flat assembler
Message board for the users of flat assembler.

Home Search Register
Log in to check your private messages Log in

Index > Windows > 2 disk-related questions
Author
Thread Post new topic Reply to topic
ManOfSteel



Joined: 02 Feb 2005
Posts: 1154
ManOfSteel
Hello,

1. I'd like to know if there's a way to write data to the disk directly (without caching/buffering) once the WriteFile API has been used. Does the FlushFileBuffers API or the FILE_FLAG_NO_BUFFERING flag within the CreateFile API do the job? Which one is better (N.B. the "file access" limits of FILE_FLAG_NO_BUFFERING are not a problem)?

2. I want to check how a particular file was written to the disk. So I need to find out which LBA blocks are allocated to that file so I can check them with a disk editor. Do you know of any utility that could do that? I tried searching the entire disk with the disk editor but it's very time-consuming. The file is on an NTFS partition if that matters.

Any help is appreciated.

TIA.
Post 28 May 2008, 09:13
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17278
Location: In your JS exploiting you and your system
revolution
A1: I would imagine the flags do as they suggest. I see no reason to doubt it. But you can open the physical disk directly in Windows using \\.\PhysicalDriveN (N=0, 1, 2, etc.) and a logical drive using \\.\X: (X=A, B, C etc.).

A2: AFAIK you need to get a program that understands the NTFS format, then you can simply search the directory structures and pinpoint your file location. But remember that NTFS has a habit of storing some smaller files directly in the directory entry, something to keep in mind if you write your own locator app. And don't forget about the meta data also (if you need it).
Post 28 May 2008, 09:24
View user's profile Send private message Visit poster's website Reply with quote
ManOfSteel



Joined: 02 Feb 2005
Posts: 1154
ManOfSteel
Thanks for the fast reply.

1. Would I still have to FlushFileBuffers after using CreateFile with the FILE_FLAG_NO_BUFFERING flag or is it redundant since in theory no buffering or caching was done?

2. I'm not writing a disk editor and I don't need to know the physical location of the file within my code.
I just hoped there would be such a utility so I could easily check the job done by my code. Do you know of any editor that understands NTFS structure?
Post 28 May 2008, 21:08
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17278
Location: In your JS exploiting you and your system
revolution
A1: I see no reason for the theory to be wrong.

A2: I know of none, except maybe your brain and a low-level sector viewer. Wink
Post 29 May 2008, 01:26
View user's profile Send private message Visit poster's website Reply with quote
sinsi



Joined: 10 Aug 2007
Posts: 693
Location: Adelaide
sinsi
Using DeviceIoControl with FSCTL_GET_RETRIEVAL_POINTERS will give you a map of clusters used by a file, but then you need to map clusters->sectors.
Post 29 May 2008, 01:47
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Main index Download Documentation Examples Message board

Copyright © 1999-2020, Tomasz Grysztar.

Powered by rwasa.