TechQA.

Open Alternate Data Stream (ADS) from file handle or file ID

1.4k views Asked by At

I would like to open an alternate data stream of a file using an existing handle to the file, or using the file id. The only way I found is by the full name (file name + ADS name). I am afraid of the file being renamed during the operation.

Is there a way to do that?

windows ntfs alternate-data-stream
Original Q&A
1

There are 1 answers

6
RbMm On BEST ANSWER

this is very easy do with NtOpenFile or NtCreateFile

for example for open existing ADS on hFile

NTSTATUS OpenADS(PHANDLE FileHandle, ACCESS_MASK DesiredAccess, HANDLE hFile, PCWSTR Name)
{
    IO_STATUS_BLOCK iosb;
    UNICODE_STRING ObjectName;
    RtlInitUnicodeString(&ObjectName, Name);
    OBJECT_ATTRIBUTES oa = { sizeof(oa), hFile, &ObjectName };
    return NtOpenFile(FileHandle, DesiredAccess, &oa, &iosb, FILE_SHARE_VALID_FLAGS, FILE_SYNCHRONOUS_IO_NONALERT);
}

where Name something like L":test_stream" (begin with :)

Related Questions in WINDOWS

Related Questions in NTFS

Related Questions in ALTERNATE-DATA-STREAM

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions