|
阅读:1471回复:1
求教,写了一个函数来读取一段内存数据,可是没有见到预期的数据VOID ReadMemData(ULONG desAddr,PVOID pInBuf, int dataSize)
{
ASSERT(dataSize<=MAXWRITESIZE);
WCHAR tempBuf[MAXWRITESIZE]=L"" ;
UNICODE_STRING sourceBuf;
sourceBuf.Buffer = tempBuf;
sourceBuf.MaximumLength = MAXWRITESIZE;
sourceBuf.Length = (USHORT)dataSize;
//pInBuf 是用来传入数据的暂时没有用到
KdPrint(("%wZ", (PUNICODE_STRING)pInBuf));
ULONG sbuf = (ULONG)&sourceBuf;
__asm
{
push ecx
push esi
push edi
cld
mov esi,desAddr
mov edi,sbuf
mov ecx,dataSize
rep movsb
pop edi
pop esi
pop ecx
}
KdPrint(("%wZ", &sourceBuf));
}
NTSTATUS DriverEntry(PDRIVER_OBJECT pd, PUNICODE_STRING pu)
{
ULONG poi;
int dsize = 5;
UNICODE_STRING buf;
RtlInitUnicodeString(&buf, L"love you");
KdPrint(("%wZ", &buf));
PVOID pbuf = (PVOID)&buf;
poi = 0x805727C7;
WriteMemData(poi, pbuf, dsize);
return STATUS_SUCCESS;
}请高手帮忙看看这个函数到底有什么问题.谢谢了 |
|
|
沙发#
发布于:2011-06-08 10:30
人丁稀少,坐下沙发走人
 |
|