TDI receive function

Dear friends

Please tell me what is the problem of this function, the function
returns the not success status & then the system crashes…I did not
find any sample code in ddk for sending and receiving with TDI.

NTSTATUS
Recv()
{

PIRP Irp;
PMDL Mdl;
NTSTATUS status;
KEVENT RecEvent;
PIRP pIrp;
IO_STATUS_BLOCK IoStatusBlock;
PFILE_OBJECT FileObject;
PVOID Data;
ULONG Length;
PKEVENT Event;

KeInitializeEvent( &RecEvent, NotificationEvent, FALSE );

pRecBuffer =(char*) ExAllocatePool( NonPagedPool, 1024 );

pDeviceObject = IoGetRelatedDeviceObject(pFileObject);

Irp = TdiBuildInternalDeviceControlIrp(TDI_RECEIVE, pDeviceObject,
pFileObject, &RecEvent, &IoStatusBlock);

if (Irp == 0) return STATUS_INSUFFICIENT_RESOURCES;

Mdl = IoAllocateMdl(pRecBuffer, 1024, FALSE, FALSE, Irp);

MmProbeAndLockPages(Mdl, KernelMode, IoModifyAccess);

TdiBuildReceive(Irp, pDeviceObject, pFileObject, 0, 0, Mdl,
TDI_RECEIVE_NORMAL, 1024);

status = IoCallDriver(pDeviceObject, Irp);

if (status == STATUS_SUCCESS)
{
DbgPrint(“Rec:)”);
DbgPrint(pRecBuffer);

}

else
DbgPrint(“Rec :(”);

return status;

}

Thanks in advance
Jack

You are crashing because IoCallDriver returns STATUS_PENDING.
You have to wait on event - that’s the reason it is present.

There are several TDI client samples available on the Net - just google
for it.
For example, this:

http://www.codeproject.com/KB/system/driverdev5asp.aspx?display=PrintAll
&fid=167582&df=90&mpp=25&noise=3&sort=Position&view=Quick&select=1819773

P.S. And, of course, you’ll have to add proper error checking to your
code.

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Jack sa
Sent: Monday, April 06, 2009 12:32 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] TDI receive function

Dear friends

Please tell me what is the problem of this function, the
function returns the not success status & then the system
crashes…I did not find any sample code in ddk for sending
and receiving with TDI.

NTSTATUS
Recv()
{

PIRP Irp;
PMDL Mdl;
NTSTATUS status;
KEVENT RecEvent;
PIRP pIrp;
IO_STATUS_BLOCK IoStatusBlock;
PFILE_OBJECT FileObject;
PVOID Data;
ULONG Length;
PKEVENT Event;

KeInitializeEvent( &RecEvent, NotificationEvent, FALSE );

pRecBuffer =(char*) ExAllocatePool( NonPagedPool, 1024 );

pDeviceObject = IoGetRelatedDeviceObject(pFileObject);

Irp = TdiBuildInternalDeviceControlIrp(TDI_RECEIVE,
pDeviceObject, pFileObject, &RecEvent, &IoStatusBlock);

if (Irp == 0) return STATUS_INSUFFICIENT_RESOURCES;

Mdl = IoAllocateMdl(pRecBuffer, 1024, FALSE, FALSE, Irp);

MmProbeAndLockPages(Mdl, KernelMode, IoModifyAccess);

TdiBuildReceive(Irp, pDeviceObject, pFileObject, 0, 0,
Mdl, TDI_RECEIVE_NORMAL, 1024);

status = IoCallDriver(pDeviceObject, Irp);

if (status == STATUS_SUCCESS)
{
DbgPrint(“Rec:)”);
DbgPrint(pRecBuffer);

}

else
DbgPrint(“Rec :(”);

return status;

}

Thanks in advance
Jack

---

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online
at http://www.osronline.com/page.cfm?name=ListServer

There are at least a few samples published that demonstrate basic TDI client
operations. Try an internet search of “tdi client sample” or “tdi firewall
sample”. You can also go directly to www.pcausa.com (www.ndis.com) where I
believe Thomas continues to provide guidance directly.

Three things about the code below:

• So, what happens when IoCallDriver() returns STATUS_PENDING? Answer: The
  system blows up. And why? Because the code does not wait for the IRP to
  complete (using the RecEvent) and the KEVENT and IO_STATUS_BLOCK go out of
  scope before the request completes. When it does complete (and references
  these two items) they are garbage. And since you test for STATUS_SUCCESS
  and STATUS_SUCCESS != STATUS_PENDING and since 99% of the time this call is
  going to ‘succeed’ by returning STATUS_PENDING I would say you probably see
  a quite a bit of ‘blue’ on your screen.

• If your code allocates and builds the IRP, MDL, etc. then generally it
  should be your code that cleans those items up. You do not seem to be
  setting a completion routine in a stack location in the IRP to catch the IRP
  before it is returned to the I/O manager. Since this IRP was allocated by
  your code, having the I/O manager try to complete it is probably not what
  the I/O manager or you are really expecting.

• Yes, issuing a TDI_RECEIVE is a way to receive data from a TCP connection.
  However, most kernel mode TDI clients use event callbacks set on the address
  file object to handle receives. Keep that in mind when you are looking for
  samples.

Good Luck,
Dave Cattley
Consulting Engineer
Systems Software Development

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Jack sa
Sent: Monday, April 06, 2009 5:32 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] TDI receive function

Dear friends

Please tell me what is the problem of this function, the function
returns the not success status & then the system crashes…I did not
find any sample code in ddk for sending and receiving with TDI.

NTSTATUS
Recv()
{

PIRP Irp;
PMDL Mdl;
NTSTATUS status;
KEVENT RecEvent;
PIRP pIrp;
IO_STATUS_BLOCK IoStatusBlock;
PFILE_OBJECT FileObject;
PVOID Data;
ULONG Length;
PKEVENT Event;

KeInitializeEvent( &RecEvent, NotificationEvent, FALSE );

pRecBuffer =(char*) ExAllocatePool( NonPagedPool, 1024 );

pDeviceObject = IoGetRelatedDeviceObject(pFileObject);

Irp = TdiBuildInternalDeviceControlIrp(TDI_RECEIVE, pDeviceObject,
pFileObject, &RecEvent, &IoStatusBlock);

if (Irp == 0) return STATUS_INSUFFICIENT_RESOURCES;

Mdl = IoAllocateMdl(pRecBuffer, 1024, FALSE, FALSE, Irp);

MmProbeAndLockPages(Mdl, KernelMode, IoModifyAccess);

TdiBuildReceive(Irp, pDeviceObject, pFileObject, 0, 0, Mdl,
TDI_RECEIVE_NORMAL, 1024);

status = IoCallDriver(pDeviceObject, Irp);

if (status == STATUS_SUCCESS)
{
DbgPrint(“Rec:)”);
DbgPrint(pRecBuffer);

}

else
DbgPrint(“Rec :(”);

return status;

}

Thanks in advance
Jack

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

Thanks 4 your emails

On Mon, Apr 6, 2009 at 3:15 PM, David R. Cattley wrote:

> There are at least a few samples published that demonstrate basic TDI
> client
> operations. Try an internet search of “tdi client sample” or “tdi firewall
> sample”. You can also go directly to www.pcausa.com (www.ndis.com) where
> I
> believe Thomas continues to provide guidance directly.
>
> Three things about the code below:
>
> - So, what happens when IoCallDriver() returns STATUS_PENDING? Answer:
> The
> system blows up. And why? Because the code does not wait for the IRP to
> complete (using the RecEvent) and the KEVENT and IO_STATUS_BLOCK go out of
> scope before the request completes. When it does complete (and references
> these two items) they are garbage. And since you test for STATUS_SUCCESS
> and STATUS_SUCCESS != STATUS_PENDING and since 99% of the time this call is
> going to ‘succeed’ by returning STATUS_PENDING I would say you probably see
> a quite a bit of ‘blue’ on your screen.
>
> - If your code allocates and builds the IRP, MDL, etc. then generally it
> should be your code that cleans those items up. You do not seem to be
> setting a completion routine in a stack location in the IRP to catch the
> IRP
> before it is returned to the I/O manager. Since this IRP was allocated by
> your code, having the I/O manager try to complete it is probably not what
> the I/O manager or you are really expecting.
>
> - Yes, issuing a TDI_RECEIVE is a way to receive data from a TCP
> connection.
> However, most kernel mode TDI clients use event callbacks set on the
> address
> file object to handle receives. Keep that in mind when you are looking for
> samples.
>
> Good Luck,
> Dave Cattley
> Consulting Engineer
> Systems Software Development
>
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Jack sa
> Sent: Monday, April 06, 2009 5:32 AM
> To: Windows System Software Devs Interest List
> Subject: [ntdev] TDI receive function
>
> Dear friends
>
> Please tell me what is the problem of this function, the function
> returns the not success status & then the system crashes…I did not
> find any sample code in ddk for sending and receiving with TDI.
>
> NTSTATUS
> Recv()
> {
>
>
> PIRP Irp;
> PMDL Mdl;
> NTSTATUS status;
> KEVENT RecEvent;
> PIRP pIrp;
> IO_STATUS_BLOCK IoStatusBlock;
> PFILE_OBJECT FileObject;
> PVOID Data;
> ULONG Length;
> PKEVENT Event;
>
>
> KeInitializeEvent( &RecEvent, NotificationEvent, FALSE );
>
>
> pRecBuffer =(char*) ExAllocatePool( NonPagedPool, 1024 );
>
>
>
> pDeviceObject = IoGetRelatedDeviceObject(pFileObject);
>
> Irp = TdiBuildInternalDeviceControlIrp(TDI_RECEIVE, pDeviceObject,
> pFileObject, &RecEvent, &IoStatusBlock);
>
>
> if (Irp == 0) return STATUS_INSUFFICIENT_RESOURCES;
>
>
> Mdl = IoAllocateMdl(pRecBuffer, 1024, FALSE, FALSE, Irp);
>
>
> MmProbeAndLockPages(Mdl, KernelMode, IoModifyAccess);
>
>
> TdiBuildReceive(Irp, pDeviceObject, pFileObject, 0, 0, Mdl,
> TDI_RECEIVE_NORMAL, 1024);
>
>
> status = IoCallDriver(pDeviceObject, Irp);
>
> if (status == STATUS_SUCCESS)
> {
> DbgPrint(“Rec:)”);
> DbgPrint(pRecBuffer);
>
> }
>
> else
> DbgPrint(“Rec :(”);
>
> return status;
>
>
> }
>
>
> Thanks in advance
> Jack
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>