Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results
Before Posting...
Please check out the Community Guidelines in the Announcements and Administration Category.More Info on Driver Writing and Debugging
The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.
Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/
Please help me solve an BSOD.
This is the code:
PDRIVER_OBJECT diskDriverObject;
PDEVICE_OBJECT currDevice;
PFUNCTIONAL_DEVICE_EXTENSION fdo;
PSTORAGE_DEVICE_DESCRIPTOR deviceDescriptor;
char* serialNumber = {0};
int numOfDevices = 1;
int iii , bufferSize;
PIO_STACK_LOCATION IrpSp;
ULONG SNHASH;
NTSTATUS status = STATUS_SUCCESS;
UNICODE_STRING diskDrvName;
RtlInitUnicodeString(&diskDrvName, L"\\Driver\\disk");
ObReferenceObjectByName(diskDrvName, 0, NULL, 0, *IoDriverObjectType, KernelMode, NULL, &diskDriverObject));
currDevice = diskDriverObject->DeviceObject;
while (currDevice != NULL
)
{
currDevice = currDevice->NextDevice;
numOfDevices += 1;
}
DPRINT("numOfDevices: %02X \n", numOfDevices);
currDevice = diskDriverObject->DeviceObject;
for (iii = 0; iii < numOfDevices; ++iii)
{
if (currDevice != NULL)
{
DPRINT("Device number: %02X \n", iii);
if (currDevice->Vpb->RealDevice->Flags & DO_SYSTEM_BOOT_PARTITION)
{
fdo = (FUNCTIONAL_DEVICE_EXTENSION*)currDevice->DeviceExtension;
deviceDescriptor = fdo->DeviceDescriptor;
}
currDevice = currDevice->NextDevice;
}
}
Got BSOD on this line:
(currDevice->Vpb->RealDevice->Flags & DO_SYSTEM_BOOT_PARTITION)
Thank you in advance.
Howdy, Stranger!
| Upcoming OSR Seminars | ||
|---|---|---|
| OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead! | ||
| Kernel Debugging | 30 January 2023 | Live, Online |
| Developing Minifilters | 20 March 2023 | Live, Online |
| Internals & Software Drivers | 17 April 2023 | Live, Online |
| Writing WDF Drivers | 22 May 2023 | Live, Online |
Comments
It's possible that the device chain changes between your two loops. Why do you do two loops? It's totally unnecessary, and opens an opportunity for error. You don't need the number of devices. Just do your second loop with the
while( currDevice )loop.Also, you should probably check "currDevice->Vpb" and "currDevice->RealDevice" before dereferencing them.
Tim Roberts, [email protected]
Providenza & Boekelheide, Inc.
Tried everything but no luck. Looks like this flag can`t be checked from disk.sys this way.
It works but if called like this:
PFILE_OBJECT File; RtlInitUnicodeString(&FileName, L"\\??\\C:"); InitializeObjectAttributes(&objectAttributes, &FileName, OBJ_KERNEL_HANDLE | OBJ_CASE_INSENSITIVE, NULL, NULL); status = ZwCreateFile(&FileHandle, FILE_READ_ATTRIBUTES | GENERIC_READ | SYNCHRONIZE, &objectAttributes, &IoStatus, NULL, 0, FILE_SHARE_READ | FILE_SHARE_WRITE, FILE_OPEN, FILE_NON_DIRECTORY_FILE | FILE_SYNCHRONOUS_IO_NONALERT, NULL, 0); if (NT_SUCCESS(status)) { status = ObReferenceObjectByHandle (FileHandle, FILE_READ_DATA | FILE_WRITE_DATA, *IoFileObjectType, KernelMode, (PVOID *)&File, NULL); if (File->DeviceObject->Flags & DO_SYSTEM_BOOT_PARTITION) { }If someone knows why please tell.