> Alternative Approach :)))))
WCHAR str[400];
*****
This is deadly, because (a) you should not be putting large arrays on the
stack (b) fixed-size arrays like this are an invitation to total disaster.
Besides, you don’t need it. The parameter to the DbgPrint should have
been &usz
And why do you need a buffer of size 400? And I notice that you do not
check to see if the string that came back will fit into this buffer, which
is really poor practice in 2012. You could get away with this in 1975.
*****
if( !KeAreAllApcsDisabled() )
{
RtlInitUnicodeString(&usz,
L"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx");
*****
This inititialization serves no detectable purpose and will cause the
RtlFreeUnicodeString to bluescreen if the FltGetDiskDeviceObject or
IoVolumeDeviceToDosName calls fail.
*****
if(NT_SUCCESS(FltGetDiskDeviceObject(FltObjects->Volume, &dev)))
{
if(NT_SUCCESS(IoVolumeDeviceToDosName(dev, &usz)))
{
for(i=0;i< usz.Length;i++)
str[i] = usz.Buffer[i];
str[i] = L"\0";
************
This is erroneous. What you wanted to do was set str[i+1] to L’\0’.
Single quotes. But you didn’t want to do any of this, anyway. Lose all
this code. And in the future, never, EVER believe a fixed-size buffer on
the stack is “big enough” to hold a string of any kind. Code like this is
a firable offense now in many software companies, so it would be a good
idea to get out of the habit of ever writing anything like this ever
again. Bounds-check everything.
I did google for %wZ, and found an article that CLEARLY stated you must
pass a PUNICODE_STRING, and you passed a UNICODE_STRING, so my earlier
guess thaat it should have been &usz was correct. Just lose all the above
code.
************
DbgPrint(“%ws”, str);
*****
Remarkably silly. All you had to do was pass &usz as the paramter!!!
As far as I can tell, all my previous comments about poor structure apply,
including the use of RtlFreeUnicodeString if the string points to a
literal.
}
ObDereferenceObjectDeferDelete(dev);
}
RtlFreeUnicodeString(&usz);
}
////////
plz help me on printing unicode strings :))))))
NTFSD is sponsored by OSR
For our schedule of debugging and file system seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer