On Friday, February 02, 2001 1:38 AM Maxim S. Shatskih wrote:
Do not do this [use ZwWriteVirtualMemory()]. Use the user buffer pointer
and write to it directly by RtlCopyMemory, but from under the
__try/__except block. The exception will mean - the user buffer pointer
is bad.Max
Thank you for the advice, Max. But after this mail you’ve read, I’ve exchanged
a few mails and ideas on the subject with Mr. Don Burn, who kindly got me
into the real problem. You see, the point is I’m getting hold of a PID which is
not the one of the app calling the driver (that was in fact my first approach,
and it was simple enough to pass data in the Irp->AssociatedIrp.SystemBuffer).
The PID I’m receiving may be an arbitrary one (e.g. from a DLL or from
another app), and this driver I’m developing is for “testing purposes” (I’ll
be
stuying interrupts and DPC routines in the near future); I also spoke here with
some guys who corrected me and gave me a lot of help, so now I think I’m in
the right way to solve my problem.
Thank you also for the __try/__except tip (I’m aware of it).
If Mr. Don Burn / Mr. Norbert Kawulski are reading this, I also want to thank
them for their kindness. You’ll be smiling to know that some of the “problems”
I was having using ZwXxxx (and other) functions were due to the fact I didn’t
knew how to force BUILD to refer to them (as they’re not exported by
ntoskrnl): it was a matter of explicitly adding a
TARGETLIBS=$(CRT_LIB_PATH)\ntdll.lib :)))
line into the ‘sources’ file and learning some skills (like using dumpbin
/exports,
how to use some of the DDK tools…) I’m still leaning the basic stuff, you
know…
Thank you all (you are the gurus!).
Miguel Monteiro
xxxxx@criticalsoftware.com
www.criticalsoftware.com
«Humour and love are God’s answers
to Human weaknesses»
You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com