|
阅读:1262回复:2
大家帮忙看下代码
一段很简单的代码,目的是产生蓝屏,编译可以通过,产生bugcode007e.sys 文件.用dirver monitor可以加载产生蓝屏.
但是有个问题,,我如果用osrloader加载了其他的sys,然后再用dirver monitor加载 bugcode007e.sys时就会出错,错误号183. 如果我先用 dirver monitor加载另一个sys,然后再用osrloader加载bugcode007e.sys的时候,提示"文件存在时,无法创建该文件" 我觉得可能是我代码的哪部分不是很规范的问题,但不知道是哪里.希望大家给点建议. #include "bugcode007e.h" PDEVICE_OBJECT deviceObject; NTSTATUS DriverEntry( IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath ) { NTSTATUS status = STATUS_SUCCESS; UNICODE_STRING nameString, linkString; UNICODE_STRING nameEvent; HANDLE hEvent=NULL; PKEVENT Event=NULL; UNREFERENCED_PARAMETER(RegistryPath); RtlInitUnicodeString( &nameString, L"\\Device\\Test" ); status = IoCreateDevice( DriverObject, 0, &nameString, FILE_DEVICE_UNKNOWN, 0, TRUE, &deviceObject ); if (!NT_SUCCESS( status )) return status; RtlInitUnicodeString( &linkString, L"\\DosDevices\\Test" ); status = IoCreateSymbolicLink (&linkString, &nameString); if (!NT_SUCCESS( status )) { IoDeleteDevice (DriverObject->DeviceObject); return status; } DriverObject->MajorFunction[IRP_MJ_CREATE] = DriverObject->MajorFunction[IRP_MJ_CLOSE] = DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] =MydrvDispatch; DriverObject->DriverUnload = DriverUnload; RtlInitUnicodeString( &nameEvent, L"\\BaseNamedObjects\\Event" ); Event=IoCreateSynchronizationEvent(&nameEvent,hEvent);//这里产生了蓝屏 ZwClose(hEvent); return STATUS_SUCCESS; } //处理设备对象操作 static NTSTATUS MydrvDispatch (IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp) { Irp->IoStatus.Status = STATUS_SUCCESS; IoCompleteRequest (Irp, IO_NO_INCREMENT); return Irp->IoStatus.Status; } VOID DriverUnload (IN PDRIVER_OBJECT pDriverObject) { DbgPrint( "DriverUnload" ); UNREFERENCED_PARAMETER(pDriverObject) ; IoDeleteDevice(deviceObject); return; } |
|
|
沙发#
发布于:2007-08-17 10:57
没人帮下初学者吗
|
|
|
板凳#
发布于:2007-08-17 14:50
晕哦,原来是两个sys创建的device object使用了相同的名字...
|
|