When opening an existing word document, or opens a new word document the following Dialog Box opens ...
By guest
Cristoph,Are the backups running in polling or prompted mode on the clients? It is my experience tha...
By kurtbeyers
Hi, AllI have write a piece of code to read the PEB information when the process is created.It work...
By anonymous
Hi, I'm using the win32 reg function: ZwSetValueKey (from my driver) to set a key registered with a ...
By anonymous
Hi,Is there any simple softwares that allows me to copy my entire harddrive to another harddrive inc...
By stormie2000, 2 Comments
I am interested in participating in Google Summer Code Program. I amwondering how to apply for the p...
By cacao_tree, 1 Comments
Is there a way of running ZA that doesn't take so much resources.It takes up 12% when I activat...
By deke40, 2 Comments
I really wanna learn how to make these two work together. Can anyone tell me where I can learn to ma...
By maggz, 5 Comments
Hi. I could be able to read the contents from the file from the kernel mode... It reads in ASCII for...
By anonymous, 1 Comments
Why should it be an "address of a pointer to a buffer" '
and yes, the returned buffer should be freed by ExFreePool.
-R!
-This posting is provided "AS IS" with no warranties, and confers no rights.
"usfinecats" <usfinecats...nospam.nospam> wrote in message
news:2B30D7FB-EE87-4E95-89A7-EC33EAE23FDD...microsoft.com...
> Question about ZwQueryDirectoryFile:
> The declaration of this funct is def'd as ....OUT PVOID
> FileInformation....
> and FileInformation is said to be a pointer to a buffer...
> Should not this be the address of a pointer to a buffer...
> The returned buffer is to be freed with EXFreePool. I guess system
> allocates the buffer?
> --
> Gak -
> Finecats
rohit | Tues, 20 May 2008 07:55:00 GMT |
--=_NextPart_0001_2ABEB1C5
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Greetings,
The PVOID FileInformation parameter in ZwQueryDirectoryFile actually points
to a CALLER-allocated buffer or variable that receives the requested file
information. It is your responsibility to allocate this memory prior to
calling ZwQueryDirectoryFile. If you allocate, you will have to free that
memory. If on the other hand you have a static variable, you can just pass
the address of that variable without the need to free the memory - just
make sure that the variable is big enough to hold the returned information.
The size of the buffer depends upon the FILE_INFORMATION_CLASS enumerator
you choose.
The structures available for FILE_INFORMATION_CLASS can be found in NTDDK.H.
Thanks
Daniel Whitaker
DDK Support Team
This posting is provided "AS IS" with no warranties, and confers no rights
--=_NextPart_0001_2ABEB1C5
Content-Type: text/x-rtf
Content-Transfer-Encoding: 7bit
{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fnil\fprq2\fcharset0 MS Sans Serif;}}
\viewkind4\uc1\pard\f0\fs20 Greetings,
\par
\par The PVOID FileInformation parameter in ZwQueryDirectoryFile actually points to a CALLER-allocated buffer or variable that receives the requested file information. It is your responsibility to allocate this memory prior to calling ZwQueryDirectoryFile. If you allocate, you will have to free that memory. If on the other hand you have a static variable, you can just pass the address of that variable without the need to free the memory - just make sure that the variable is big enough to hold the returned information.
\par
\par The size of the buffer depends upon the FILE_INFORMATION_CLASS enumerator you choose.
\par The structures available for FILE_INFORMATION_CLASS can be found in NTDDK.H.
\par
\par Thanks
\par
\par Daniel Whitaker
\par DDK Support Team
\par
\par This posting is provided "AS IS" with no warranties, and confers no rights
\par
\par }
--=_NextPart_0001_2ABEB1C5--
a_danwh | Tues, 20 May 2008 07:56:00 GMT |