a BSOD of KERNEL_STACK_INPAGE_ERROR?

楼主^#

更多发布于：2007-01-18 11:26

  Hi all,
   I have a BSOD problem of KERNEL_STACK_INPAGE_ERROR, which may be trigered
by the following codes:

NTSTATUS
NTAPI
HookCreateSection(OUT PHANDLE SectionHandle,
   IN ACCESS_MASK DesiredAccess,
   IN POBJECT_ATTRIBUTES ObjectAttributes,
   IN PLARGE_INTEGER MaximumSize,
   IN ULONG SectionPageProtection,
   IN ULONG AllocationAttributes,
   IN HANDLE FileHandle)
{
   ......
   ntstatus = ObReferenceObjectByHandle(FileHandle,
SYNCHRONIZE|FILE_READ_DATA, 0,
   KernelMode,
   &pFileObject,
   NULL);
   if(!NT_SUCCESS(ntstatus))
   {
   goto HOOKEND;
   }
   ntStatus = ObOpenObjectByPointer(pFileObject, OBJ_KERNEL_HANDLE, NULL, SYNCHRONIZE|FILE_READ_DATA, *IoFileObjectType,
   KernelMode, &hFileHandle);
   if(!NT_SUCCESS(ntStatus))
   {
   goto HOOKEND;
   }
   ntStatus = ZwQueryInformationFile(hFileHandle,
   &IoStatus,
   &StandardFileInfo,
   sizeof(FILE_STANDARD_INFORMATION),
   FileStandardInformation);

   if(ntStatus != STATUS_SUCCESS)
   {
   ZwClose(hFileHandle);
   goto HOOKEND;
   }
   nFileLen=StandardFileInfo.EndOfFile.LowPart;
   if ((nFileLen==0)||(nFileLen==0xFFFFFFFF))
   {
   ZwClose(hFileHandle);
   goto HOOKEND;
   }
   if(nFileLen <= ReadFileLen)
   {
   pbData=(PCHAR)ExAllocatePool(NonPagedPool, nFileLen+1);
   ntemLen=nFileLen+1;
   }
   else
   {
   pbData=(PCHAR)ExAllocatePool(NonPagedPool, ReadFileLen+1);
   ntemLen=ReadFileLen+1;
   }
   if (pbData==NULL)
   {
   //zz KdPrint(("ProcessCheckSum: ExAllocatePool failed!\n"));
   ZwClose(hFileHandle);
   goto HOOKEND;
   }
   RtlZeroMemory(pbData,ntemLen);

   if(nFileLen <= ReadFileLen)
   {
   ntStatus=ZwReadFile(hFileHandle,
   NULL,
   NULL,
   NULL,
   &IoStatus,
   (PVOID)pbData,
   nFileLen,
   NULL,
   NULL);
   if(ntStatus != STATUS_SUCCESS)
   {
   //zz KdPrint(("ProcessCheckSum: ZwReadFile %s Failed\n", pFile));
   ZwClose(hFileHandle);
   ExFreePool(pbData);
   return FALSE;
   }
   // calculate the crc valure
   CheckSum(CheckSumImage,pbData,nFileLen);
   }
   else
   {
   for(i = 0;i<nFileLen/ReadFileLen;i++)
   {
   ntStatus=ZwReadFile(hFileHandle,
   NULL,
   NULL,
   NULL,
   &IoStatus,
   (PVOID)pbData,
   ReadFileLen,
   NULL,
   NULL);
   if(ntStatus != STATUS_SUCCESS)
   {
   //zz KdPrint(("ProcessCheckSum: ZwReadFile %s Failed\n", pFile));
   ZwClose(hFileHandle);
   ExFreePool(pbData);
   return FALSE;
   }
   CheckSum(CheckSumImage,pbData,ReadFileLen);
   RtlZeroMemory(pbData,ReadFileLen);
   }
   ntStatus=ZwReadFile(hFileHandle,
   NULL,
   NULL,
   NULL,
   &IoStatus,
   (PVOID)pbData,
   nFileLen-ReadFileLen*(nFileLen/ReadFileLen),
   NULL,
   NULL);
   if(ntStatus != STATUS_SUCCESS)
   {
   //zz KdPrint(("ProcessCheckSum: ZwReadFile %s Failed\n", pFile));
   ZwClose(hFileHandle);
   ExFreePool(pbData);
   goto HOOKEND;
   }

CheckSum(CheckSumImage,pbData,nFileLen-ReadFileLen*(nFileLen/ReadFileLen));
   }

   ZwClose(hFileHandle);
   ExFreePool(pbData);
......
}

Can anyone tell me where i am wrong, thank you!

喜欢1

最新喜欢：

naijie...

michaelgz 论坛版主注册日期2005-01-26 最后登录2012-10-22 粉丝1 关注1 积分150分威望1524点贡献值1点好评度213点原创分0分专家分2分加关注写私信	沙发^# 发布于：2007-01-18 23:12 Seems the discussion on OSR's mailing list is not enough to let you drop this hook. :) How about the solution provided in Daniel's reply?
	回复(0) 喜欢(0)

killvxk

论坛版主

注册日期2005-10-03
最后登录2014-04-14
粉丝3
关注1
积分1082分
威望2003点
贡献值0点
好评度1693点
原创分2分
专家分0分

加关注写私信

板凳^#

发布于：2007-01-19 00:22

考虑把FileObject放IoWorkQueue处理，唉~

没有战争就没有进步 X3工作组为您提供最好的军火

回复喜欢

zymoonstone 驱动牛犊注册日期2006-03-21 最后登录2010-10-26 粉丝0 关注0 积分260分威望66点贡献值0点好评度65点原创分0分专家分0分加关注写私信	地板^# 发布于：2007-01-22 10:13 请问为什么要放到Ioworkqueue里面进行处理，出于什么样的考虑？
	回复(0) 喜欢(0)

zymoonstone 驱动牛犊注册日期2006-03-21 最后登录2010-10-26 粉丝0 关注0 积分260分威望66点贡献值0点好评度65点原创分0分专家分0分加关注写私信	地下室^# 发布于：2007-01-22 11:49 >>Seems the discussion on OSR's mailing list is not enough to let you drop this hook. :) >>How about the solution provided in Daniel's reply? I have not found a perfect way to terminate the process, hehe, so i insist on my way temporarily.
	回复(0) 喜欢(0)

您需要登录后才可以回帖，登录或者注册