admin管理员组文章数量:1289411
when i create a driver and a device object like this:
PDRIVER_OBJECT fakeDriverObj;
OBJECT_ATTRIBUTES DrvAttribute;
InitializeObjectAttributes(&DrvAttribute,
&dr0Device->DriverObject->DriverName,
OBJ_PERMANENT| OBJ_CASE_INSENSITIVE| OBJ_KERNEL_HANDLE,
NULL,
NULL);
auto fakeDriverObjSize = sizeof(DRIVER_OBJECT) + sizeof(EXTENDED_DRIVER_EXTENSION);
NT_ASSERT(*IoDriverObjectType);
status = ObCreateObject(KernelMode,
*IoDriverObjectType,
&DrvAttribute,
KernelMode,
NULL,
fakeDriverObjSize,
0,
0,
reinterpret_cast<PVOID*>(&fakeDriverObj));
memcpy(fakeDriverObj, dr0Device->DriverObject, fakeDriverObjSize);
dr0Device is a real device from a real driver, and i associate the created device to the created driver like this :
fakeDeviceObj->DriverObject = fakeDriverObj;
fakeDriverObj->DeviceObject = fakeDeviceObj;
is this even valid ? i mean when i do this :
g_originalDeviceControle = fakeDriverObj->MajorFunction[IRP_MJ_DEVICE_CONTROL];
calling g_originalDeviceControle() will be like calling the original driver ?
本文标签: windowsCopying the context of a driver object to another oneStack Overflow
版权声明:本文标题:windows - Copying the context of a driver object to another one - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1741408436a2377088.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论