0

I am working with pretty old code that taps directly into NT API (NtQueryDirectoryFile(..., FileBothDirectoryInformation), etc).

Methods that allow user-mode application to call these functions are well-known. In my case someone (ages ago) copy-pasted related DDK declarations (structs and functions) into separate header file and manually generated ntdll.lib to link against.

This works, but:

  • having to do this manual work for every new function is not ideal
  • there is potential of introducing a subtle bug (e.g. forgetting to enforce correct data alignment)
  • (pretty large) ntdll.lib ends up being stored with source code

I wonder if there is better way to do it with newer SDK/DDK?

Notes:

  • environment: VS2019 with 10.0.18362.0 Windows SDK
  • I know about winternl.h -- alas, it doesn't contain all functions I need
C.M.
  • 3,071
  • 1
  • 14
  • 33
  • 1
    *ntdll.lib* and *ntdllp.lib* (here exist also static linked c-runtime) was inside any WDK. not need build *ntdll.lib* yourself. here no any problems. include *ntifs.h* with *windows.h* is more problematic, but also possible. key - include *ntifs.h* inside namespace. this not resolve all errors (especially with `/permissive-` compiler options - some definitions conflict. but anyway possible resolve and this – RbMm Nov 30 '21 at 23:26
  • @RbMm I got sidetracked with another project. Thank you for advice! I'll try to follow it when I have some time and if it works -- post is as an answer. – C.M. Dec 14 '21 at 03:34
  • If you only need `NtQueryDirectoryFile`, you can have it by `GetFileInformationByHandleEx`, which takes `FileIdBothDirectoryInfo`. Some other APIs that were previously only available using NT API are now available with the usual API. Check out other `GetFileInformationByHandleEx` params and `SetFileInformationByHandle` params. – Alex Guteniev Jan 02 '22 at 17:44

0 Answers0