本文整理汇总了C++中NT_SUCCESS函数的典型用法代码示例。如果您正苦于以下问题:C++ NT_SUCCESS函数的具体用法?C++ NT_SUCCESS怎么用?C++ NT_SUCCESS使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了NT_SUCCESS函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: GetCommandLine
bool GetCommandLine(DWORD dwPid, LPWSTR lpwstr)
{
bool fSuccess = false;
HANDLE hProcess = NULL;
hProcess = ::OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, dwPid);
if (NULL != hProcess)
{
PROCESS_BASIC_INFORMATION pbi = { 0 };
NTSTATUS status = NtQueryInformationProcess(
hProcess,
ProcessBasicInformation,
&pbi,
sizeof(pbi),
NULL
);
if (NT_SUCCESS(status) && NULL != pbi.PebBaseAddress)
{
PEB_ peb = { 0 };
if (::ReadProcessMemory(
hProcess,
pbi.PebBaseAddress,
&peb,
sizeof(peb),
NULL
))
{
RTL_USER_PROCESS_PARAMETERS params = { 0 };
if (::ReadProcessMemory(
hProcess,
peb.ProcessParameters,
¶ms,
sizeof(params),
NULL
)
&& params.CommandLine.Length > 0
)
{
if (params.CommandLine.Length > MAX_COMMANDLINE_LENGTH)
printf("CommandLine Length : %d > MAX_COMMANDLINE_LENGTH(%d)\n", params.CommandLine.Length, MAX_COMMANDLINE_LENGTH);
if (::ReadProcessMemory(
hProcess,
params.CommandLine.Buffer,
lpwstr,
MAX_COMMANDLINE_LENGTH,
NULL
))
{
fSuccess = true;
}
}
}
}
::CloseHandle(hProcess);
}
return fSuccess;
}示例2: InitDisplayDriver
PGRAPHICS_DEVICE
NTAPI
InitDisplayDriver(
IN PWSTR pwszDeviceName,
IN PWSTR pwszRegKey)
{
PGRAPHICS_DEVICE pGraphicsDevice;
UNICODE_STRING ustrDeviceName, ustrDisplayDrivers, ustrDescription;
NTSTATUS Status;
WCHAR awcBuffer[128];
ULONG cbSize;
HKEY hkey;
DEVMODEW dmDefault;
ERR("InitDisplayDriver(%S, %S);\n",
pwszDeviceName, pwszRegKey);
/* Open the driver's registry key */
Status = RegOpenKey(pwszRegKey, &hkey);
if (!NT_SUCCESS(Status))
{
ERR("Failed to open registry key: %ls\n", pwszRegKey);
return NULL;
}
/* Query the diplay drivers */
cbSize = sizeof(awcBuffer) - 10;
Status = RegQueryValue(hkey,
L"InstalledDisplayDrivers",
REG_MULTI_SZ,
awcBuffer,
&cbSize);
if (!NT_SUCCESS(Status))
{
ERR("Didn't find 'InstalledDisplayDrivers', status = 0x%lx\n", Status);
ZwClose(hkey);
return NULL;
}
/* Initialize the UNICODE_STRING */
ustrDisplayDrivers.Buffer = awcBuffer;
ustrDisplayDrivers.MaximumLength = cbSize;
ustrDisplayDrivers.Length = cbSize;
/* Set Buffer for description and size of remaining buffer */
ustrDescription.Buffer = awcBuffer + (cbSize / sizeof(WCHAR));
cbSize = sizeof(awcBuffer) - cbSize;
/* Query the device string */
Status = RegQueryValue(hkey,
L"Device Description",
REG_SZ,
ustrDescription.Buffer,
&cbSize);
if (NT_SUCCESS(Status))
{
ustrDescription.MaximumLength = cbSize;
ustrDescription.Length = cbSize;
}
else
{
RtlInitUnicodeString(&ustrDescription, L"<unknown>");
}
/* Query the default settings */
RegReadDisplaySettings(hkey, &dmDefault);
/* Close the registry key */
ZwClose(hkey);
/* Register the device with GDI */
RtlInitUnicodeString(&ustrDeviceName, pwszDeviceName);
pGraphicsDevice = EngpRegisterGraphicsDevice(&ustrDeviceName,
&ustrDisplayDrivers,
&ustrDescription,
&dmDefault);
return pGraphicsDevice;
}示例3: DriverEntry
NTSTATUS
DriverEntry(
IN PDRIVER_OBJECT pDriverObject,
IN PUNICODE_STRING pRegistryPath
)
/*++
Routine Description:
Called on loading. We create a device object to handle user-mode requests
on, and register ourselves as a protocol with NDIS.
Arguments:
pDriverObject - Pointer to driver object created by system.
pRegistryPath - Pointer to the Unicode name of the registry path
for this driver.
Return Value:
NT Status code
--*/
{
NDIS_PROTOCOL_DRIVER_CHARACTERISTICS protocolChar = {0};
NTSTATUS status = STATUS_SUCCESS;
NDIS_STRING protoName = NDIS_STRING_CONST("NDISPROT");
UNICODE_STRING ntDeviceName;
UNICODE_STRING win32DeviceName;
BOOLEAN fSymbolicLink = FALSE;
PDEVICE_OBJECT deviceObject = NULL;
NDIS_HANDLE ProtocolDriverContext={0};
UNREFERENCED_PARAMETER(pRegistryPath);
DEBUGP(DL_LOUD, ("DriverEntry\n"));
Globals.pDriverObject = pDriverObject;
Globals.EthType = NPROT_ETH_TYPE;
NPROT_INIT_EVENT(&Globals.BindsComplete);
do
{
//
// Create our device object using which an application can
// access NDIS devices.
//
RtlInitUnicodeString(&ntDeviceName, NT_DEVICE_NAME);
status = IoCreateDevice (pDriverObject,
0,
&ntDeviceName,
FILE_DEVICE_NETWORK,
FILE_DEVICE_SECURE_OPEN,
FALSE,
&deviceObject);
if (!NT_SUCCESS (status))
{
//
// Either not enough memory to create a deviceobject or another
// deviceobject with the same name exits. This could happen
// if you install another instance of this device.
//
break;
}
RtlInitUnicodeString(&win32DeviceName, DOS_DEVICE_NAME);
status = IoCreateSymbolicLink(&win32DeviceName, &ntDeviceName);
if (!NT_SUCCESS(status))
{
break;
}
fSymbolicLink = TRUE;
deviceObject->Flags |= DO_DIRECT_IO;
Globals.ControlDeviceObject = deviceObject;
NPROT_INIT_LIST_HEAD(&Globals.OpenList);
NPROT_INIT_LOCK(&Globals.GlobalLock);
//
// Initialize the protocol characterstic structure
//
#if (NDIS_SUPPORT_NDIS630)
{C_ASSERT(sizeof(protocolChar) >= NDIS_SIZEOF_PROTOCOL_DRIVER_CHARACTERISTICS_REVISION_2);}
protocolChar.Header.Type = NDIS_OBJECT_TYPE_PROTOCOL_DRIVER_CHARACTERISTICS,
protocolChar.Header.Size = NDIS_SIZEOF_PROTOCOL_DRIVER_CHARACTERISTICS_REVISION_2;
protocolChar.Header.Revision = NDIS_PROTOCOL_DRIVER_CHARACTERISTICS_REVISION_2;
#elif (NDIS_SUPPORT_NDIS6)
{C_ASSERT(sizeof(protocolChar) >= NDIS_SIZEOF_PROTOCOL_DRIVER_CHARACTERISTICS_REVISION_1);}
protocolChar.Header.Type = NDIS_OBJECT_TYPE_PROTOCOL_DRIVER_CHARACTERISTICS,
protocolChar.Header.Size = NDIS_SIZEOF_PROTOCOL_DRIVER_CHARACTERISTICS_REVISION_1;
protocolChar.Header.Revision = NDIS_PROTOCOL_DRIVER_CHARACTERISTICS_REVISION_1;
#endif // NDIS MINIPORT VERSION
//.........这里部分代码省略.........
示例4: SmpSbCreateSession
NTSTATUS
NTAPI
SmpSbCreateSession(IN PVOID Reserved,
IN PSMP_SUBSYSTEM OtherSubsystem,
IN PRTL_USER_PROCESS_INFORMATION ProcessInformation,
IN ULONG MuSessionId,
IN PCLIENT_ID DbgClientId)
{
NTSTATUS Status;
PSMP_SUBSYSTEM KnownSubsys;
SB_API_MSG SbApiMsg;
ULONG SessionId;
PSB_CREATE_SESSION_MSG CreateSessionMsg;
/* Write out the create session message including its initial process */
CreateSessionMsg = &SbApiMsg.CreateSession;
CreateSessionMsg->ProcessInfo = *ProcessInformation;
CreateSessionMsg->MuSessionId = MuSessionId;
if (DbgClientId)
{
CreateSessionMsg->ClientId = *DbgClientId;
}
else
{
CreateSessionMsg->ClientId.UniqueThread = NULL;
CreateSessionMsg->ClientId.UniqueProcess = NULL;
}
/* Find a subsystem responsible for this session */
SmpGetProcessMuSessionId(ProcessInformation->ProcessHandle, &MuSessionId);
if (!SmpCheckDuplicateMuSessionId(MuSessionId))
{
NtClose(ProcessInformation->ProcessHandle);
NtClose(ProcessInformation->ThreadHandle);
DPRINT1("SMSS: CreateSession status=%x\n", STATUS_OBJECT_NAME_NOT_FOUND);
return STATUS_OBJECT_NAME_NOT_FOUND;
}
/* Find the subsystem we have for this initial process */
KnownSubsys = SmpLocateKnownSubSysByType(MuSessionId,
ProcessInformation->
ImageInformation.SubSystemType);
if (KnownSubsys)
{
/* Duplicate the process handle into the message */
Status = NtDuplicateObject(NtCurrentProcess(),
ProcessInformation->ProcessHandle,
KnownSubsys->ProcessHandle,
&CreateSessionMsg->ProcessInfo.ProcessHandle,
PROCESS_ALL_ACCESS,
0,
0);
if (NT_SUCCESS(Status))
{
/* Duplicate the thread handle into the message */
Status = NtDuplicateObject(NtCurrentProcess(),
ProcessInformation->ThreadHandle,
KnownSubsys->ProcessHandle,
&CreateSessionMsg->ProcessInfo.ThreadHandle,
THREAD_ALL_ACCESS,
0,
0);
if (!NT_SUCCESS(Status))
{
/* Close everything on failure */
NtClose(ProcessInformation->ProcessHandle);
NtClose(ProcessInformation->ThreadHandle);
SmpDereferenceSubsystem(KnownSubsys);
DbgPrint("SmpSbCreateSession: NtDuplicateObject (Thread) Failed %lx\n", Status);
return Status;
}
/* Close the original handles as they are no longer needed */
NtClose(ProcessInformation->ProcessHandle);
NtClose(ProcessInformation->ThreadHandle);
/* Finally, allocate a new SMSS session ID for this session */
SessionId = SmpAllocateSessionId(KnownSubsys, OtherSubsystem);
CreateSessionMsg->SessionId = SessionId;
/* Fill out the LPC message header and send it to the client! */
SbApiMsg.ApiNumber = SbpCreateSession;
SbApiMsg.h.u2.ZeroInit = 0;
SbApiMsg.h.u1.s1.DataLength = sizeof(SB_CREATE_SESSION_MSG) + 8;
SbApiMsg.h.u1.s1.TotalLength = sizeof(SbApiMsg);
Status = NtRequestWaitReplyPort(KnownSubsys->SbApiPort,
&SbApiMsg.h,
&SbApiMsg.h);
if (!NT_SUCCESS(Status))
{
/* Bail out */
DPRINT1("SmpSbCreateSession: NtRequestWaitReply Failed %lx\n", Status);
}
else
{
/* If the API succeeded, get the result value from the LPC */
Status = SbApiMsg.ReturnValue;
}
/* Delete the session on any kind of failure */
//.........这里部分代码省略.........
示例5: NtUserEnumDisplayDevices
//NTSTATUS
BOOL
NTAPI
NtUserEnumDisplayDevices(
PUNICODE_STRING pustrDevice,
DWORD iDevNum,
PDISPLAY_DEVICEW pDisplayDevice,
DWORD dwFlags)
{
UNICODE_STRING ustrDevice;
WCHAR awcDevice[CCHDEVICENAME];
DISPLAY_DEVICEW dispdev;
NTSTATUS Status;
TRACE("Enter NtUserEnumDisplayDevices(%wZ, %ld)\n",
pustrDevice, iDevNum);
// FIXME: HACK, desk.cpl passes broken crap
if (pustrDevice && iDevNum != 0)
return FALSE;
dispdev.cb = sizeof(dispdev);
if (pustrDevice)
{
/* Initialize destination string */
RtlInitEmptyUnicodeString(&ustrDevice, awcDevice, sizeof(awcDevice));
_SEH2_TRY
{
/* Probe the UNICODE_STRING and the buffer */
ProbeForRead(pustrDevice, sizeof(UNICODE_STRING), 1);
ProbeForRead(pustrDevice->Buffer, pustrDevice->Length, 1);
/* Copy the string */
RtlCopyUnicodeString(&ustrDevice, pustrDevice);
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
// _SEH2_YIELD(return _SEH2_GetExceptionCode());
_SEH2_YIELD(return NT_SUCCESS(_SEH2_GetExceptionCode()));
}
_SEH2_END
if (ustrDevice.Length > 0)
pustrDevice = &ustrDevice;
else
pustrDevice = NULL;
}
/* Acquire global USER lock */
UserEnterExclusive();
/* Call the internal function */
Status = UserEnumDisplayDevices(pustrDevice, iDevNum, &dispdev, dwFlags);
/* Release lock */
UserLeave();
/* On success copy data to caller */
if (NT_SUCCESS(Status))
{
/* Enter SEH */
_SEH2_TRY
{
/* First probe the cb field */
ProbeForWrite(&pDisplayDevice->cb, sizeof(DWORD), 1);
/* Check the buffer size */
if (pDisplayDevice->cb)
{
/* Probe the output buffer */
pDisplayDevice->cb = min(pDisplayDevice->cb, sizeof(dispdev));
ProbeForWrite(pDisplayDevice, pDisplayDevice->cb, 1);
/* Copy as much as the given buffer allows */
RtlCopyMemory(pDisplayDevice, &dispdev, pDisplayDevice->cb);
}
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
Status = _SEH2_GetExceptionCode();
}
_SEH2_END
}
ERR("Leave NtUserEnumDisplayDevices, Status = 0x%lx\n", Status);
/* Return the result */
// return Status;
return NT_SUCCESS(Status); // FIXME
}示例6: PhpEventPairPageProc
INT_PTR CALLBACK PhpEventPairPageProc(
_In_ HWND hwndDlg,
_In_ UINT uMsg,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
PCOMMON_PAGE_CONTEXT pageContext;
pageContext = PhpCommonPageHeader(hwndDlg, uMsg, wParam, lParam);
if (!pageContext)
return FALSE;
switch (uMsg)
{
case WM_INITDIALOG:
{
// Nothing
}
break;
case WM_COMMAND:
{
switch (LOWORD(wParam))
{
case IDC_SETLOW:
case IDC_SETHIGH:
{
NTSTATUS status;
HANDLE eventPairHandle;
if (NT_SUCCESS(status = pageContext->OpenObject(
&eventPairHandle,
EVENT_PAIR_ALL_ACCESS,
pageContext->Context
)))
{
switch (LOWORD(wParam))
{
case IDC_SETLOW:
NtSetLowEventPair(eventPairHandle);
break;
case IDC_SETHIGH:
NtSetHighEventPair(eventPairHandle);
break;
}
NtClose(eventPairHandle);
}
if (!NT_SUCCESS(status))
PhShowStatus(hwndDlg, L"Unable to open the event pair", status, 0);
}
break;
}
}
break;
}
return FALSE;
}示例7: CmiAddValueKey
NTSTATUS
CmiAddValueKey(
IN PCMHIVE RegistryHive,
IN PCM_KEY_NODE KeyCell,
IN HCELL_INDEX KeyCellOffset,
IN PCUNICODE_STRING ValueName,
OUT PCM_KEY_VALUE *pValueCell,
OUT HCELL_INDEX *pValueCellOffset)
{
PVALUE_LIST_CELL ValueListCell;
PCM_KEY_VALUE NewValueCell;
HCELL_INDEX ValueListCellOffset;
HCELL_INDEX NewValueCellOffset;
ULONG CellSize;
HSTORAGE_TYPE Storage;
NTSTATUS Status;
Storage = (KeyCell->Flags & KEY_IS_VOLATILE) ? Volatile : Stable;
if (KeyCell->ValueList.List == HCELL_NIL)
{
/* Allocate some room for the value list */
CellSize = sizeof(VALUE_LIST_CELL) + (3 * sizeof(HCELL_INDEX));
ValueListCellOffset = HvAllocateCell(&RegistryHive->Hive, CellSize, Storage, HCELL_NIL);
if (ValueListCellOffset == HCELL_NIL)
return STATUS_INSUFFICIENT_RESOURCES;
ValueListCell = (PVALUE_LIST_CELL)HvGetCell(&RegistryHive->Hive, ValueListCellOffset);
if (!ValueListCell)
return STATUS_UNSUCCESSFUL;
KeyCell->ValueList.List = ValueListCellOffset;
HvMarkCellDirty(&RegistryHive->Hive, KeyCellOffset, FALSE);
}
else
{
ValueListCell = (PVALUE_LIST_CELL)HvGetCell(&RegistryHive->Hive, KeyCell->ValueList.List);
if (!ValueListCell)
return STATUS_UNSUCCESSFUL;
CellSize = ABS_VALUE(HvGetCellSize(&RegistryHive->Hive, ValueListCell));
if (KeyCell->ValueList.Count >= CellSize / sizeof(HCELL_INDEX))
{
CellSize *= 2;
ValueListCellOffset = HvReallocateCell(&RegistryHive->Hive, KeyCell->ValueList.List, CellSize);
if (ValueListCellOffset == HCELL_NIL)
return STATUS_INSUFFICIENT_RESOURCES;
ValueListCell = (PVALUE_LIST_CELL)HvGetCell(&RegistryHive->Hive, ValueListCellOffset);
if (!ValueListCell)
return STATUS_UNSUCCESSFUL;
KeyCell->ValueList.List = ValueListCellOffset;
HvMarkCellDirty(&RegistryHive->Hive, KeyCellOffset, FALSE);
}
}
Status = CmiAllocateValueCell(
RegistryHive,
&NewValueCell,
&NewValueCellOffset,
ValueName,
Storage);
if (!NT_SUCCESS(Status))
return Status;
ValueListCell->ValueOffset[KeyCell->ValueList.Count] = NewValueCellOffset;
KeyCell->ValueList.Count++;
HvMarkCellDirty(&RegistryHive->Hive, KeyCellOffset, FALSE);
HvMarkCellDirty(&RegistryHive->Hive, KeyCell->ValueList.List, FALSE);
HvMarkCellDirty(&RegistryHive->Hive, NewValueCellOffset, FALSE);
*pValueCell = NewValueCell;
*pValueCellOffset = NewValueCellOffset;
return STATUS_SUCCESS;
}示例8: NtfsQueryDirectory
//.........这里部分代码省略.........
/* Determine directory index */
if (Stack->Flags & SL_INDEX_SPECIFIED)
{
Ccb->Entry = Ccb->CurrentByteOffset.u.LowPart;
}
else if (First || (Stack->Flags & SL_RESTART_SCAN))
{
Ccb->Entry = 0;
}
/* Determine Buffer for result */
if (Irp->MdlAddress)
{
Buffer = MmGetSystemAddressForMdl(Irp->MdlAddress);
}
else
{
Buffer = Irp->UserBuffer;
}
DPRINT("Buffer=%p tofind=%S\n", Buffer, Ccb->DirectorySearchPattern);
while (Status == STATUS_SUCCESS && BufferLength > 0)
{
Status = NtfsFindFileAt(DeviceExtension,
&Pattern,
&Ccb->Entry,
&FileRecord,
&DataContext,
&MFTRecord,
Fcb->MFTIndex);
if (NT_SUCCESS(Status))
{
/* HACK: files with both a short name and a long name are present twice in the index.
* Ignore the second entry, if it is immediately following the first one.
*/
if (MFTRecord == OldMFTRecord)
{
DPRINT("Ignoring duplicate MFT entry 0x%x\n", MFTRecord);
Ccb->Entry++;
ExFreePoolWithTag(FileRecord, TAG_NTFS);
continue;
}
OldMFTRecord = MFTRecord;
switch (FileInformationClass)
{
case FileNameInformation:
Status = NtfsGetNameInformation(DeviceExtension,
FileRecord,
DataContext,
(PFILE_NAMES_INFORMATION)Buffer,
BufferLength);
break;
case FileDirectoryInformation:
Status = NtfsGetDirectoryInformation(DeviceExtension,
FileRecord,
DataContext,
(PFILE_DIRECTORY_INFORMATION)Buffer,
BufferLength);
break;
case FileFullDirectoryInformation:示例9: ClasspPowerDownCompletion
/*++////////////////////////////////////////////////////////////////////////////
ClasspPowerDownCompletion()
Routine Description:
This routine is used for intermediate completion of a power up request.
PowerUp requires four requests to be sent to the lower driver in sequence.
* The queue is "power locked" to ensure that the class driver power-up
work can be done before request processing resumes.
* The power irp is sent down the stack for any filter drivers and the
port driver to return power and resume command processing for the
device. Since the queue is locked, no queued irps will be sent
immediately.
* A start unit command is issued to the device with appropriate flags
to override the "power locked" queue.
* The queue is "power unlocked" to start processing requests again.
This routine uses the function in the srb which just completed to determine
which state it is in.
Arguments:
DeviceObject - the device object being powered up
Irp - the IO_REQUEST_PACKET containing the power request
Srb - the SRB used to perform port/class operations.
Return Value:
STATUS_MORE_PROCESSING_REQUIRED or
STATUS_SUCCESS
--*/
NTSTATUS
NTAPI
ClasspPowerDownCompletion(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp,
IN PCLASS_POWER_CONTEXT Context
)
{
PFUNCTIONAL_DEVICE_EXTENSION fdoExtension = DeviceObject->DeviceExtension;
PCOMMON_DEVICE_EXTENSION commonExtension = DeviceObject->DeviceExtension;
PIO_STACK_LOCATION currentStack = IoGetCurrentIrpStackLocation(Irp);
PIO_STACK_LOCATION nextStack = IoGetNextIrpStackLocation(Irp);
NTSTATUS status = STATUS_MORE_PROCESSING_REQUIRED;
DebugPrint((1, "ClasspPowerDownCompletion: Device Object %p, "
"Irp %p, Context %p\n",
DeviceObject, Irp, Context));
ASSERT(!TEST_FLAG(Context->Srb.SrbFlags, SRB_FLAGS_FREE_SENSE_BUFFER));
ASSERT(!TEST_FLAG(Context->Srb.SrbFlags, SRB_FLAGS_PORT_DRIVER_ALLOCSENSE));
ASSERT(Context->Options.PowerDown == TRUE);
ASSERT(Context->Options.HandleSpinDown);
if(Irp->PendingReturned) {
IoMarkIrpPending(Irp);
}
Context->PowerChangeState.PowerDown2++;
switch(Context->PowerChangeState.PowerDown2) {
case PowerDownDeviceLocked2: {
PCDB cdb;
DebugPrint((1, "(%p)\tPreviously sent power lock\n", Irp));
if((Context->Options.LockQueue == TRUE) &&
(!NT_SUCCESS(Irp->IoStatus.Status))) {
DebugPrint((1, "(%p)\tIrp status was %lx\n",
Irp,
Irp->IoStatus.Status));
DebugPrint((1, "(%p)\tSrb status was %lx\n",
Irp,
Context->Srb.SrbStatus));
Irp->IoStatus.Status = STATUS_NOT_SUPPORTED;
//
// Lock was not successful - throw down the power IRP
// by itself and don't try to spin down the drive or unlock
// the queue.
//
Context->InUse = FALSE;
Context = NULL;
//
//.........这里部分代码省略.........
示例10: CmiAddSubKey
//.........这里部分代码省略.........
}
KeQuerySystemTime(&NewKeyCell->LastWriteTime);
NewKeyCell->Parent = HCELL_NIL;
NewKeyCell->SubKeyCounts[Stable] = 0;
NewKeyCell->SubKeyCounts[Volatile] = 0;
NewKeyCell->SubKeyLists[Stable] = HCELL_NIL;
NewKeyCell->SubKeyLists[Volatile] = HCELL_NIL;
NewKeyCell->ValueList.Count = 0;
NewKeyCell->ValueList.List = HCELL_NIL;
NewKeyCell->Security = HCELL_NIL;
NewKeyCell->Class = HCELL_NIL;
/* Pack the key name */
NewKeyCell->NameLength = NameLength;
if (Packable)
{
NewKeyCell->Flags |= KEY_COMP_NAME;
for (i = 0; i < NameLength; i++)
{
((PCHAR)NewKeyCell->Name)[i] = (CHAR)(NamePtr[i] & 0x00FF);
}
}
else
{
RtlCopyMemory(
NewKeyCell->Name,
NamePtr,
NameLength);
}
VERIFY_KEY_CELL(NewKeyCell);
}
if (!NT_SUCCESS(Status))
{
return Status;
}
if (ParentKeyCell->SubKeyLists[Storage] == HCELL_NIL)
{
Status = CmiAllocateHashTableCell (
RegistryHive,
&HashBlock,
&ParentKeyCell->SubKeyLists[Storage],
REG_INIT_HASH_TABLE_SIZE,
Storage);
if (!NT_SUCCESS(Status))
{
return(Status);
}
}
else
{
HashBlock = (PCM_KEY_FAST_INDEX)HvGetCell (
&RegistryHive->Hive,
ParentKeyCell->SubKeyLists[Storage]);
ASSERT(HashBlock->Signature == CM_KEY_FAST_LEAF);
if (HashBlock->Count ==
((HvGetCellSize(&RegistryHive->Hive, HashBlock) - FIELD_OFFSET(CM_KEY_FAST_INDEX, List)) / sizeof(CM_INDEX)))
{
PCM_KEY_FAST_INDEX NewHashBlock;
HCELL_INDEX HTOffset;
/* Reallocate the hash table cell */
Status = CmiAllocateHashTableCell (示例11: ClasspPowerUpCompletion
/*++////////////////////////////////////////////////////////////////////////////
ClasspPowerUpCompletion()
Routine Description:
This routine is used for intermediate completion of a power up request.
PowerUp requires four requests to be sent to the lower driver in sequence.
* The queue is "power locked" to ensure that the class driver power-up
work can be done before request processing resumes.
* The power irp is sent down the stack for any filter drivers and the
port driver to return power and resume command processing for the
device. Since the queue is locked, no queued irps will be sent
immediately.
* A start unit command is issued to the device with appropriate flags
to override the "power locked" queue.
* The queue is "power unlocked" to start processing requests again.
This routine uses the function in the srb which just completed to determine
which state it is in.
Arguments:
DeviceObject - the device object being powered up
Irp - the IO_REQUEST_PACKET containing the power request
Srb - the SRB used to perform port/class operations.
Return Value:
STATUS_MORE_PROCESSING_REQUIRED or
STATUS_SUCCESS
--*/
NTSTATUS
NTAPI
ClasspPowerUpCompletion(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp,
IN PCLASS_POWER_CONTEXT Context
)
{
PCOMMON_DEVICE_EXTENSION commonExtension = DeviceObject->DeviceExtension;
PFUNCTIONAL_DEVICE_EXTENSION fdoExtension = DeviceObject->DeviceExtension;
PIO_STACK_LOCATION currentStack = IoGetCurrentIrpStackLocation(Irp);
PIO_STACK_LOCATION nextStack = IoGetNextIrpStackLocation(Irp);
NTSTATUS status = STATUS_MORE_PROCESSING_REQUIRED;
DebugPrint((1, "ClasspPowerUpCompletion: Device Object %p, Irp %p, "
"Context %p\n",
DeviceObject, Irp, Context));
ASSERT(!TEST_FLAG(Context->Srb.SrbFlags, SRB_FLAGS_FREE_SENSE_BUFFER));
ASSERT(!TEST_FLAG(Context->Srb.SrbFlags, SRB_FLAGS_PORT_DRIVER_ALLOCSENSE));
ASSERT(Context->Options.PowerDown == FALSE);
ASSERT(Context->Options.HandleSpinUp);
if(Irp->PendingReturned) {
IoMarkIrpPending(Irp);
}
Context->PowerChangeState.PowerUp++;
switch(Context->PowerChangeState.PowerUp) {
case PowerUpDeviceLocked: {
DebugPrint((1, "(%p)\tPreviously sent power lock\n", Irp));
//
// Issue the actual power request to the lower driver.
//
IoCopyCurrentIrpStackLocationToNext(Irp);
//
// If the lock wasn't successful then just bail out on the power
// request unless we can ignore failed locks
//
if((Context->Options.LockQueue == TRUE) &&
(!NT_SUCCESS(Irp->IoStatus.Status))) {
DebugPrint((1, "(%p)\tIrp status was %lx\n",
Irp, Irp->IoStatus.Status));
DebugPrint((1, "(%p)\tSrb status was %lx\n",
Irp, Context->Srb.SrbStatus));
//
// Lock was not successful - throw down the power IRP
// by itself and don't try to spin up the drive or unlock
// the queue.
//.........这里部分代码省略.........
示例12: GetVolumeInformation
//.........这里部分代码省略.........
eaBuffer,
eaLength );
SPY_LOG_PRINT( LFS_DEBUG_PRIMARY_TRACE,
("GetVolumeInformation: PrimarySession = %p ZwCreateFile volumeHandle =%p, createStatus = %X, ioStatusBlock = %X\n",
PrimarySession, volumeHandle, createStatus, ioStatusBlock.Information) );
if (!(createStatus == STATUS_SUCCESS)) {
return STATUS_UNSUCCESSFUL;
} else {
ASSERT( ioStatusBlock.Information == FILE_OPENED );
}
RtlZeroMemory( &ioStatusBlock, sizeof(ioStatusBlock) );
fsControlStatus = ZwFsControlFile( volumeHandle,
NULL,
NULL,
NULL,
&ioStatusBlock,
FSCTL_GET_NTFS_VOLUME_DATA,
NULL,
0,
&ntfsVolumeDataBuffer,
sizeof(ntfsVolumeDataBuffer) );
SPY_LOG_PRINT( LFS_DEBUG_PRIMARY_TRACE,
("GetFileRecordSegmentHeader: FSCTL_GET_NTFS_VOLUME_DATA: volumeHandle %p, fsControlStatus = %x, ioStatusBlock.Status = %x, ioStatusBlock.Information = %d\n",
volumeHandle, fsControlStatus, ioStatusBlock.Status, ioStatusBlock.Information) );
if (NT_SUCCESS(fsControlStatus)) {
ASSERT( fsControlStatus == STATUS_SUCCESS );
ASSERT( fsControlStatus == ioStatusBlock.Status );
}
if (fsControlStatus == STATUS_BUFFER_OVERFLOW)
ASSERT( ioStatusBlock.Information == sizeof(ntfsVolumeDataBuffer) );
if (!(fsControlStatus == STATUS_SUCCESS || fsControlStatus == STATUS_BUFFER_OVERFLOW)) {
ioStatusBlock.Information = 0;
ASSERT(ioStatusBlock.Information == 0);
}
if (!NT_SUCCESS(fsControlStatus)) {
PrimarySession->Thread.BytesPerFileRecordSegment = 0;
PrimarySession->Thread.BytesPerSector = 0;
PrimarySession->Thread.BytesPerCluster = 0;
ZwClose(volumeHandle);
return STATUS_SUCCESS;
}
SPY_LOG_PRINT( LFS_DEBUG_PRIMARY_TRACE,
("ntfsVolumeDataBuffer->VolumeSerialNumber.QuadPart = %I64u\n",
ntfsVolumeDataBuffer.VolumeSerialNumber.QuadPart) );
SPY_LOG_PRINT( LFS_DEBUG_PRIMARY_TRACE,
("ntfsVolumeDataBuffer->NumberSectors.QuadPart = %I64u\n",
ntfsVolumeDataBuffer.NumberSectors.QuadPart) );
示例13: GetPIDFromNameZwQuerySystemInformation
//.........这里部分代码省略.........
LARGE_INTEGER KernelTime;
UNICODE_STRING ProcessName;
KPRIORITY BasePriority;
ULONG ProcessId;
ULONG InheritedFromProcessId;
ULONG HandleCount;
ULONG Reserved2[2];
VM_COUNTERS VmCounters;
#if _WIN32_WINNT >= 0x500
IO_COUNTERS IoCounters;
#endif
SYSTEM_THREADS Threads[1];
} SYSTEM_PROCESSES, * PSYSTEM_PROCESSES;
typedef LONG (WINAPI *ZWQUERYSYSTEMINFORMATION)(UINT SystemInformationClass, PVOID SystemInformation, ULONG SystemInformationLength, PULONG ReturnLength);
ZWQUERYSYSTEMINFORMATION ZwQuerySystemInformation;
PSYSTEM_PROCESSES pInfo;
HINSTANCE hNTDll;
WCHAR wcProcessName[MAX_PATH+2];
PCWSTR pszProcessName;
DWORD dwPID;
ULONG BufferLen = 0x8000;
LPVOID pBuffer = NULL;
LONG Status;
// Check szProcessName
if (!szProcessName)
return -1;
// Convert szProcessName to Unicode
if (!MultiByteToWideChar(CP_ACP, 0, szProcessName, -1, wcProcessName, sizeof(wcProcessName) / sizeof(WCHAR)))
return -1;
// Get NTDLL handle
if (!(hNTDll = LoadLibrary("NTDLL.DLL")))
return -1;
// Load ZwQuerySystemInformation() dynamically
if (!(ZwQuerySystemInformation = (ZWQUERYSYSTEMINFORMATION)GetProcAddress(hNTDll, "ZwQuerySystemInformation")))
{
FreeLibrary(hNTDll);
SetLastError(ERROR_PROC_NOT_FOUND);
return -1;
}
// Find needed buffer length
do
{
if (!(pBuffer = malloc(BufferLen)))
{
FreeLibrary(hNTDll);
SetLastError(ERROR_NOT_ENOUGH_MEMORY);
return -1;
}
Status = ZwQuerySystemInformation(SystemProcessesAndThreadsInformation,
pBuffer, BufferLen, NULL);
if (Status == STATUS_INFO_LENGTH_MISMATCH)
{
free(pBuffer);
BufferLen *= 2;
}
else if (!NT_SUCCESS(Status))
{
free(pBuffer);
FreeLibrary(hNTDll);
return -1;
}
}
while (Status == STATUS_INFO_LENGTH_MISMATCH);
pInfo = (PSYSTEM_PROCESSES)pBuffer;
for (;;)
{
pszProcessName = pInfo->ProcessName.Buffer;
if (pszProcessName == NULL)
pszProcessName = L"Idle";
// Process found ?
if (wcsicmp(pszProcessName, wcProcessName) == 0)
{
dwPID = pInfo->ProcessId;
free(pBuffer);
FreeLibrary(hNTDll);
return dwPID;
}
if (pInfo->NextEntryDelta == 0)
break;
// Find the address of the next process structure
pInfo = (PSYSTEM_PROCESSES)(((PUCHAR)pInfo) + pInfo->NextEntryDelta);
}
free(pBuffer);
FreeLibrary(hNTDll);
return -1;
}示例14: SetProcessFields
//.........这里部分代码省略.........
SetDlgItemText(
hwnd,
PXPLODE_PEAK_NONPAGED,
szTemp
);
wsprintf(szTemp,"%d Kb",ProcessInfo->QuotaNonPagedPoolUsage/1024);
SetDlgItemText(
hwnd,
PXPLODE_NONPAGED,
szTemp
);
wsprintf(szTemp,"%d Kb",ProcessInfo->QuotaPeakPagedPoolUsage/1024);
SetDlgItemText(
hwnd,
PXPLODE_PEAK_PAGED,
szTemp
);
//
// Get the usage and limits
//
{
NTSTATUS Status;
POOLED_USAGE_AND_LIMITS PooledInfo;
Status = NtQueryInformationProcess(
hProcess,
ProcessPooledUsageAndLimits,
&PooledInfo,
sizeof(PooledInfo),
NULL
);
if ( !NT_SUCCESS(Status) ) {
RtlZeroMemory(&PooledInfo,sizeof(PooledInfo));
}
//
// non paged
//
wsprintf(szTempField,"%d Kb",
PooledInfo.PeakNonPagedPoolUsage/1024
);
SetDlgItemText(
hwnd,
PXPLODE_QNONPEAK,
szTempField
);
wsprintf(szTempField,"%d Kb",
PooledInfo.NonPagedPoolUsage/1024
);
SetDlgItemText(
hwnd,
PXPLODE_QNONCUR,
szTempField
);
if (PooledInfo.NonPagedPoolLimit != 0xffffffff ) {
wsprintf(szTempField,"%d Kb",
PooledInfo.NonPagedPoolLimit/1024
);
}
else {
strcpy(szTempField,"Unlimited");示例15: ExplodeDlgProc
LONG
ExplodeDlgProc(
HWND hwnd,
UINT wMsg,
DWORD wParam,
LONG lParam)
{
int nIndex;
HWND ThreadList;
HWND ProcessList;
PSYSTEM_PROCESS_INFORMATION ProcessInfo;
PSYSTEM_THREAD_INFORMATION ThreadInfo;
HANDLE hProcess;
switch (wMsg) {
case WM_INITDIALOG:
if (!RegisterHotKey(hwnd, 1, MOD_CONTROL | MOD_ALT, VK_ESCAPE) ) {
EndDialog(hwnd, 0);
return(FALSE);
}
ProcessInfo = NULL;
DlgProcessInfo = ProcessInfo;
wParam = 1;
//
// Tidy up the system menu
//
DeleteMenu(GetSystemMenu(hwnd, FALSE), SC_MAXIMIZE, MF_BYCOMMAND);
DeleteMenu(GetSystemMenu(hwnd, FALSE), SC_SIZE, MF_BYCOMMAND);
//
// Hide acleditting controls if we can't handle them
//
if (!InitializeAclEditor()) {
DbgPrint("PVIEW: Acl editor failed to initialize, ACL editting disabled\n");
ShowWindow(GetDlgItem(hwnd, PXPLODE_SECURITY_GROUP), SW_HIDE);
ShowWindow(GetDlgItem(hwnd, PXPLODE_PROCESS_ACL), SW_HIDE);
ShowWindow(GetDlgItem(hwnd, PXPLODE_THREAD_ACL), SW_HIDE);
ShowWindow(GetDlgItem(hwnd, PXPLODE_PROCESS_TOKEN_ACL), SW_HIDE);
ShowWindow(GetDlgItem(hwnd, PXPLODE_THREAD_TOKEN_ACL), SW_HIDE);
ShowWindow(GetDlgItem(hwnd, PXPLODE_TOKEN_GROUP), SW_HIDE);
ShowWindow(GetDlgItem(hwnd, PXPLODE_PROCESS_TOKEN), SW_HIDE);
ShowWindow(GetDlgItem(hwnd, PXPLODE_THREAD_TOKEN), SW_HIDE);
}
//
// fall thru
//
case WM_HOTKEY:
if ( wParam == 1 ) {
PSYSTEM_PROCESS_INFORMATION ProcessInfo;
NTSTATUS status;
ULONG TotalOffset = 0;
status = NtQuerySystemInformation(
SystemProcessInformation,
LargeBuffer1,
sizeof(LargeBuffer1),
NULL
);
if (!NT_SUCCESS(status)) {
EndDialog(hwnd, 0);
return(FALSE);
}
ProcessInfo = (PSYSTEM_PROCESS_INFORMATION)LargeBuffer1;
DlgProcessInfo = ProcessInfo;
Refresh = TRUE;
InitProcessList(hwnd);
Refresh = FALSE;
ProcessList = GetDlgItem(hwnd, PXPLODE_PROCESS_LIST);
nIndex = (int)SendMessage(ProcessList, CB_GETCURSEL, 0, 0);
ProcessInfo = (PSYSTEM_PROCESS_INFORMATION)SendMessage(
ProcessList,
CB_GETITEMDATA,
nIndex,
0
);
if ( !ProcessInfo || CB_ERR == (LONG)ProcessInfo ) {
ProcessInfo = (PSYSTEM_PROCESS_INFORMATION)LargeBuffer1;
}
DlgProcessInfo = ProcessInfo;
SetProcessFields(ProcessInfo,hwnd);
SetForegroundWindow(hwnd);
ShowWindow(hwnd, SW_NORMAL);
}
return FALSE;
//.........这里部分代码省略.........