驱动 应用程序通信问题
我最近想写个用驱动遍历读取EPROCESS,从而显示系统所有进程的程序,但是数据交互中出了点问题,大家帮忙看下吧 谢谢了。
应用程序部分
          typedef  struct _PROCESS_INFO
         {
	     PUCHAR pImageFileName;
	     ULONG   dwProcessId;	
          }PROCESS_INFO,*PPROCESS_INFO;
          typedef struct _DEVICE_EXTENSION
         {
	     ULONG             data_num;
               PROCESS_INFO      process_info[30];
         }DEVICE_EXTENSION;
          。。。。。
	DEVICE_EXTENSION  dev_extentsion;
	ULONG     NumOfByte;
	DeviceIoControl(hDev,GET_EPROCESS,NULL,0,&dev_extentsion,sizeof(DEVICE_EXTENSION),&NumOfByte,NULL);
驱动部分
DEVICE_EXTENSION      dev_extension;
//将EPROCESS内容存储到结构变量dev_extension中提供给应用程序
NTSTATUS GetProcessInfo()
{
	ULONG     FirstProcess;
	ULONG     EProcess;
	ULONG     i = 0;
	PLIST_ENTRY   ActiveProcessLinks;
	EProcess = FirstProcess = (ULONG)PsGetCurrentProcess();
	for (i;dev_extension.data_num < MAX_PROCESS_NUM;i++)
	{
		dev_extension.process_info[i].dwProcessId = *(PULONG)(EProcess+PID_OFFSET);
		dev_extension.process_info[i].pImageFileName = (PUCHAR)(EProcess+PNAME_OFFSET);
		dev_extension.data_num++;
		ActiveProcessLinks = (PLIST_ENTRY)(EProcess+PLINK_OFFSET);
		EProcess = (ULONG)ActiveProcessLinks->Flink-PLINK_OFFSET;
		if (EProcess == FirstProcess)
			break;
	}
	return STATUS_SUCCESS;
}
NTSTATUS DriverIoControlDispatch(IN PDEVICE_OBJECT pDevobj,IN PIRP pIrp)
{	
	PIO_STACK_LOCATION stack =  
              IoGetCurrentIrpStackLocation(pIrp);                                                              
	ULONG     code;
	PVOID     IoBuffer = pIrp->AssociatedIrp.SystemBuffer;
	ULONG     DesireLength;
	ULONG     OutputBufferLength ;
	code      = stack->Parameters.DeviceIoControl.IoControlCode;	
	KdPrint(("enter my deviceControl\n"));
	switch (code)
	{
	case GET_EPROCESS:
		{
			ULONG i = 0;
			ULONG test;
			GetProcessInfo();
			DesireLength = sizeof(PROCESS_INFO)*MAX_PROCESS_NUM + sizeof(ULONG);
			OutputBufferLength  = stack->Parameters.DeviceIoControl.OutputBufferLength;
			if (DesireLength > OutputBufferLength)
			{
				DbgPrint("desireLength = %lu    
                                             outputBufferlength = %lu",DesireLength,OutputBufferLength);
				DbgPrint("the output buffer is too small");
				break;
			}
			RtlCopyMemory(IoBuffer, &dev_extension.data_num, DesireLength);
			dev_extension.data_num = 0;
			break;
		}		
	}
在驱动中用DbgPrint输出显示很正常,所以应该是传递的问题。请大家帮帮忙,或者给我说下 应该看哪个方面的东西,谢谢
------解决方案--------------------
占个沙发,顶一下