|
阅读:1705回复:2
为什么会发生异常??天啊!!
我在filespy中加一个写例程,处理加密.我自己分配了一块内存在里面加密在完成例程中释放.
typedef struct _DOWN_TRANSFER{ BOOLEAN MemLock; PMDL MdlAddress; PVOID UserAddress; } DOWN_TRANSFER, *PDOWN_TRANSFER;//头文件中定义 SpyWrite( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ) { PCHAR pBuffer; int i; int Length; PIO_STACK_LOCATION IrpCurStack ; PDOWN_TRANSFER yang; PFILE_OBJECT FileObject; IrpCurStack=IoGetCurrentIrpStackLocation(Irp); Length = IrpCurStack->Parameters.Write.Length; pBuffer = ExAllocatePool(NonPagedPool,Length); FileObject = IrpCurStack->FileObject; if( Irp ->Flags & ( IRP_NOCACHE | IRP_PAGING_IO | IRP_SYNCHRONOUS_PAGING_IO ) ) { yang = ExAllocatePool( NonPagedPool, sizeof(DOWN_TRANSFER)); yang->MdlAddress = Irp->MdlAddress; yang->UserAddress = pBuffer; if( Irp ->MdlAddress ) { RtlCopyMemory(pBuffer,MmGetSystemAddressForMdl(Irp->MdlAddress),Length); } else { RtlCopyMemory(pBuffer,Irp->UserBuffer,Length); } if (NodeType(FileObject->FsContext) == FAT_NTC_FCB)//判断是不是文件内容 { for(i=0;i<(int)Length; { pBuffer=~pBuffer; } } IoAllocateMdl(pBuffer, IrpCurStack->Parameters.Write.Length, FALSE, FALSE, Irp); if (Irp->MdlAddress == NULL) { //return NULL; } __try { MmProbeAndLockPages(Irp->MdlAddress, Irp->RequestorMode, IoWriteAccess); } __except (EXCEPTION_EXECUTE_HANDLER) { IoFreeMdl(Irp->MdlAddress); Irp->MdlAddress = NULL; } } IoSetCompletionRoutine( Irp , WriteCompleted ,(PVOID) yang ,TRUE ,FALSE ,FALSE ); return SpyPassThrough( DeviceObject , Irp ); } WriteCompleted( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID Context ) { ULONG Length; PCHAR pBuffer; int i ; PDOWN_TRANSFER yang; yang=(PDOWN_TRANSFER)Context; MmUnlockPages(Irp->MdlAddress); IoFreeMdl(Irp->MdlAddress); Irp->MdlAddress = yang->MdlAddress; ExFreePool(yang->UserAddress); ExFreePool(yang); if( Irp->PendingReturned ) { IoMarkIrpPending( Irp ); } return Irp->IoStatus.Status; } Softice有时会报下面的错误: 第一个错误: Break Due to KeBugCheckEx(Unhandled mode exception) Error=50 (PAGE_FAULT_NONPAGED_AREA) P1=ED5E4400 P2=0 P3=ED4A3748 P4=0 第二个错误是: Break Due to KeBugCheckEx(Unhandled mode exception) Error=4E (PFN_LIST_CORRUPT) P1=7 P2=11 P3=8A50 P4=0 |
|
|
沙发#
发布于:2003-07-16 10:07
自己顶一下
|
|
|
板凳#
发布于:2003-07-30 12:34
检查一下dump文件,看看是不是你的代码的问题,看看栈里有没有什么有用的信息,在结合你的源码看看,应该能找出问题来的
|
|
