-
-
[求助]PiControlCopyUserModeCallersBuffer是不是有问题
-
发表于:
2011-10-28 17:14
3077
-
[求助]PiControlCopyUserModeCallersBuffer是不是有问题
signed int __stdcall PiControlCopyUserModeCallersBuffer(
PVOID Address,
SIZE_T UserAddress,
unsigned int NumberOfBytes,
ULONG Alignment,
char a5,
char a6)
{
signed int result; // eax@7
if ( a5 )
{
if ( a6 )
{
if ( NumberOfBytes )
{
if ( (Alignment - 1) & UserAddress )
{
ExRaiseDatatypeMisalignment();
__asm { int 3 ; Trap to Debugger }
return 1;
}
if ( UserAddress + NumberOfBytes > (unsigned int)MmUserProbeAddress || UserAddress + NumberOfBytes < UserAddress )
[B]*(_BYTE *)MmUserProbeAddress = 0; [/B]???? <<<<<<<<<<<<<<----------bug NumberOfBytes = 0??/
}
}
else
{
ProbeForWrite(Address, NumberOfBytes, Alignment);
}
memcpy(Address, (const void *)UserAddress, NumberOfBytes);
result = 0;
}
else
{
memcpy(Address, (const void *)UserAddress, NumberOfBytes);
result = 0;
}
return result;
}
不过不好测试,基本上调用这个函数的需要SeTcbPrivilege权限,晕
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)
