|
阅读:1045回复:2
修改IRP_MJ_WRITE的问题
修改IRP_MJ_WRITE的Irp包里面的userbuffer里面的数据遇到个问题:
ULONG Buffersize; CHAR Newbuffer[100]; ULONG k = 0; Buffersize = currentIrpStack->Parameters.Write.Length; RtlZeroMemory(Newbuffer,100); RtlCopyMemory(Newbuffer,Irp->UserBufer,Buffersize); for (k;k<Buffersize/2;k++) { Newbuffer[k]=Newbuffer[k]+1; } RtlCopyMemory(Irp->UserBuffer,Newbuffer,Buffersize); ....... IoCallDriver(...); 加载驱动后为什么我在用记事本写文件的时候只能对32字节以下写入工作正常,而大于32字节就不能工作呢? 另外在驱动里面我用CHAR Newbuffer[100]申请那么多的内存对吗?一般申请多少合适? |
|
驱动小牛
|
沙发#
发布于:2007-02-09 12:00
从逻辑上看好象没什么问题,你试一下不改变内存,同时在IoCallDriver 之前加上IoCopyCurrentStack...,这是WDM里面说的。
|
|
|
板凳#
发布于:2007-02-09 23:58
Try to allocate memory dynamically for big buffers such as using ExAllocatePoolWithTag, etc. Otherwise you may end up with low stack memory and crash the system.
Irp->UserBufer is not always valid. |
|
