#include "ntddk.h"
NTSTATUS DriverEntry( IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath );
VOID DriverUnload( IN PDRIVER_OBJECT DriverObject );
INT InitializeGlobalAddressSpace(VOID);
#define BUF_SIZE 256
TCHAR szName[]=TEXT("\\BaseNamedObjects\\MyFileMappingObject");
char szMsg[]="New Message";
NTSTATUS DriverEntry( IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath )
{
NTSTATUS ntStatus = STATUS_UNSUCCESSFUL;
DriverObject->DriverUnload = DriverUnload;
DbgPrint("Hello World Driver Loaded!");
InitializeGlobalAddressSpace();
ntStatus = STATUS_SUCCESS;
return ntStatus;
}
VOID DriverUnload( IN PDRIVER_OBJECT DriverObject )
{
DbgPrint("Hello World Driver unloaded!");
}
INT InitializeGlobalAddressSpace(VOID)
{
OBJECT_ATTRIBUTES ObjectAttributes;
UNICODE_STRING PhysMemName = RTL_CONSTANT_STRING(L"\\BaseNamedObjects\\MyFileMappingObject");
NTSTATUS Status;
HANDLE PhysMemHandle;
PVOID BaseAddress;
PVOID NullAddress;
LARGE_INTEGER Offset;
ULONG ViewSize;
BaseAddress = NULL;
Offset.LowPart = 0;
Offset.HighPart = 0;
ViewSize = 0;
InitializeObjectAttributes(&ObjectAttributes,&PhysMemName,0,NULL,NULL);
Status = ZwOpenSection(&PhysMemHandle, SECTION_ALL_ACCESS, &ObjectAttributes);
if (!NT_SUCCESS(Status))
{
DbgPrint("Couldn't open Global\\MyFileMappingObject - error:%x\n",Status);
return(0);
}
Status = ZwMapViewOfSection(PhysMemHandle,ZwCurrentProcess(),&BaseAddress,0,0,&Offset,&ViewSize,ViewShare,0,PAGE_READWRITE);
if (!NT_SUCCESS(Status))
{
DbgPrint("Couldn't open Global\\MyFileMappingObject - error:%x\n",Status);
return(0);
}
DbgPrint("%s",Status);
try
{
memcpy((PVOID)Status, szMsg, (strlen(szMsg) * sizeof(TCHAR)));
}
except(EXCEPTION_EXECUTE_HANDLER)//will crash without this.
{
DbgPrint("error:%x");
}
return (1);
}
memcpy関数が原因でドライバーがシステムをクラッシュさせます。zwopensection/zwmapviewofsection内で何か間違ったことをして、これが発生したのでしょうか。注: ドライバーは、 try/except関数を使用してシステムをクラッシュさせません。