开发者

GlobalLock and Global memory in kernel mode?

问答 作者:

How to use globallock in kernel mode?

A driver linked wi开发者_开发知识库th kernel32.lib always give me system error 127.(The environment is correct)

How could I use it or is there anything working in kernel mode?

Global/local memory doesn't make any sense in kernel mode.

You might want to use ExAllocatePoolWithTag for kernel memory allocation.

The way to convert a HGLOBAL handle to pointer in kernel mode is NtUserCreateLocalMemHandle located in Shadow SSDT. After read code from reactos, it could be done like this.

 HANDLE hRetVal;
    PVOID mem = NULL;
    NTSTATUS status;
    PDWORD size = NULL;
    DWORD dwordsize = 4;
    DWORD realsize = 0;
    KAPC_STATE apcstate;

    ZwAllocateVirtualMemory(NtCurrentProcess(), &size, 0, &dwordsize, MEM_COMMIT, PAGE_READWRITE)
    KeStackAttachProcess(PsGetCurrentProcess(),&apcstate)
    hRetVal = NtUserGetClipboardData(uFormat, pParam);//I am calling it in my hook
    status = NtUserCreateLocalMemHandle(hRetVal, NULL, 0, size);
    realsize = *size;
    if(status == STATUS_BUFFER_TOO_SMALL)
    {
      ZwAllocateVirtualMemory(NtCurrentProcess(),&mem,0,size,MEM_COMMIT,PAGE_READWRITE);
      status = NtUserCreateLocalMemHandle(hRetVal, mem, realsize, NULL);
      ZwFreeVirtualMemory(NtCurrentProcess(),&mem,size,MEM_DECOMMIT)
    }
   if(mem != NULL)
   {
      ZwFreeVirtualMemory(NtCurrentProcess(),&size,&dwordsize,MEM_DECOMMIT);
   }
   KeUnstackDetachProcess(&apcstate);

...Free memory and something else.

继续阅读:driverkernelmemory

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9