Mtm 3.14
Reputation: 29
Has been a file handle opened with FILE_FLAG_SEQUENTIAL_SCAN flag?
There are multiple flags and attributes (dwFlagsAndAttributes) that can be used while a file is opened with CreateFile() call. One of such flags is FILE_FLAG_SEQUENTIAL_SCAN. I am wondering, is it possible to somehow detect/guess whether a file handle has been created using this flag if the only thing you have is the handle itself and no information about its CreateFile parameters is available?
Upvotes: 1
Views: 361
Answers (1)
IInspectable
Reputation: 51489
You can call NtQueryInformationFile (or ZwQueryInformationFile from kernel mode) to retrieve a FILE_OBJECT structure. Its Flags member provides the information you are looking for.
Upvotes: 3
Related Questions
- extract file HANDLE from Windows file descriptor or from FILE*
- Is WriteFile/ReadFile on Same Handle Thread-Safe Opened Without FILE_FLAG_OVERLAPPED but using OVERLAPPED structure?
- C# FileSystemWatcher process already in use
- Under which circumstances does the System process (PID 4) retain an open file handle?
- being used by another process (after a file.openread(), but then .Close())
- How do I CloseHandle a handle that was converted to a FILE*?
- What type of file deletes itself as soon as the handle is closed?
- Is there a way to check if a (file) handle is valid?
- detect file handle conflict in windows
- Can "\Device\NamedPipe\\Win32Pipes" handles cause "Too many open files" error?