先说程序的设计思路吧。
是应用层生成一个数组 然后传到内核模块,内核模块调用dbgprint答应
应用层代码如何下
int main()
{
int stop;
HANDLE hDevice =
CreateFile(L"\\\\.\\speeddriver",
GENERIC_READ | GENERIC_WRITE,
0, // share mode none
NULL, // no security
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL,
NULL); // no template
if (hDevice == INVALID_HANDLE_VALUE)
{
printf("Failed to obtain file handle to device: "
"%s with Win32 error code: %d\n",
"MyWDMDevice", GetLastError());
return 1;
}
ULONG InputBuffer[10];
UCHAR OutputBuffer[10];
for (int i = 0; i < 10; i++)
{
ULONG d;
printf("please enter the number\n");
scanf("%u",&d);
InputBuffer[i] = d;
printf("go on please\n");
}
DWORD dwOutput;
BOOL bRet;
bRet = DeviceIoControl(hDevice, IOCTL_TEST1, InputBuffer, 10, &OutputBuffer, 10, &dwOutput, NULL);
if (bRet)
{
printf("Output buffer:%d bytes\n", dwOutput);
for (int i = 0; i<(int)dwOutput; i++)
{
printf("%02X ", OutputBuffer[i]);
}
printf("\n");
}
CloseHandle(hDevice);
scanf("%d", &stop);
return 0;
}
IOCTL_TEST1为一个宏 这不是重点。
内核代码处理 IOCTL_TEST1的代码如下
NTSTATUS controldispatch(PDEVICE_OBJECT device, PIRP irp)
{
NTSTATUS stats = STATUS_SUCCESS;
DbgPrint("Enter HelloDDKDeviceIOControl\n");
PIO_STACK_LOCATION stack = IoGetCurrentIrpStackLocation(irp);
//获得输入输出缓冲区的大小
ULONG cbin = stack->Parameters.DeviceIoControl.InputBufferLength;
ULONG cbout = stack->Parameters.DeviceIoControl.OutputBufferLength;
ULONG code = stack->Parameters.DeviceIoControl.IoControlCode;
ULONG info = 0;
switch (code)
{
case IOCTL_TEST1:
{
DbgPrint("debug test1");//这里能正常答应
ULONG *inbuff = (PULONG)irp->AssociatedIrp.SystemBuffer;
for (ULONG i = 0; i < cbin; i++)
{
DbgPrint("%u \n", inbuff[i]);
}
UCHAR *outbuff = (PUCHAR)irp->AssociatedIrp.SystemBuffer;
memset(outbuff, 0xaa, cbout);
info = cbout;
break;
}
default:
stats = STATUS_INVALID_VARIANT;
break;
}
irp->IoStatus.Status = stats;
irp->IoStatus.Information = info;
IoCompleteRequest(irp, IO_NO_INCREMENT);
DbgPrint("Leave HelloDDKDeviceIOControl\n");
return stats;
}
打出来的东西 前几个还是正常的,但是后面就不正
我调试了应用层
发现在应用层输入的数组 是正常的。
请大神指导下,人穷分少,请勿见怪。
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!