INFO_CHANGE |
USN_REASON_DATA_OVERWRITE |
USN_REASON_RENAME_NEW_NAME |
USN_REASON_RENAME_OLD_NAME
, FALSE, 0, 0 };
PUSN_RECORD_V2 UsnRecord;
DWORD dwBytes;
DWORD dwRetBytes;
CHAR Buffer[BUF_LEN];
ReadData.UsnJournalID = jID;
ReadData.StartUsn = usn;
std::wstring comparePath;
for (int i = 0; i < 3; i++)
{
memset(Buffer, 0, BUF_LEN);
if (
!DeviceIoControl(
Volume
, FSCTL_READ_USN_JOURNAL
, &ReadData
, sizeof(READ_USN_JOURNAL_DATA_V1)//sizeof(ReadData)
, &Buffer
, BUF_LEN
, &dwBytes
, NULL
)
)
{
if (GetLastError() != (DWORD)1181)
{
wprintf(L"[ WatchFF ] Read journal failed (%d)\n", GetLastError());
// this throw error 87 ERROR_INVALID_PARAMETER (The parameter is incorrect.)
}
return;
}
void NTFS_WatchFiles::GetUSN(std::wstring path, USN & usn)
{
HANDLE ff;
DWORD mcl; // MaximumComponentLenght
DWORD oBytes;
PUSN_RECORD_V2 pusn_record;
std::wstring ppatch = path.substr(0, 3); // L"\\\\.\\" + path;
if ((ff = CreateFile(
path.c_str()
, NULL//GENERIC_READ
, FILE_SHARE_READ | FILE_SHARE_WRITE
, NULL
, OPEN_EXISTING
, FILE_FLAG_BACKUP_SEMANTICS
, NULL
)) == INVALID_HANDLE_VALUE)
{
std::wcout << "--\n";
std::wcout << L"[ GetUSN ] CreateFile failed "
<< std::to_wstring(GetLastError()) << L"\n";
std::wcout << "--\n";
return;
}
if (!GetVolumeInformation(ppatch.c_str(), NULL, NULL, NULL, &mcl, NULL, NULL, NULL))
{
std::wcout << "--\n";
std::wcout << L"[ GetUSN ] GetVolumeInformation failed "
<< std::to_wstring(GetLastError()) << L"\n";
std::wcout << "--\n";
return;
}
DWORD buffer_size = sizeof(USN_RECORD_V2) + mcl;
pusn_record = (PUSN_RECORD_V2)_aligned_malloc(buffer_size, 128);
if (!DeviceIoControl(
ff // handle to device
, FSCTL_READ_FILE_USN_DATA // dwIoControlCode
, NULL // input buffer
, 2048 // size of input buffer
, pusn_record // output buffer
, buffer_size // size of output buffer
, &oBytes // number of bytes returned
, NULL // OVERLAPPED structure
))
{
std::wcout << "--\n";
std::wcout << L"[ GetUSN ] FSCTL_READ_FILE_USN_DATA failed "
<< std::to_wstring(GetLastError()) << L"\n";
std::wcout << "--\n";
// this throw error 1784 ERROR_INVALID_USER_BUFFER (The supplied user buffer is not valid for the requested operation.)
return;
}
As you can see, it throw for each file two errors:
for WatchFF function : 87 ERROR_INVALID_PARAMETER (The parameter is incorrect.)
for GetUSN function : 1784 ERROR_INVALID_USER_BUFFER (The supplied user buffer is not valid for the requested operation.)
this functions work without any error on windows 7 64bit, but not on windows 10 64 bit.
Why it is not working, and how to make it work?
Continue reading...