string safe functions

Stan_Armut · January 10, 2005, 5:00pm

I am having trouble with the string safe functions.

i am testing out how to use the kernel-mode strcpy and
strncpy functions, but they are giving me buffer
overflow errors (C0000005).

i am experimenting with reading files and copying the
file contents to a character buffer.

so I open a file for reading, get the file size
information and store that to a variable (ULONG
fileoffsetsize). i allocate memory of size
(fileoffsetsize + 1) using ExAllocatePool and i read
the file contents and store them into a character
buffer declared as (UCHAR *ReadBuffer)…

now i want to try to do a kernel-mode strcpy and store
ReadBuffer to another char buffer, let’s call it
(UCHAR *TempBuffer)…

i allocate memory of the same size(FileOffsetSize + 1)
for TempBuffer, and try the following

status = RtlStringCbCopyA(TempBuffer, FileOffsetSize,
ReadBuffer);

and I am getting C0000005 errors
(status_buffer_overflow)…

can anybody help me with this one?

-SA

Do you Yahoo!?
Read only the mail you want - Yahoo! Mail SpamGuard.
http://promotions.yahoo.com/new_mail

Stan_Armut · January 10, 2005, 5:00pm

I am having trouble with the string safe functions.

i am testing out how to use the kernel-mode strcpy and
strncpy functions, but they are giving me buffer
overflow errors (C0000005).

i am experimenting with reading files and copying the
file contents to a character buffer.

so I open a file for reading, get the file size
information and store that to a variable (ULONG
fileoffsetsize). i allocate memory of size
(fileoffsetsize + 1) using ExAllocatePool and i read
the file contents and store them into a character
buffer declared as (UCHAR *ReadBuffer)…

now i want to try to do a kernel-mode strcpy and store
ReadBuffer to another char buffer, let’s call it
(UCHAR *TempBuffer)…

i allocate memory of the same size(FileOffsetSize + 1)
for TempBuffer, and try the following

status = RtlStringCbCopyA(TempBuffer, FileOffsetSize,
ReadBuffer);

and I am getting C0000005 errors
(status_buffer_overflow)…

can anybody help me with this one?

-SA

Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
http://promotions.yahoo.com/new_mail

OSR_Community_User · January 10, 2005, 5:13pm

FileOffsetSize should be the size of the destination buffer, which has
to accommodate the terminating NUL. Your string has FileOffsetSize
bytes of data + a NUL. Your buffer can only hold FileOffsetSize bytes
of data. RtlStringCbCopyA wants to terminate the string and you’re not
leaving enough space, so it reports an overflow.

Use FileOffsetSize+1 for the buffer length and you should be fine.

-p

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Steven Aumack
Sent: Monday, January 10, 2005 2:03 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] string safe functions

I am having trouble with the string safe functions.

i am testing out how to use the kernel-mode strcpy and
strncpy functions, but they are giving me buffer overflow
errors (C0000005).

i am experimenting with reading files and copying the file
contents to a character buffer.

so I open a file for reading, get the file size information
and store that to a variable (ULONG fileoffsetsize). i
allocate memory of size (fileoffsetsize + 1) using
ExAllocatePool and i read the file contents and store them
into a character buffer declared as (UCHAR *ReadBuffer)…

now i want to try to do a kernel-mode strcpy and store
ReadBuffer to another char buffer, let’s call it (UCHAR
*TempBuffer)…

i allocate memory of the same size(FileOffsetSize + 1) for
TempBuffer, and try the following

status = RtlStringCbCopyA(TempBuffer, FileOffsetSize, ReadBuffer);

and I am getting C0000005 errors
(status_buffer_overflow)…

can anybody help me with this one?

-SA

Do you Yahoo!?
Read only the mail you want - Yahoo! Mail SpamGuard.
http://promotions.yahoo.com/new_mail

Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

You are currently subscribed to ntdev as:
xxxxx@windows.microsoft.com To unsubscribe send a blank
email to xxxxx@lists.osr.com

OSR_Community_User · January 10, 2005, 5:15pm

" cbDest - size of destination buffer in bytes.
length must be = ((_tcslen(src) + 1) * sizeof(TCHAR))
to
hold all of the source including the null terminator"

See the header file ntstrsafe.h. You are one byte short of a big enough
buffer.

=====================
Mark Roddy

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Steven Aumack
Sent: Monday, January 10, 2005 5:03 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] string safe functions

I am having trouble with the string safe functions.

i am testing out how to use the kernel-mode strcpy and strncpy functions,
but they are giving me buffer overflow errors (C0000005).

i am experimenting with reading files and copying the file contents to a
character buffer.

so I open a file for reading, get the file size information and store that
to a variable (ULONG fileoffsetsize). i allocate memory of size
(fileoffsetsize + 1) using ExAllocatePool and i read the file contents and
store them into a character buffer declared as (UCHAR *ReadBuffer)…

now i want to try to do a kernel-mode strcpy and store ReadBuffer to another
char buffer, let’s call it (UCHAR *TempBuffer)…

i allocate memory of the same size(FileOffsetSize + 1) for TempBuffer, and
try the following

status = RtlStringCbCopyA(TempBuffer, FileOffsetSize, ReadBuffer);

and I am getting C0000005 errors
(status_buffer_overflow)…

can anybody help me with this one?

-SA

Do you Yahoo!?
Read only the mail you want - Yahoo! Mail SpamGuard.
http://promotions.yahoo.com/new_mail

Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

You are currently subscribed to ntdev as: xxxxx@stratus.com To
unsubscribe send a blank email to xxxxx@lists.osr.com

OSR_Community_User · January 12, 2005, 1:40pm

Another really cool benefit of strsafe functions is that you can use the
inline version of them and step through the implementation since it is
embedded in the header itself.

d

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Roddy, Mark
Sent: Monday, January 10, 2005 5:18 PM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] string safe functions

" cbDest - size of destination buffer in bytes.
length must be = ((_tcslen(src) + 1) *
sizeof(TCHAR))
to
hold all of the source including the null
terminator"

See the header file ntstrsafe.h. You are one byte short of a big enough
buffer.

=====================
Mark Roddy

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Steven Aumack
Sent: Monday, January 10, 2005 5:03 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] string safe functions

I am having trouble with the string safe functions.

i am testing out how to use the kernel-mode strcpy and strncpy
functions,
but they are giving me buffer overflow errors (C0000005).

i am experimenting with reading files and copying the file contents to a
character buffer.

so I open a file for reading, get the file size information and store
that
to a variable (ULONG fileoffsetsize). i allocate memory of size
(fileoffsetsize + 1) using ExAllocatePool and i read the file contents
and
store them into a character buffer declared as (UCHAR *ReadBuffer)…

now i want to try to do a kernel-mode strcpy and store ReadBuffer to
another
char buffer, let’s call it (UCHAR *TempBuffer)…

i allocate memory of the same size(FileOffsetSize + 1) for TempBuffer,
and
try the following

status = RtlStringCbCopyA(TempBuffer, FileOffsetSize, ReadBuffer);

and I am getting C0000005 errors
(status_buffer_overflow)…

can anybody help me with this one?

-SA

Do you Yahoo!?
Read only the mail you want - Yahoo! Mail SpamGuard.
http://promotions.yahoo.com/new_mail

Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

You are currently subscribed to ntdev as: xxxxx@stratus.com To
unsubscribe send a blank email to xxxxx@lists.osr.com

Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

You are currently subscribed to ntdev as: xxxxx@windows.microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com