驱动 应用程序通信有关问题
日期:2014-05-17 浏览次数:20872 次
驱动 应用程序通信问题
我最近想写个用驱动遍历读取EPROCESS,从而显示系统所有进程的程序,但是数据交互中出了点问题,大家帮忙看下吧 谢谢了。
应用程序部分
typedef struct _PROCESS_INFO
{
PUCHAR pImageFileName;
ULONG dwProcessId;
}PROCESS_INFO,*PPROCESS_INFO;
typedef struct _DEVICE_EXTENSION
{
ULONG data_num;
PROCESS_INFO process_info[30];
}DEVICE_EXTENSION;
。。。。。
DEVICE_EXTENSION dev_extentsion;
ULONG NumOfByte;
DeviceIoControl(hDev,GET_EPROCESS,NULL,0,&dev_extentsion,sizeof(DEVICE_EXTENSION),&NumOfByte,NULL);
驱动部分
DEVICE_EXTENSION dev_extension;
//将EPROCESS内容存储到结构变量dev_extension中提供给应用程序
NTSTATUS GetProcessInfo()
{
ULONG FirstProcess;
ULONG EProcess;
ULONG i = 0;
PLIST_ENTRY ActiveProcessLinks;
EProcess = FirstProcess = (ULONG)PsGetCurrentProcess();
for (i;dev_extension.data_num < MAX_PROCESS_NUM;i++)
{
dev_extension.process_info[i].dwProcessId = *(PULONG)(EProcess+PID_OFFSET);
dev_extension.process_info[i].pImageFileName = (PUCHAR)(EProcess+PNAME_OFFSET);
dev_extension.data_num++;
ActiveProcessLinks = (PLIST_ENTRY)(EProcess+PLINK_OFFSET);
EProcess = (ULONG)ActiveProcessLinks->Flink-PLINK_OFFSET;
if (EProcess == FirstProcess)
break;
}
return STATUS_SUCCESS;
}
NTSTATUS DriverIoControlDispatch(IN PDEVICE_OBJECT pDevobj,IN PIRP pIrp)
{
PIO_STACK_LOCATION stack =
IoGetCurrentIrpStackLocation(pIrp);
ULONG code;
PVOID IoBuffer = pIrp->AssociatedIrp.SystemBuffer;
ULONG DesireLength;
ULONG OutputBufferLength ;
code = stack->Parameters.DeviceIoControl.IoControlCode;
KdPrint(("enter my deviceControl\n"));
switch (code)
{
case GET_EPROCESS:
{
ULONG i = 0;
ULONG test;
GetProcessInfo();
DesireLength = sizeof(PROCESS_INFO)*MAX_PROCESS_NUM + sizeof(ULONG);
OutputBufferLength = stack->Parameters.DeviceIoControl.OutputBufferLength;
if (DesireLength > OutputBufferLength)
{
DbgPrint("desireLength = %lu
outputBufferlength = %lu",DesireLength,OutputBufferLength);
DbgPrint("the output buffer is too small");
break;
}
RtlCopyMemory(IoBuffer, &dev_extension.data_num, DesireLength);
dev_extension.data_num = 0;
break;
}
}
在驱动中用DbgPrint输出显示很正常,所以应该是传递的问题。请大家帮帮忙,或者给我说下 应该看哪个方面的东西,谢谢
------解决方案--------------------
占个沙发,顶一下
我最近想写个用驱动遍历读取EPROCESS,从而显示系统所有进程的程序,但是数据交互中出了点问题,大家帮忙看下吧 谢谢了。
应用程序部分
typedef struct _PROCESS_INFO
{
PUCHAR pImageFileName;
ULONG dwProcessId;
}PROCESS_INFO,*PPROCESS_INFO;
typedef struct _DEVICE_EXTENSION
{
ULONG data_num;
PROCESS_INFO process_info[30];
}DEVICE_EXTENSION;
。。。。。
DEVICE_EXTENSION dev_extentsion;
ULONG NumOfByte;
DeviceIoControl(hDev,GET_EPROCESS,NULL,0,&dev_extentsion,sizeof(DEVICE_EXTENSION),&NumOfByte,NULL);
驱动部分
DEVICE_EXTENSION dev_extension;
//将EPROCESS内容存储到结构变量dev_extension中提供给应用程序
NTSTATUS GetProcessInfo()
{
ULONG FirstProcess;
ULONG EProcess;
ULONG i = 0;
PLIST_ENTRY ActiveProcessLinks;
EProcess = FirstProcess = (ULONG)PsGetCurrentProcess();
for (i;dev_extension.data_num < MAX_PROCESS_NUM;i++)
{
dev_extension.process_info[i].dwProcessId = *(PULONG)(EProcess+PID_OFFSET);
dev_extension.process_info[i].pImageFileName = (PUCHAR)(EProcess+PNAME_OFFSET);
dev_extension.data_num++;
ActiveProcessLinks = (PLIST_ENTRY)(EProcess+PLINK_OFFSET);
EProcess = (ULONG)ActiveProcessLinks->Flink-PLINK_OFFSET;
if (EProcess == FirstProcess)
break;
}
return STATUS_SUCCESS;
}
NTSTATUS DriverIoControlDispatch(IN PDEVICE_OBJECT pDevobj,IN PIRP pIrp)
{
PIO_STACK_LOCATION stack =
IoGetCurrentIrpStackLocation(pIrp);
ULONG code;
PVOID IoBuffer = pIrp->AssociatedIrp.SystemBuffer;
ULONG DesireLength;
ULONG OutputBufferLength ;
code = stack->Parameters.DeviceIoControl.IoControlCode;
KdPrint(("enter my deviceControl\n"));
switch (code)
{
case GET_EPROCESS:
{
ULONG i = 0;
ULONG test;
GetProcessInfo();
DesireLength = sizeof(PROCESS_INFO)*MAX_PROCESS_NUM + sizeof(ULONG);
OutputBufferLength = stack->Parameters.DeviceIoControl.OutputBufferLength;
if (DesireLength > OutputBufferLength)
{
DbgPrint("desireLength = %lu
outputBufferlength = %lu",DesireLength,OutputBufferLength);
DbgPrint("the output buffer is too small");
break;
}
RtlCopyMemory(IoBuffer, &dev_extension.data_num, DesireLength);
dev_extension.data_num = 0;
break;
}
}
在驱动中用DbgPrint输出显示很正常,所以应该是传递的问题。请大家帮帮忙,或者给我说下 应该看哪个方面的东西,谢谢
------解决方案--------------------
占个沙发,顶一下
免责声明: 本文仅代表作者个人观点,与爱易网无关。其原创性以及文中陈述文字和内容未经本站证实,对本文以及其中全部或者部分内容、文字的真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
