Please help me solve an BSOD.

This is the code:

	PDRIVER_OBJECT diskDriverObject;
PDEVICE_OBJECT  currDevice;
PFUNCTIONAL_DEVICE_EXTENSION    fdo;
PSTORAGE_DEVICE_DESCRIPTOR      deviceDescriptor;
char* serialNumber = {0};
   int numOfDevices = 1;
   int iii , bufferSize;
   PIO_STACK_LOCATION IrpSp;

ULONG SNHASH;

NTSTATUS status = STATUS_SUCCESS;

UNICODE_STRING diskDrvName;
RtlInitUnicodeString(&diskDrvName, L"\\Driver\\disk");

ObReferenceObjectByName(diskDrvName, 0, NULL, 0, *IoDriverObjectType, KernelMode, NULL, &diskDriverObject));
	

currDevice = diskDriverObject->DeviceObject;

while (currDevice != NULL 
)
{
    currDevice = currDevice->NextDevice;
    numOfDevices += 1;
}

DPRINT("numOfDevices: %02X \n", numOfDevices);
		
currDevice = diskDriverObject->DeviceObject;

for (iii = 0; iii < numOfDevices; ++iii)
{
    if (currDevice != NULL)
    {
	DPRINT("Device number: %02X \n", iii);
	if (currDevice->Vpb->RealDevice->Flags & DO_SYSTEM_BOOT_PARTITION)
		
		 {			
			fdo = (FUNCTIONAL_DEVICE_EXTENSION*)currDevice->DeviceExtension;
			deviceDescriptor = fdo->DeviceDescriptor;
		 }		
		currDevice = currDevice->NextDevice;			
    }
}

Got BSOD on this line:
(currDevice->Vpb->RealDevice->Flags & DO_SYSTEM_BOOT_PARTITION)

Thank you in advance.

It’s possible that the device chain changes between your two loops. Why do you do two loops? It’s totally unnecessary, and opens an opportunity for error. You don’t need the number of devices. Just do your second loop with the while( currDevice ) loop.

Also, you should probably check “currDevice->Vpb” and “currDevice->RealDevice” before dereferencing them.

Tried everything but no luck. Looks like this flag can`t be checked from disk.sys this way.

It works but if called like this:

PFILE_OBJECT File;

RtlInitUnicodeString(&FileName,  L"\\??\\C:");

InitializeObjectAttributes(&objectAttributes, &FileName,
	OBJ_KERNEL_HANDLE | OBJ_CASE_INSENSITIVE,
	NULL, NULL);

status = ZwCreateFile(&FileHandle,	FILE_READ_ATTRIBUTES | GENERIC_READ | SYNCHRONIZE,	&objectAttributes,	&IoStatus,	NULL, 0,	
						FILE_SHARE_READ | FILE_SHARE_WRITE,	FILE_OPEN, FILE_NON_DIRECTORY_FILE | FILE_SYNCHRONOUS_IO_NONALERT, NULL, 0);
if (NT_SUCCESS(status))
{
	status = ObReferenceObjectByHandle (FileHandle,
                                        FILE_READ_DATA | FILE_WRITE_DATA,
                                        *IoFileObjectType,
                                        KernelMode,
                                        (PVOID *)&File,
                                        NULL);
										
	if (File->DeviceObject->Flags & DO_SYSTEM_BOOT_PARTITION)
		{
                     }

If someone knows why please tell.