Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results

Before Posting...
Please check out the Community Guidelines in the Announcements and Administration Category.

Re: RE:[ntdev] DbgPrint not always prints out

Tim_RobertsTim_Roberts Member - All Emails Posts: 12,914
puzzle wrote:
> I did it this way:
>
> VOID GetProcessNameFromPid(HANDLE Pid, PCHAR Output)
> {
> LPSTR tmp;
> PEPROCESS Process;
>
> if (PsLookupProcessByProcessId(Pid, &Process) != STATUS_SUCCESS) {
> strcpy(Output, "N/A");
> return;
> }
>
> tmp = (LPSTR)PsGetProcessImageFileName(Process);
> Output[16] = '\0';
> memcpy(Output, tmp, 16); // decrease ref counter because
> ObDereferenceObject(Process); // PsLookupProcessByProcessId incremented it
> }

And this is exactly why types like ANSI_STRING were created. How do you
know that the buffer you were passed can actually hold 17 bytes? What
if you change the buffer later, or you decide to return more than that?
Very dangerous coding.

--
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.

Tim Roberts, [email protected]
Providenza & Boekelheide, Inc.

Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Upcoming OSR Seminars
Writing WDF Drivers 25 Feb 2019 OSR Seminar Space
Developing Minifilters 8 April 2019 OSR Seminar Space