手动操作 UNICODE_STRING 时崩溃
我在手动操作 UNICODE_STRING 时遇到了非常奇怪的(对我来说)崩溃:
UNICODE_STRING ustrName;
UNICODE_STRING ustrPortName;
UNICODE_STRING linkName;
UCHAR m_COMPortName[6];
RtlInitUnicodeString(&ustrName, L"PortName");
status = WdfStringCreate(NULL, WDF_NO_OBJECT_ATTRIBUTES, &strPortName);
if(NT_SUCCESS(status)) // String created
{ status = WdfRegistryQueryString (hKey, &ustrName, strPortName); // strPortName is now "COM8"
if (NT_SUCCESS (status)) {
WdfStringGetUnicodeString(strPortName, &ustrPortName);
m_COMPortName[0] = (UCHAR)ustrPortName.Buffer[0];
m_COMPortName[1] = (UCHAR)ustrPortName.Buffer[1];
m_COMPortName[2] = (UCHAR)ustrPortName.Buffer[2];
m_COMPortName[3] = (UCHAR)ustrPortName.Buffer[3];
m_COMPortName[4] = (UCHAR)ustrPortName.Buffer[4];
m_COMPortName[5] = 0; // Force a null-termination
}
}
WdfRegistryClose(hKey);
RtlInitUnicodeString(&linkName, L"\\??\\COM123"); // Init with lets say COM123, Breakpoint here...
linkName.Buffer[7] = (USHORT)m_COMPortName[3]; // First digit in the COM-port number // ** THIS LINE CRASH **
linkName.Buffer[8] = (USHORT)m_COMPortName[4]; // Second digit in the COM-port number // (if any else NULL)
linkName.Buffer[9] = (USHORT)m_COMPortName[5]; // Third digit in the COM-port number // (if any else NULL)
反汇编:
902de533 6840072e90 push offset mydriver! ?? ::FNODOBFM::'string' (902e0740) ** Breakpoint here (same as above...) **
902de538 8d45f8 lea eax,[ebp-8]
902de53b 50 push eax
902de53c ff1528202e90 call dword ptr [mydriver!_imp__RtlInitUnicodeString (902e2028)]
902de542 660fb60d23392e90 movzx cx,byte ptr [mydriver!m_COMPortName+0x3 (902e3923)] ** Start of the crashing line **
902de54a 8b55fc mov edx,dword ptr [ebp-4] ** Seems ok **
902de54d 66894a0e mov word ptr [edx+0Eh],cx ds:0023:902e074e=0031 ** CRASH!!! **
902de551 660fb60524392e90 movzx ax,byte ptr [mydriver!m_COMPortName+0x4 (902e3924)]
902de559 8b4dfc mov ecx,dword ptr [ebp-4]
902de55c 66894110 mov word ptr [ecx+10h],ax
902de560 660fb61525392e90 movzx dx,byte ptr [mydriver!m_COMPortName+0x5 (902e3925)]
902de568 8b45fc mov eax,dword ptr [ebp-4]
902de56b 66895012 mov word ptr [eax+12h],dx
linkName 和 m_COMPortName 在手表中看起来都是正确的。这是怎么回事?
另一种解决方案是以某种方式将 unicode 字符串 L"\\??\\" 与动态读取的 unicode 字符串 L"COMx" 连接起来。但我不知道该怎么做。我知道 MultiByteToWideChar 但我不太喜欢使用它,因为它需要 windows.h 并且当我将该文件包含到我的小型 KMDF 驱动程序项目中时编译器给我带来大量错误...
WinDDK 7600.16385.1 (KMDF) 中为 Windows Vista 编写的所有代码
I get a very strange (for me) crash while manually manipulating a UNICODE_STRING:
UNICODE_STRING ustrName;
UNICODE_STRING ustrPortName;
UNICODE_STRING linkName;
UCHAR m_COMPortName[6];
RtlInitUnicodeString(&ustrName, L"PortName");
status = WdfStringCreate(NULL, WDF_NO_OBJECT_ATTRIBUTES, &strPortName);
if(NT_SUCCESS(status)) // String created
{ status = WdfRegistryQueryString (hKey, &ustrName, strPortName); // strPortName is now "COM8"
if (NT_SUCCESS (status)) {
WdfStringGetUnicodeString(strPortName, &ustrPortName);
m_COMPortName[0] = (UCHAR)ustrPortName.Buffer[0];
m_COMPortName[1] = (UCHAR)ustrPortName.Buffer[1];
m_COMPortName[2] = (UCHAR)ustrPortName.Buffer[2];
m_COMPortName[3] = (UCHAR)ustrPortName.Buffer[3];
m_COMPortName[4] = (UCHAR)ustrPortName.Buffer[4];
m_COMPortName[5] = 0; // Force a null-termination
}
}
WdfRegistryClose(hKey);
RtlInitUnicodeString(&linkName, L"\\??\\COM123"); // Init with lets say COM123, Breakpoint here...
linkName.Buffer[7] = (USHORT)m_COMPortName[3]; // First digit in the COM-port number // ** THIS LINE CRASH **
linkName.Buffer[8] = (USHORT)m_COMPortName[4]; // Second digit in the COM-port number // (if any else NULL)
linkName.Buffer[9] = (USHORT)m_COMPortName[5]; // Third digit in the COM-port number // (if any else NULL)
Disassembly:
902de533 6840072e90 push offset mydriver! ?? ::FNODOBFM::'string' (902e0740) ** Breakpoint here (same as above...) **
902de538 8d45f8 lea eax,[ebp-8]
902de53b 50 push eax
902de53c ff1528202e90 call dword ptr [mydriver!_imp__RtlInitUnicodeString (902e2028)]
902de542 660fb60d23392e90 movzx cx,byte ptr [mydriver!m_COMPortName+0x3 (902e3923)] ** Start of the crashing line **
902de54a 8b55fc mov edx,dword ptr [ebp-4] ** Seems ok **
902de54d 66894a0e mov word ptr [edx+0Eh],cx ds:0023:902e074e=0031 ** CRASH!!! **
902de551 660fb60524392e90 movzx ax,byte ptr [mydriver!m_COMPortName+0x4 (902e3924)]
902de559 8b4dfc mov ecx,dword ptr [ebp-4]
902de55c 66894110 mov word ptr [ecx+10h],ax
902de560 660fb61525392e90 movzx dx,byte ptr [mydriver!m_COMPortName+0x5 (902e3925)]
902de568 8b45fc mov eax,dword ptr [ebp-4]
902de56b 66895012 mov word ptr [eax+12h],dx
Both linkName and m_COMPortName looks correct in the Watch. Whats up?
Another solution is to in some way concatenate the unicode string L"\\??\\" with the dynamically read unicode string L"COMx". But I don't know how to do that. I'm aware of MultiByteToWideChar but I'm not so fond of using it since it needs windows.h and when I include that file into my tiny KMDF-driver project the compiler gives me tons of errors...
All code made for Windows Vista in WinDDK 7600.16385.1 (KMDF)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
来自 MSDN <代码>RtlUnicodeStringInit:
linkName缓冲区指向一个常量 (L"\\??\\COM123"),因此当您尝试修改它时它会崩溃。From MSDN
RtlUnicodeStringInit:linkNamebuffer points to a constant (L"\\??\\COM123") so it crashed when you try to modify it.