21,597
社区成员
发帖
与我相关
我的任务
分享ZwQuerySystemInformation(SystemHandleInformation,NULL,0,&nSize);为什么调用失败?第一个解决的,就得到最高分!决不失言!
ULONG nSize;
ULONG pBuffer;
NTSTATUS status;
DbgPrint("GetHandleList\n");
//pBuffer =(ULONG)ExAllocatePool(PagedPool,0x1000);
status = ZwQuerySystemInformation(SystemHandleInformation,NULL,0,&nSize);
if(NT_SUCCESS( status ))
{
pBuffer =(ULONG)ExAllocatePool(NonPagedPool,nSize);
status = ZwQuerySystemInformation(SystemHandleInformation,(PVOID)pBuffer,nSize,NULL);
if ( !NT_SUCCESS( status ) )
{
ExFreePool( pBuffer );
return STATUS_UNSUCCESSFUL;
}
else
return pBuffer;
}
else
return 0;
ULONG pBuffer;
NTSTATUS status;
DbgPrint("GetHandleList\n");
//pBuffer =(ULONG)ExAllocatePool(PagedPool,0x1000);
status = ZwQuerySystemInformation(SystemHandleInformation,NULL,0,&nSize);
if(NT_SUCCESS( status ))
{
pBuffer =(ULONG)ExAllocatePool(NonPagedPool,nSize);
status = ZwQuerySystemInformation(SystemHandleInformation,(PVOID)pBuffer,nSize,NULL);
if ( !NT_SUCCESS( status ) )
{
ExFreePool( pBuffer );
return STATUS_UNSUCCESSFUL;
}
else
return pBuffer;
}
else
return 0;
...全文
请发表友善的回复…
发表回复
taianmonkey 2008-12-07
- 打赏
- 举报
原来是我的判断错了!
以下是正确的代码:
ULONG nSize;
ULONG pBuffer;
NTSTATUS status;
DbgPrint("GetHandleList\n");
pBuffer =(ULONG)ExAllocatePool(PagedPool,0x1000);
status = ZwQuerySystemInformation(SystemHandleInformation,(PVOID)pBuffer,0x1000,&nSize);
ExFreePool((PVOID)pBuffer);
if(STATUS_INFO_LENGTH_MISMATCH == status)
{
pBuffer =(ULONG)ExAllocatePool(NonPagedPool,nSize);
ZwQuerySystemInformation(SystemHandleInformation,(PVOID)pBuffer,nSize,NULL);
return pBuffer;
}
else
return 0;
以下是正确的代码:
ULONG nSize;
ULONG pBuffer;
NTSTATUS status;
DbgPrint("GetHandleList\n");
pBuffer =(ULONG)ExAllocatePool(PagedPool,0x1000);
status = ZwQuerySystemInformation(SystemHandleInformation,(PVOID)pBuffer,0x1000,&nSize);
ExFreePool((PVOID)pBuffer);
if(STATUS_INFO_LENGTH_MISMATCH == status)
{
pBuffer =(ULONG)ExAllocatePool(NonPagedPool,nSize);
ZwQuerySystemInformation(SystemHandleInformation,(PVOID)pBuffer,nSize,NULL);
return pBuffer;
}
else
return 0;
cnzdgs 2008-12-06
- 打赏
- 举报
当给出的缓冲区不足时,会返回失败,第4参数返回所需的大小;当给出的缓冲区足够时,返回成功,此时第4参数的值是没有参考价值的。
顺便提一下,调用函数失败时,看一下返回值是多少,根据返回值来分析错误原因。
顺便提一下,调用函数失败时,看一下返回值是多少,根据返回值来分析错误原因。
taianmonkey 2008-12-06
- 打赏
- 举报
怎么这样调用也是失败的?
ULONG nSize;
ULONG pBuffer;
NTSTATUS status;
DbgPrint("GetHandleList\n");
pBuffer =(ULONG)ExAllocatePool(PagedPool,0x1000);
status = ZwQuerySystemInformation(SystemHandleInformation,(PVOID)pBuffer,0x1000,&nSize);
ExFreePool((PVOID)pBuffer);
if(NT_SUCCESS( status ))
{
pBuffer =(ULONG)ExAllocatePool(NonPagedPool,nSize);
status = ZwQuerySystemInformation(SystemHandleInformation,(PVOID)pBuffer,nSize,NULL);
if ( !NT_SUCCESS( status ) )
{
ExFreePool( pBuffer );
return STATUS_UNSUCCESSFUL;
}
else
return pBuffer;
}
else
return 0;
ULONG nSize;
ULONG pBuffer;
NTSTATUS status;
DbgPrint("GetHandleList\n");
pBuffer =(ULONG)ExAllocatePool(PagedPool,0x1000);
status = ZwQuerySystemInformation(SystemHandleInformation,(PVOID)pBuffer,0x1000,&nSize);
ExFreePool((PVOID)pBuffer);
if(NT_SUCCESS( status ))
{
pBuffer =(ULONG)ExAllocatePool(NonPagedPool,nSize);
status = ZwQuerySystemInformation(SystemHandleInformation,(PVOID)pBuffer,nSize,NULL);
if ( !NT_SUCCESS( status ) )
{
ExFreePool( pBuffer );
return STATUS_UNSUCCESSFUL;
}
else
return pBuffer;
}
else
return 0;
cnzdgs 2008-12-06
- 打赏
- 举报
ZwQuerySystemInformation的第2、3参数给0时肯定会返回失败的,(因为缓冲区空间不足),第4参数返回所需的空间大小。此时你判断if(NT_SUCCESS( status ))就不对了。
