本文整理汇总了C++中ProbeForWrite函数的典型用法代码示例。如果您正苦于以下问题:C++ ProbeForWrite函数的具体用法?C++ ProbeForWrite怎么用?C++ ProbeForWrite使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了ProbeForWrite函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。
示例1: NtUserGetKeyboardLayoutName
/*
* NtUserGetKeyboardLayoutName
*
* Returns KLID of current thread keyboard layout
*/
BOOL
APIENTRY
NtUserGetKeyboardLayoutName(
LPWSTR pwszName)
{
BOOL bRet = FALSE;
PKL pKl;
PTHREADINFO pti;
UserEnterShared();
pti = PsGetCurrentThreadWin32Thread();
pKl = pti->KeyboardLayout;
if (!pKl)
goto cleanup;
_SEH2_TRY
{
ProbeForWrite(pwszName, KL_NAMELENGTH*sizeof(WCHAR), 1);
wcscpy(pwszName, pKl->spkf->awchKF);
bRet = TRUE;
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
SetLastNtError(_SEH2_GetExceptionCode());
}
_SEH2_END;
cleanup:
UserLeave();
return bRet;
}
开发者ID:RPG-7,项目名称:reactos,代码行数:38,代码来源:kbdlayout.c
示例2: KpiOpenProcess
/**
* Opens a process.
*
* \param ProcessHandle A variable which receives the process handle.
* \param DesiredAccess The desired access to the process.
* \param ClientId The identifier of a process or thread. If \a UniqueThread
* is present, the process of the identified thread will be opened. If
* \a UniqueProcess is present, the identified process will be opened.
* \param AccessMode The mode in which to perform access checks.
*/
NTSTATUS KpiOpenProcess(
__out PHANDLE ProcessHandle,
__in ACCESS_MASK DesiredAccess,
__in PCLIENT_ID ClientId,
__in KPROCESSOR_MODE AccessMode
)
{
NTSTATUS status;
CLIENT_ID clientId;
PEPROCESS process;
PETHREAD thread;
HANDLE processHandle;
PAGED_CODE();
if (AccessMode != KernelMode)
{
__try
{
ProbeForWrite(ProcessHandle, sizeof(HANDLE), sizeof(HANDLE));
ProbeForRead(ClientId, sizeof(CLIENT_ID), sizeof(ULONG));
clientId = *ClientId;
}
__except (EXCEPTION_EXECUTE_HANDLER)
{
return GetExceptionCode();
}
}
开发者ID:john-peterson,项目名称:processhacker,代码行数:38,代码来源:process.c
示例3: BDKitTerminateProcessByClearMemroy
NTSTATUS BDKitTerminateProcessByClearMemroy(__in PEPROCESS EProcess)
{
NTSTATUS nsStatus = STATUS_UNSUCCESSFUL;
ULONG_PTR MemIndex = 0;
KAPC_STATE kApcState = {0x00};
do
{
_KeStackAttachProcess ((PKPROCESS)EProcess, &kApcState);
{
for ( MemIndex = LOWEST_USER_MEM_ADDRESS;
MemIndex < HIGHEST_USER_MEM_ADDRESS - 1;
MemIndex += PAGE_SIZE
)
{
__try
{
ProbeForWrite ((PVOID)MemIndex, PAGE_SIZE, 4L);
RtlFillMemory ((PVOID)MemIndex, PAGE_SIZE, 0x00);
}
__except(EXCEPTION_EXECUTE_HANDLER)
{
break;
}
}
}
_KeUnstackDetachProcess ((PKPROCESS)EProcess, &kApcState);
nsStatus = STATUS_SUCCESS;
} while (FALSE);
return nsStatus;
}
开发者ID:ohio813,项目名称:BDArkit,代码行数:33,代码来源:BDKitKillProcess.c
示例4: NtGdiSetBrushOrg
BOOL
APIENTRY
NtGdiSetBrushOrg(
_In_ HDC hdc,
_In_ INT x,
_In_ INT y,
_Out_opt_ LPPOINT pptOut)
{
PDC pdc;
/* Lock the DC */
pdc = DC_LockDc(hdc);
if (pdc == NULL)
{
EngSetLastError(ERROR_INVALID_HANDLE);
return FALSE;
}
/* Check if the old origin was requested */
if (pptOut != NULL)
{
/* Enter SEH for buffer transfer */
_SEH2_TRY
{
/* Probe and copy the old origin */
ProbeForWrite(pptOut, sizeof(POINT), 1);
*pptOut = pdc->pdcattr->ptlBrushOrigin;
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
DC_UnlockDc(pdc);
_SEH2_YIELD(return FALSE);
}
_SEH2_END;
}
开发者ID:staring,项目名称:RosFE,代码行数:35,代码来源:dcobjs.c
示例5: NtQuerySecurityObject
/*++
* @name NtQuerySecurityObject
* @implemented NT4
*
* The NtQuerySecurityObject routine <FILLMEIN>
*
* @param Handle
* <FILLMEIN>
*
* @param SecurityInformation
* <FILLMEIN>
*
* @param SecurityDescriptor
* <FILLMEIN>
*
* @param Length
* <FILLMEIN>
*
* @param ResultLength
* <FILLMEIN>
*
* @return STATUS_SUCCESS or appropriate error value.
*
* @remarks None.
*
*--*/
NTSTATUS
NTAPI
NtQuerySecurityObject(IN HANDLE Handle,
IN SECURITY_INFORMATION SecurityInformation,
OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
IN ULONG Length,
OUT PULONG ResultLength)
{
KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
PVOID Object;
POBJECT_HEADER Header;
POBJECT_TYPE Type;
ACCESS_MASK DesiredAccess;
NTSTATUS Status;
PAGED_CODE();
/* Check if we came from user mode */
if (PreviousMode != KernelMode)
{
/* Enter SEH */
_SEH2_TRY
{
/* Probe the SD and the length pointer */
ProbeForWrite(SecurityDescriptor, Length, sizeof(ULONG));
ProbeForWriteUlong(ResultLength);
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
/* Return the exception code */
_SEH2_YIELD(return _SEH2_GetExceptionCode());
}
_SEH2_END;
}
开发者ID:HBelusca,项目名称:NasuTek-Odyssey,代码行数:59,代码来源:obsecure.c
示例6: NtGdiGetAppClipBox
INT APIENTRY
NtGdiGetAppClipBox(HDC hDC, PRECTL rc)
{
INT Ret;
NTSTATUS Status = STATUS_SUCCESS;
RECTL Saferect;
Ret = GdiGetClipBox(hDC, &Saferect);
_SEH2_TRY
{
ProbeForWrite(rc,
sizeof(RECT),
1);
*rc = Saferect;
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
Status = _SEH2_GetExceptionCode();
}
_SEH2_END;
if(!NT_SUCCESS(Status))
{
SetLastNtError(Status);
return ERROR;
}
return Ret;
}
开发者ID:HBelusca,项目名称:NasuTek-Odyssey,代码行数:30,代码来源:cliprgn.c
示例7: NtAllocateLocallyUniqueId
/*
* @implemented
*/
NTSTATUS NTAPI
NtAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
{
LUID NewLuid;
KPROCESSOR_MODE PreviousMode;
NTSTATUS Status;
PAGED_CODE();
PreviousMode = ExGetPreviousMode();
if(PreviousMode != KernelMode)
{
_SEH2_TRY
{
ProbeForWrite(LocallyUniqueId,
sizeof(LUID),
sizeof(ULONG));
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
_SEH2_YIELD(return _SEH2_GetExceptionCode());
}
_SEH2_END;
}
开发者ID:HBelusca,项目名称:NasuTek-Odyssey,代码行数:28,代码来源:uuid.c
示例8: NtGdiGetAppClipBox
INT
APIENTRY
NtGdiGetAppClipBox(
_In_ HDC hdc,
_Out_ LPRECT prc)
{
RECT rect;
INT iComplexity;
/* Call the internal function */
iComplexity = GdiGetClipBox(hdc, &rect);
if (iComplexity != ERROR)
{
_SEH2_TRY
{
ProbeForWrite(prc, sizeof(RECT), 1);
*prc = rect;
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
iComplexity = ERROR;
}
_SEH2_END
}
开发者ID:GYGit,项目名称:reactos,代码行数:25,代码来源:cliprgn.c
示例9: NtUserCreateLocalMemHandle
NTSTATUS APIENTRY
NtUserCreateLocalMemHandle(
HANDLE hMem,
PVOID pData,
DWORD cbData,
DWORD *pcbData)
{
PCLIPBOARDDATA pMemObj;
NTSTATUS Status = STATUS_SUCCESS;
UserEnterShared();
/* Get Clipboard data object */
pMemObj = (PCLIPBOARDDATA)UserGetObject(gHandleTable, hMem, TYPE_CLIPDATA);
if (!pMemObj)
{
Status = STATUS_INVALID_HANDLE;
goto cleanup;
}
/* Don't overrun */
if (cbData > pMemObj->cbData)
cbData = pMemObj->cbData;
/* Copy data to usermode */
_SEH2_TRY
{
if (pcbData)
{
ProbeForWrite(pcbData, sizeof(*pcbData), 1);
*pcbData = pMemObj->cbData;
}
ProbeForWrite(pData, cbData, 1);
memcpy(pData, pMemObj->Data, cbData);
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
Status = _SEH2_GetExceptionCode();
}
_SEH2_END;
cleanup:
UserLeave();
return Status;
}
开发者ID:CSRedRat,项目名称:reactos-playground,代码行数:47,代码来源:clipboard.c
示例10: NtUserCopyAcceleratorTable
ULONG
APIENTRY
NtUserCopyAcceleratorTable(
HACCEL hAccel,
LPACCEL Entries,
ULONG EntriesCount)
{
PACCELERATOR_TABLE Accel;
ULONG Ret;
DECLARE_RETURN(int);
TRACE("Enter NtUserCopyAcceleratorTable\n");
UserEnterShared();
Accel = UserGetAccelObject(hAccel);
if (!Accel)
{
RETURN(0);
}
/* If Entries is NULL return table size */
if (!Entries)
{
RETURN(Accel->Count);
}
/* Don't overrun */
if (Accel->Count < EntriesCount)
EntriesCount = Accel->Count;
Ret = 0;
_SEH2_TRY
{
ProbeForWrite(Entries, EntriesCount*sizeof(Entries[0]), 4);
for (Ret = 0; Ret < EntriesCount; Ret++)
{
Entries[Ret].fVirt = Accel->Table[Ret].fVirt;
Entries[Ret].key = Accel->Table[Ret].key;
Entries[Ret].cmd = Accel->Table[Ret].cmd;
}
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
SetLastNtError(_SEH2_GetExceptionCode());
Ret = 0;
}
_SEH2_END;
RETURN(Ret);
CLEANUP:
TRACE("Leave NtUserCopyAcceleratorTable, ret=%i\n", _ret_);
UserLeave();
END_CLEANUP;
}
开发者ID:hackbunny,项目名称:reactos,代码行数:57,代码来源:accelerator.c
示例11: DispatchProcessEnum
//枚举进程
//InputBuffer[0] == 是否显示Deleting进程
//OutputBuffer ObjectIdTable缓冲
NTSTATUS
DispatchProcessEnum(PVOID InputBuffer, ULONG InputLength,
PVOID OutputBuffer, ULONG OutputLength,
PULONG Information)
{
BOOLEAN showDeleting;
NTSTATUS status;
PObjectIdTable objIdTable;
*Information = 0;
//首先验证用户参数
if(InputBuffer == NULL ||
InputLength != sizeof(BOOLEAN) ||
OutputBuffer == NULL ||
OutputLength != sizeof(ObjectIdTable))
{
KdPrint(("DispatchProcessEnum Param mismatch: InputLength == %lu(should be %lu), OutputLength == %lu(should be %lu)",
InputLength, sizeof(BOOLEAN), OutputLength, sizeof(ObjectIdTable)));
return STATUS_INVALID_PARAMETER;
}
status = STATUS_SUCCESS;
try{
ProbeForRead(InputBuffer, InputLength, 1);
showDeleting = *(BOOLEAN*)InputBuffer;
}except(EXCEPTION_CONTINUE_EXECUTION){
KdPrint(("DispatchProcessEnum ACCESS_VIOLATION read.\n"));
status = STATUS_ACCESS_VIOLATION;
}
if(!NT_SUCCESS(status))
return status;
//枚举进程信息
objIdTable = ProcessEnum(showDeleting);
if(!objIdTable)
{
status = STATUS_UNSUCCESSFUL;
return status;
}
//拷贝到用户控件
try{
ProbeForWrite(OutputBuffer, OutputLength, 1);
RtlCopyMemory(OutputBuffer, objIdTable, OutputLength);
status = STATUS_SUCCESS;
}except(EXCEPTION_CONTINUE_EXECUTION){
KdPrint(("DispatchProcessEnum ACCESS_VIOLATION write.\n"));
status = STATUS_ACCESS_VIOLATION;
}
ExFreePool(objIdTable);
if(NT_SUCCESS(status))
*Information = OutputLength;
return status;
}
开发者ID:yax571,项目名称:cr-ark,代码行数:59,代码来源:Dispatch.c
示例12: NtQueryInformationPort
NTSTATUS
NTAPI
NtQueryInformationPort(
IN HANDLE PortHandle OPTIONAL,
IN PORT_INFORMATION_CLASS PortInformationClass,
OUT PVOID PortInformation,
IN ULONG Length,
OUT PULONG ReturnLength OPTIONAL
)
{
KPROCESSOR_MODE PreviousMode;
NTSTATUS Status;
PLPCP_PORT_OBJECT PortObject;
PAGED_CODE();
//
// Get previous processor mode and probe output argument if necessary.
//
PreviousMode = KeGetPreviousMode();
if (PreviousMode != KernelMode) {
try {
ProbeForWrite( PortInformation,
Length,
sizeof( ULONG )
);
if (ARGUMENT_PRESENT( ReturnLength )) {
ProbeForWriteUlong( ReturnLength );
}
}
except( EXCEPTION_EXECUTE_HANDLER ) {
return( GetExceptionCode() );
}
}
if (ARGUMENT_PRESENT( PortHandle )) {
Status = ObReferenceObjectByHandle( PortHandle,
GENERIC_READ,
LpcPortObjectType,
PreviousMode,
&PortObject,
NULL
);
if (!NT_SUCCESS( Status )) {
return( Status );
}
ObDereferenceObject( PortObject );
return STATUS_SUCCESS;
}
else {
return STATUS_INVALID_INFO_CLASS;
}
}
开发者ID:BillTheBest,项目名称:WinNT4,代码行数:56,代码来源:lpcquery.c
示例13: NtRequestWaitReplyPort
/*
* @implemented
*/
NTSTATUS
NTAPI
NtRequestWaitReplyPort(IN HANDLE PortHandle,
IN PPORT_MESSAGE LpcRequest,
IN OUT PPORT_MESSAGE LpcReply)
{
PORT_MESSAGE LocalLpcRequest;
ULONG NumberOfDataEntries;
PLPCP_PORT_OBJECT Port, QueuePort, ReplyPort, ConnectionPort = NULL;
KPROCESSOR_MODE PreviousMode = KeGetPreviousMode();
NTSTATUS Status;
PLPCP_MESSAGE Message;
PETHREAD Thread = PsGetCurrentThread();
BOOLEAN Callback;
PKSEMAPHORE Semaphore;
ULONG MessageType;
PLPCP_DATA_INFO DataInfo;
PAGED_CODE();
LPCTRACE(LPC_SEND_DEBUG,
"Handle: %p. Messages: %p/%p. Type: %lx\n",
PortHandle,
LpcRequest,
LpcReply,
LpcpGetMessageType(LpcRequest));
/* Check if the thread is dying */
if (Thread->LpcExitThreadCalled) return STATUS_THREAD_IS_TERMINATING;
/* Check for user mode access */
if (PreviousMode != KernelMode)
{
_SEH2_TRY
{
/* Probe the full request message and copy the base structure */
ProbeForRead(LpcRequest, sizeof(*LpcRequest), sizeof(ULONG));
ProbeForRead(LpcRequest, LpcRequest->u1.s1.TotalLength, sizeof(ULONG));
LocalLpcRequest = *LpcRequest;
/* Probe the reply message for write */
ProbeForWrite(LpcReply, sizeof(*LpcReply), sizeof(ULONG));
/* Make sure the data entries in the request message are valid */
Status = LpcpVerifyMessageDataInfo(LpcRequest, &NumberOfDataEntries);
if (!NT_SUCCESS(Status))
{
DPRINT1("LpcpVerifyMessageDataInfo failed\n");
return Status;
}
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
DPRINT1("Got exception\n");
return _SEH2_GetExceptionCode();
}
_SEH2_END;
}
开发者ID:Nevermore2015,项目名称:reactos,代码行数:59,代码来源:send.c
示例14: NtGdiGetDeviceGammaRamp
BOOL
APIENTRY
NtGdiGetDeviceGammaRamp(HDC hDC,
LPVOID Ramp)
{
BOOL Ret;
PDC dc;
NTSTATUS Status = STATUS_SUCCESS;
PGAMMARAMP SafeRamp;
if (!Ramp) return FALSE;
dc = DC_LockDc(hDC);
if (!dc)
{
EngSetLastError(ERROR_INVALID_HANDLE);
return FALSE;
}
SafeRamp = ExAllocatePoolWithTag(PagedPool, sizeof(GAMMARAMP), GDITAG_ICM);
if (!SafeRamp)
{
DC_UnlockDc(dc);
EngSetLastError(STATUS_NO_MEMORY);
return FALSE;
}
Ret = IntGetDeviceGammaRamp((HDEV)dc->ppdev, SafeRamp);
if (!Ret) return Ret;
_SEH2_TRY
{
ProbeForWrite( Ramp,
sizeof(PVOID),
1);
RtlCopyMemory( Ramp,
SafeRamp,
sizeof(GAMMARAMP));
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
Status = _SEH2_GetExceptionCode();
}
_SEH2_END;
DC_UnlockDc(dc);
ExFreePoolWithTag(SafeRamp, GDITAG_ICM);
if (!NT_SUCCESS(Status))
{
SetLastNtError(Status);
return FALSE;
}
return Ret;
}
开发者ID:HBelusca,项目名称:NasuTek-Odyssey,代码行数:56,代码来源:icm.c
示例15: NtUserGetKeyboardLayoutList
/*
* NtUserGetKeyboardLayoutList
*
* Returns list of loaded keyboard layouts in system
*/
UINT
APIENTRY
NtUserGetKeyboardLayoutList(
ULONG nBuff,
HKL *pHklBuff)
{
UINT uRet = 0;
PKL pKl;
if (!pHklBuff)
nBuff = 0;
UserEnterShared();
if (!gspklBaseLayout)
{
UserLeave();
return 0;
}
pKl = gspklBaseLayout;
if (nBuff == 0)
{
do
{
uRet++;
pKl = pKl->pklNext;
} while (pKl != gspklBaseLayout);
}
else
{
_SEH2_TRY
{
ProbeForWrite(pHklBuff, nBuff*sizeof(HKL), 4);
while (uRet < nBuff)
{
pHklBuff[uRet] = pKl->hkl;
uRet++;
pKl = pKl->pklNext;
if (pKl == gspklBaseLayout)
break;
}
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
SetLastNtError(_SEH2_GetExceptionCode());
uRet = 0;
}
_SEH2_END;
}
UserLeave();
return uRet;
}
开发者ID:RPG-7,项目名称:reactos,代码行数:60,代码来源:kbdlayout.c
示例16: NtGdiOpenDCW
HDC
APIENTRY
NtGdiOpenDCW(
PUNICODE_STRING pustrDevice,
DEVMODEW *pdmInit,
PUNICODE_STRING pustrLogAddr,
ULONG iType,
BOOL bDisplay,
HANDLE hspool,
VOID *pDriverInfo2,
VOID *pUMdhpdev)
{
UNICODE_STRING ustrDevice;
WCHAR awcDevice[CCHDEVICENAME];
DEVMODEW dmInit;
PVOID dhpdev;
HDC hdc;
/* Only if a devicename is given, we need any data */
if (pustrDevice)
{
/* Initialize destination string */
RtlInitEmptyUnicodeString(&ustrDevice, awcDevice, sizeof(awcDevice));
_SEH2_TRY
{
/* Probe the UNICODE_STRING and the buffer */
ProbeForRead(pustrDevice, sizeof(UNICODE_STRING), 1);
ProbeForRead(pustrDevice->Buffer, pustrDevice->Length, 1);
/* Copy the string */
RtlCopyUnicodeString(&ustrDevice, pustrDevice);
if (pdmInit)
{
/* FIXME: could be larger */
ProbeForRead(pdmInit, sizeof(DEVMODEW), 1);
RtlCopyMemory(&dmInit, pdmInit, sizeof(DEVMODEW));
}
if (pUMdhpdev)
{
ProbeForWrite(pUMdhpdev, sizeof(HANDLE), 1);
}
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
SetLastNtError(_SEH2_GetExceptionCode());
_SEH2_YIELD(return NULL);
}
_SEH2_END
}
else
{
开发者ID:Nevermore2015,项目名称:reactos,代码行数:54,代码来源:dclife.c
示例17: DispatchQueryProcessModuleInfo
//获取进程的模块信息
//InputBuffer[0] == PEPROCESS指针
//InputBuffer[1] == LdrData指针
//OutputBuffer ModuleInfo缓冲
NTSTATUS
DispatchQueryProcessModuleInfo(PVOID InputBuffer, ULONG InputLength,
PVOID OutputBuffer, ULONG OutputLength,
PULONG Information)
{
NTSTATUS status;
PEPROCESS process;
PVOID ldrData;
PModuleInfo modInfo;
*Information = 0;
if(InputBuffer == NULL ||
InputLength != sizeof(PEPROCESS) + sizeof(PVOID)||
OutputBuffer == NULL ||
OutputLength != sizeof(ModuleInfo))
{
KdPrint(("DispatchQueryProcessModuleInfo Param mismatch: InputLength == %lu(should be %lu), OutputLength == %lu(should be %lu)",
InputLength, sizeof(PEPROCESS) + sizeof(PVOID), OutputLength, sizeof(ModuleInfo)));
return STATUS_INVALID_PARAMETER;
}
try{
ProbeForRead(InputBuffer, InputLength, 1);
process = *(PEPROCESS*)InputBuffer;
ldrData = *(PVOID*)((ULONG)InputBuffer + 4);
status = STATUS_SUCCESS;
}except(EXCEPTION_CONTINUE_EXECUTION){
status = STATUS_ACCESS_VIOLATION;
}
if(!NT_SUCCESS(status))
{
KdPrint(("DispatchQueryProcessModuleInfo ACCESS_VIOLATION read.\n"));
return status;
}
modInfo = QueryModuleInfo(process, ldrData);
if(modInfo == NULL)
return STATUS_UNSUCCESSFUL;
try{
ProbeForWrite(OutputBuffer, OutputLength, 1);
RtlCopyMemory(OutputBuffer, modInfo, OutputLength);
status = STATUS_SUCCESS;
}except(EXCEPTION_CONTINUE_EXECUTION){
KdPrint(("DispatchQueryProcessModuleInfo ACCESS_VIOLATION write.\n"));
status = STATUS_ACCESS_VIOLATION;
}
if(NT_SUCCESS(status))
*Information = OutputLength;
ExFreePool(modInfo);
return status;
}
开发者ID:yax571,项目名称:cr-ark,代码行数:57,代码来源:Dispatch.c
示例18: DispatchQueryThreadInfo
//获取线程信息
//InputBuffer[0] == PETHREAD指针
//OutputBuffer threadInfo缓冲
NTSTATUS
DispatchQueryThreadInfo(PVOID InputBuffer, ULONG InputLength,
PVOID OutputBuffer, ULONG OutputLength,
PULONG Information)
{
NTSTATUS status;
PETHREAD thread;
PThreadInfo threadInfo;
*Information = 0;
if(InputBuffer == NULL ||
InputLength != sizeof(PETHREAD) ||
OutputBuffer == NULL ||
OutputLength != sizeof(ThreadInfo))
{
KdPrint(("DispatchQueryThreadInfo Param mismatch: InputLength == %lu(should be %lu), OutputLength == %lu(should be %lu)",
InputLength, sizeof(PETHREAD), OutputLength, sizeof(ThreadInfo)));
return STATUS_INVALID_PARAMETER;
}
try{
ProbeForRead(InputBuffer, InputLength, 1);
thread = *(PETHREAD*)(InputBuffer);
status = STATUS_SUCCESS;
}except(EXCEPTION_CONTINUE_EXECUTION){
status = STATUS_ACCESS_VIOLATION;
}
if(!NT_SUCCESS(status))
{
KdPrint(("DispatchQueryThreadInfo ACCESS_VIOLATION read.\n"));
return status;
}
threadInfo = QueryThreadInfo(thread);
if(threadInfo == NULL)
return STATUS_UNSUCCESSFUL;
try{
ProbeForWrite(OutputBuffer, OutputLength, 1);
RtlCopyMemory(OutputBuffer, threadInfo, OutputLength);
status = STATUS_SUCCESS;
}except(EXCEPTION_CONTINUE_EXECUTION){
KdPrint(("DispatchQueryThreadInfo ACCESS_VIOLATION write.\n"));
status = STATUS_ACCESS_VIOLATION;
}
if(NT_SUCCESS(status))
*Information = OutputLength;
ExFreePool(threadInfo);
return status;
}
开发者ID:yax571,项目名称:cr-ark,代码行数:55,代码来源:Dispatch.c
示例19: DispatchThreadEnum
//枚举进程
//InputBuffer[0] == 是否显示EPROCESS指针
//OutputBuffer ObjectIdTable缓冲
NTSTATUS
DispatchThreadEnum(PVOID InputBuffer, ULONG InputLength,
PVOID OutputBuffer, ULONG OutputLength,
PULONG Information)
{
PEPROCESS process;
NTSTATUS status;
PObjectIdTable objIdTable;
*Information = 0;
if(InputBuffer == NULL ||
InputLength != sizeof(PEPROCESS) ||
OutputBuffer == NULL ||
OutputLength != sizeof(ObjectIdTable))
{
KdPrint(("DispatchThreadEnum Param mismatch: InputLength == %lu(should be %lu), OutputLength == %lu(should be %lu)",
InputLength, sizeof(PEPROCESS), OutputLength, sizeof(ObjectIdTable)));
return STATUS_INVALID_PARAMETER;
}
try{
ProbeForRead(InputBuffer, InputLength, 1);
process = *(PEPROCESS*)InputBuffer;
status = STATUS_SUCCESS;
}except(EXCEPTION_CONTINUE_EXECUTION){
KdPrint(("DispatchThreadEnum ACCESS_VIOLATION read.\n"));
status = STATUS_ACCESS_VIOLATION;
}
if(!NT_SUCCESS(status))
return status;
//枚举线程
objIdTable = ThreadEnum(process);
if(!objIdTable)
return STATUS_UNSUCCESSFUL;
try{
ProbeForWrite(OutputBuffer, OutputLength, 1);
RtlCopyMemory(OutputBuffer, objIdTable, OutputLength);
status = STATUS_SUCCESS;
}except(EXCEPTION_CONTINUE_EXECUTION){
KdPrint(("DispatchThreadEnum ACCESS_VIOLATION write.\n"));
status = STATUS_ACCESS_VIOLATION;
}
ExFreePool(objIdTable);
if(NT_SUCCESS(status))
*Information = OutputLength;
return status;
}
开发者ID:yax571,项目名称:cr-ark,代码行数:54,代码来源:Dispatch.c
示例20: DispatchQueryProcessModuleList
//获取进程的模块列表
//InputBuffer[0] == PEPROCESS指针
//OutputBuffer ProcessModuleList缓冲
NTSTATUS
DispatchQueryProcessModuleList(PVOID InputBuffer, ULONG InputLength,
PVOID OutputBuffer, ULONG OutputLength,
PULONG Information)
{
NTSTATUS status;
PEPROCESS process;
PProcessModuleList processModList;
*Information = 0;
if(InputBuffer == NULL ||
InputLength != sizeof(PEPROCESS) ||
OutputBuffer == NULL ||
OutputLength != sizeof(ProcessModuleList))
{
KdPrint(("DispatchQueryProcessModuleList Param mismatch: InputLength == %lu(should be %lu), OutputLength == %lu(should be %lu)",
InputLength, sizeof(PEPROCESS), OutputLength, sizeof(ProcessModuleList)));
return STATUS_INVALID_PARAMETER;
}
try{
ProbeForRead(InputBuffer, InputLength, 1);
process = *(PEPROCESS*)InputBuffer;
status = STATUS_SUCCESS;
}except(EXCEPTION_CONTINUE_EXECUTION){
status = STATUS_ACCESS_VIOLATION;
}
if(!NT_SUCCESS(status))
{
KdPrint(("DispatchQueryProcessModuleList ACCESS_VIOLATION read.\n"));
return status;
}
processModList = QueryProcessModuleList(process);
if(processModList == NULL)
return STATUS_UNSUCCESSFUL;
try{
ProbeForWrite(OutputBuffer, OutputLength, 1);
RtlCopyMemory(OutputBuffer, processModList, OutputLength);
status = STATUS_SUCCESS;
}except(EXCEPTION_CONTINUE_EXECUTION){
KdPrint(("DispatchQueryProcessModuleList ACCESS_VIOLATION write.\n"));
status = STATUS_ACCESS_VIOLATION;
}
if(NT_SUCCESS(status))
*Information = OutputLength;
ExFreePool(processModList);
return status;
}
开发者ID:yax571,项目名称:cr-ark,代码行数:54,代码来源:Dispatch.c
注:本文中的ProbeForWrite函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论