ProbeForWrite (
__inout_bcount(Length) PVOID Address,
__in SIZE_T Length,
__in ULONG Alignment
)
/*++
Routine Description:
This function probes a structure for write accessibility and ensures
correct alignment of the structure. If the structure is not accessible
or has incorrect alignment, then an exception is raised.
Arguments:
Address - Supplies a pointer to the structure to be probed.
Length - Supplies the length of the structure.
Alignment - Supplies the required alignment of the structure expressed
as the number of bytes in the primitive datatype (e.g., 1 for char,
2 for short, 4 for long, and 8 for quad).
Return Value:
None.
--*/
{
ULONG_PTR EndAddress;
ULONG_PTR StartAddress;
#define PageSize PAGE_SIZE
//
// If the structure has zero length, then do not probe the structure for
// write accessibility or alignment.
//
if (Length != 0) {
//
// If the structure is not properly aligned, then raise a data
// misalignment exception.
//
ASSERT((Alignment == 1) || (Alignment == 2) ||
(Alignment == 4) || (Alignment == 8) ||
(Alignment == 16)); //如果对齐值为其中的一个,则不产生断言
StartAddress = (ULONG_PTR)Address;
if ((StartAddress & (Alignment - 1)) == 0) { //判断StartAddress是否为0地址打头(根据字节对齐指定多少位0)
//
// Compute the ending address of the structure and probe for
// write accessibility.
//
EndAddress = StartAddress + Length - 1; //获得缓冲区的最后一个字节地址
if ((StartAddress <= EndAddress) &&
(EndAddress < MM_USER_PROBE_ADDRESS)) { //如果是合法用户地址
//
// N.B. Only the contents of the buffer may be probed.
// Therefore the starting byte is probed for the
// first page, and then the first byte in the page
// for each succeeding page.
//
// If this is a Wow64 process, then the native page is 4K, which
// could be smaller than the native page size/
//
EndAddress = (EndAddress & ~(PageSize - 1)) + PageSize; //这里开始就不懂了。PageSize = 0,(EndAddress & ~(0x1000 - 0x1)) -> (EndAddress & 0) result = 0 + PageSize?EndAddress == 0x1000????。。。
do {
*(volatile CHAR *)StartAddress = *(volatile CHAR *)StartAddress;
StartAddress = (StartAddress & ~(PageSize - 1)) + PageSize;
} while (StartAddress != EndAddress); //这里为什么死都要让StratAddress == EndAddress,那么不就等于Length = NULL了么。这样缓冲区的长度传进来代表什么。
return;
} else {
ExRaiseAccessViolation();
}
} else {
ExRaiseDatatypeMisalignment();
}
}
return;
}