3,881
社区成员
发帖
与我相关
我的任务
分享I/O控制派遣例程DispatchIoctl繁忙时如何等待按序执行
// I/O控制派遣例程
NTSTATUS DispatchIoctl(PDEVICE_OBJECT pDevObj, PIRP pIrp)
{
NTSTATUS status = STATUS_SUCCESS;
DbgPrint("debug \n");
PVOID inBuf;
PVOID outBuf;
ULONG outBufLength; //输出缓冲区长度
ULONG inBufLength; //输出缓冲区长度
// 取得此IRP(pIrp)的I/O堆栈指针
PIO_STACK_LOCATION pIrpStack = IoGetCurrentIrpStackLocation(pIrp);
// 取得I/O控制代码
ULONG uIoControlCode = pIrpStack->Parameters.DeviceIoControl.IoControlCode;
// 取得I/O缓冲区指针和它的长度
inBufLength = pIrpStack->Parameters.DeviceIoControl.InputBufferLength; //得到输入缓冲区长度
outBufLength = pIrpStack->Parameters.DeviceIoControl.OutputBufferLength; //得到输出缓冲区长度
ULONG outDataLen;
outBuf = pIrp->AssociatedIrp.SystemBuffer; //输出缓冲区
inBuf = pIrp->AssociatedIrp.SystemBuffer; //输入缓冲区
PVOID pIoBuffer = pIrp->AssociatedIrp.SystemBuffer;
/*
KEVENT event1;
KeInitializeEvent(&event1, NotificationEvent, FALSE);
if(status == STATUS_PENDING)
{
KeWaitForSingleObject(&event1, Executive, KernelMode, FALSE, NULL);
}
*/
//DWORD AddValue;
//char * chartemp;
int i=0;
unsigned long srcip;
unsigned long desip;
char sip[20];
char dip[20];
char *p;
char *ttemp;
ipheaderList* ipheaderListtemp;
ipheaderList* iplastListtemp;
char* outipBuf;
// 响应用户的命令
switch(uIoControlCode)
{
case START_IP_HOOK: // 开始过滤
status = SetFilterFunction(FilterPackets);
break;
case STOP_IP_HOOK: // 停止过滤
status = SetFilterFunction(NULL);
break;
case ADD_FILTER: // 添加一个过滤规则
if(inBufLength == sizeof(IPFilter))
status = AddFilterToList((IPFilter*)pIoBuffer);
else
status = STATUS_INVALID_DEVICE_REQUEST;
break;
case CLEAR_FILTER: // 释放过滤规则列表
ClearFilterList();
break;
case GET_MESSAGEIP: //得到被阻止源地址
DbgPrint("debug0 \n");
outipBuf="";
srcip=0;
desip=0;
//sip="";
//dip="";
p="";
ttemp="";
//RtlZeroMemory(outipBuf, sizeof(outipBuf));
//RtlZeroMemory(ttemp, sizeof(ttemp));
ipheaderListtemp=g_pIPHdr;
iplastListtemp=g_pIPHdrLast;
//DbgPrint("ipheaderListtemp: %p\n", ipheaderListtemp);
//DbgPrint("iplastListtemp: %p\n", iplastListtemp);
//AddValue=(DWORD)g_pIPHdr;
//chartemp=IntToHex((-AddValue)-1); //获取输出缓冲区地址,暂时没用了
//DbgPrint("chartemp: %s \n", chartemp);
DbgPrint("debug1 \n");
while (ipheaderListtemp!=iplastListtemp){
srcip=ipheaderListtemp->ipp.ipSource;
desip=ipheaderListtemp->ipp.ipDestination;
#define NIPQUAD(addr) \
((unsigned char *)&addr)[0], \
((unsigned char *)&addr)[1], \
((unsigned char *)&addr)[2], \
((unsigned char *)&addr)[3]
sprintf(sip, "%u.%u.%u.%u",NIPQUAD(srcip));
sprintf(dip, "%u.%u.%u.%u",NIPQUAD(desip));
//sprintf(src_desIP, "%u.%u.%u.%u:%u.%u.%u.%u",NIPQUAD(srcip),NIPQUAD(desip));
//采取合并处理策略、防止溢出
DbgPrint("debug2 \n");
ttemp=strcat(sip,":");
ttemp=strcat(ttemp,dip);
p=strstr(outipBuf,ttemp);
if(p == NULL)
{DbgPrint("debug3 \n");
ttemp=strcat(ttemp,";");
if((strlen(outipBuf)+strlen(ttemp))<=160)
outipBuf=strcat(outipBuf,ttemp);
//a中不存在b,添加相应代码
}
//采取合并处理策略、防止溢出
ipheaderListtemp=ipheaderListtemp->pNext;
}
DbgPrint("debug4 \n");
outDataLen=strlen(outipBuf) +1;
DbgPrint("AlloutDataLen: %d\n", outDataLen);
DbgPrint("ALLoutipBuf: %s \n",outipBuf);
RtlZeroMemory(outBuf, outBufLength);
RtlCopyBytes(outBuf, outipBuf,outDataLen); //复制输入内存到输出缓冲区
//pIrp->IoStatus.Information = (outBufLength > outDataLen ? outBufLength : outDataLen);
pIrp->IoStatus.Information =outDataLen ;
ClearIPHeadList();
g_pIPHdr =NULL;
g_pIPHdrLast =NULL;
//IoMarkIrpPending (pIrp); // 有效的IRP值- 准备设备
//IoStartPacket (pDevObj, pIrp, 0, NULL); // calls the driver's StartIo routine
//return STATUS_PENDING;
pIrp->IoStatus.Status = STATUS_SUCCESS;
//pIrp->IoStatus.Status = STATUS_PENDING;
IoCompleteRequest(pIrp, IO_NO_INCREMENT);
return STATUS_SUCCESS;
break;
case CLEAR_IPHEADLIST: // 释放阻拦IP包列表
ClearIPHeadList();
break;
default:
status = STATUS_INVALID_DEVICE_REQUEST;
break;
}
// 完成请求
pIrp->IoStatus.Status = status;
pIrp->IoStatus.Information = 0;
IoCompleteRequest(pIrp, IO_NO_INCREMENT);
return status;
}
这是一个ip包过滤的程序 ,自己在里面加了,获取被过滤的IP包源地址与目标地址返回给应用程序,主要是自己加的这个过程GET_MESSAGEIP: 调试的时候发现,如果ping被阻止的地址多了以后,显示结果异常;下面是调试异常部分windbg的输出结果
debug
debug0
debug1
debug2
debug4
AlloutDataLen: 57
ALLoutipBuf: 192.168.1.111:113.142.21.81;192.168.1.1:239.255.255.250;
debug
debug0
debug1
debug2
debug3
debug2
debug2
debug4
AlloutDataLen: 87
ALLoutipBuf: 192.168.1.111:113.142.21.81;192.168.1.1:239.255.255.250;192.168.1.111:220.181.111.148;
debug
debug0
debug1
debug2
debug2
debug2
debug3
debug4
AlloutDataLen: 115
ALLoutipBuf: 192.168.1.111:113.142.21.81;192.168.1.1:239.255.255.250;192.168.1.111:220.181.111.148;192.168.1.111:118.180.4.251;
.180.4.251;51;debug1
debug2
debug2
debug4
AlloutDataLen: 115
ALLoutipBuf: 192.168.1.111:113.142.21.81;192.168.1.1:239.255.255.250;192.168.1.111:220.181.111.148;192.168.1.111:118.180.4.251;
.180.4.251;51;debug1
debug2
debug2
debug4
AlloutDataLen: 115
ALLoutipBuf: 192.168.1.111:113.142.21.81;192.168.1.1:239.255.255.250;192.168.1.111:220.181.111.148;192.168.1.111:118.180.4.251;
.180.4.251;51;debug1
debug2
debug2
debug4
AlloutDataLen: 115
ALLoutipBuf: 192.168.1.111:113.142.21.81;192.168.1.1:239.255.255.250;192.168.1.111:220.181.111.148;192.168.1.111:118.180.4.251;
.180.4.251;51;
NTSTATUS DispatchIoctl(PDEVICE_OBJECT pDevObj, PIRP pIrp)
{
NTSTATUS status = STATUS_SUCCESS;
DbgPrint("debug \n");
PVOID inBuf;
PVOID outBuf;
ULONG outBufLength; //输出缓冲区长度
ULONG inBufLength; //输出缓冲区长度
// 取得此IRP(pIrp)的I/O堆栈指针
PIO_STACK_LOCATION pIrpStack = IoGetCurrentIrpStackLocation(pIrp);
// 取得I/O控制代码
ULONG uIoControlCode = pIrpStack->Parameters.DeviceIoControl.IoControlCode;
// 取得I/O缓冲区指针和它的长度
inBufLength = pIrpStack->Parameters.DeviceIoControl.InputBufferLength; //得到输入缓冲区长度
outBufLength = pIrpStack->Parameters.DeviceIoControl.OutputBufferLength; //得到输出缓冲区长度
ULONG outDataLen;
outBuf = pIrp->AssociatedIrp.SystemBuffer; //输出缓冲区
inBuf = pIrp->AssociatedIrp.SystemBuffer; //输入缓冲区
PVOID pIoBuffer = pIrp->AssociatedIrp.SystemBuffer;
/*
KEVENT event1;
KeInitializeEvent(&event1, NotificationEvent, FALSE);
if(status == STATUS_PENDING)
{
KeWaitForSingleObject(&event1, Executive, KernelMode, FALSE, NULL);
}
*/
//DWORD AddValue;
//char * chartemp;
int i=0;
unsigned long srcip;
unsigned long desip;
char sip[20];
char dip[20];
char *p;
char *ttemp;
ipheaderList* ipheaderListtemp;
ipheaderList* iplastListtemp;
char* outipBuf;
// 响应用户的命令
switch(uIoControlCode)
{
case START_IP_HOOK: // 开始过滤
status = SetFilterFunction(FilterPackets);
break;
case STOP_IP_HOOK: // 停止过滤
status = SetFilterFunction(NULL);
break;
case ADD_FILTER: // 添加一个过滤规则
if(inBufLength == sizeof(IPFilter))
status = AddFilterToList((IPFilter*)pIoBuffer);
else
status = STATUS_INVALID_DEVICE_REQUEST;
break;
case CLEAR_FILTER: // 释放过滤规则列表
ClearFilterList();
break;
case GET_MESSAGEIP: //得到被阻止源地址
DbgPrint("debug0 \n");
outipBuf="";
srcip=0;
desip=0;
//sip="";
//dip="";
p="";
ttemp="";
//RtlZeroMemory(outipBuf, sizeof(outipBuf));
//RtlZeroMemory(ttemp, sizeof(ttemp));
ipheaderListtemp=g_pIPHdr;
iplastListtemp=g_pIPHdrLast;
//DbgPrint("ipheaderListtemp: %p\n", ipheaderListtemp);
//DbgPrint("iplastListtemp: %p\n", iplastListtemp);
//AddValue=(DWORD)g_pIPHdr;
//chartemp=IntToHex((-AddValue)-1); //获取输出缓冲区地址,暂时没用了
//DbgPrint("chartemp: %s \n", chartemp);
DbgPrint("debug1 \n");
while (ipheaderListtemp!=iplastListtemp){
srcip=ipheaderListtemp->ipp.ipSource;
desip=ipheaderListtemp->ipp.ipDestination;
#define NIPQUAD(addr) \
((unsigned char *)&addr)[0], \
((unsigned char *)&addr)[1], \
((unsigned char *)&addr)[2], \
((unsigned char *)&addr)[3]
sprintf(sip, "%u.%u.%u.%u",NIPQUAD(srcip));
sprintf(dip, "%u.%u.%u.%u",NIPQUAD(desip));
//sprintf(src_desIP, "%u.%u.%u.%u:%u.%u.%u.%u",NIPQUAD(srcip),NIPQUAD(desip));
//采取合并处理策略、防止溢出
DbgPrint("debug2 \n");
ttemp=strcat(sip,":");
ttemp=strcat(ttemp,dip);
p=strstr(outipBuf,ttemp);
if(p == NULL)
{DbgPrint("debug3 \n");
ttemp=strcat(ttemp,";");
if((strlen(outipBuf)+strlen(ttemp))<=160)
outipBuf=strcat(outipBuf,ttemp);
//a中不存在b,添加相应代码
}
//采取合并处理策略、防止溢出
ipheaderListtemp=ipheaderListtemp->pNext;
}
DbgPrint("debug4 \n");
outDataLen=strlen(outipBuf) +1;
DbgPrint("AlloutDataLen: %d\n", outDataLen);
DbgPrint("ALLoutipBuf: %s \n",outipBuf);
RtlZeroMemory(outBuf, outBufLength);
RtlCopyBytes(outBuf, outipBuf,outDataLen); //复制输入内存到输出缓冲区
//pIrp->IoStatus.Information = (outBufLength > outDataLen ? outBufLength : outDataLen);
pIrp->IoStatus.Information =outDataLen ;
ClearIPHeadList();
g_pIPHdr =NULL;
g_pIPHdrLast =NULL;
//IoMarkIrpPending (pIrp); // 有效的IRP值- 准备设备
//IoStartPacket (pDevObj, pIrp, 0, NULL); // calls the driver's StartIo routine
//return STATUS_PENDING;
pIrp->IoStatus.Status = STATUS_SUCCESS;
//pIrp->IoStatus.Status = STATUS_PENDING;
IoCompleteRequest(pIrp, IO_NO_INCREMENT);
return STATUS_SUCCESS;
break;
case CLEAR_IPHEADLIST: // 释放阻拦IP包列表
ClearIPHeadList();
break;
default:
status = STATUS_INVALID_DEVICE_REQUEST;
break;
}
// 完成请求
pIrp->IoStatus.Status = status;
pIrp->IoStatus.Information = 0;
IoCompleteRequest(pIrp, IO_NO_INCREMENT);
return status;
}
这是一个ip包过滤的程序 ,自己在里面加了,获取被过滤的IP包源地址与目标地址返回给应用程序,主要是自己加的这个过程GET_MESSAGEIP: 调试的时候发现,如果ping被阻止的地址多了以后,显示结果异常;下面是调试异常部分windbg的输出结果
debug
debug0
debug1
debug2
debug4
AlloutDataLen: 57
ALLoutipBuf: 192.168.1.111:113.142.21.81;192.168.1.1:239.255.255.250;
debug
debug0
debug1
debug2
debug3
debug2
debug2
debug4
AlloutDataLen: 87
ALLoutipBuf: 192.168.1.111:113.142.21.81;192.168.1.1:239.255.255.250;192.168.1.111:220.181.111.148;
debug
debug0
debug1
debug2
debug2
debug2
debug3
debug4
AlloutDataLen: 115
ALLoutipBuf: 192.168.1.111:113.142.21.81;192.168.1.1:239.255.255.250;192.168.1.111:220.181.111.148;192.168.1.111:118.180.4.251;
.180.4.251;51;debug1
debug2
debug2
debug4
AlloutDataLen: 115
ALLoutipBuf: 192.168.1.111:113.142.21.81;192.168.1.1:239.255.255.250;192.168.1.111:220.181.111.148;192.168.1.111:118.180.4.251;
.180.4.251;51;debug1
debug2
debug2
debug4
AlloutDataLen: 115
ALLoutipBuf: 192.168.1.111:113.142.21.81;192.168.1.1:239.255.255.250;192.168.1.111:220.181.111.148;192.168.1.111:118.180.4.251;
.180.4.251;51;debug1
debug2
debug2
debug4
AlloutDataLen: 115
ALLoutipBuf: 192.168.1.111:113.142.21.81;192.168.1.1:239.255.255.250;192.168.1.111:220.181.111.148;192.168.1.111:118.180.4.251;
.180.4.251;51;
...全文
请发表友善的回复…
发表回复
supercoder2 2014-01-19
- 打赏
- 举报
调试发现 不出现debug debug0 输出信息的时候肯定是有问题的,新手期待高手,在线等ing
