php内存映射,如何用ZwMapViewOfSection将Driver分配的内存映射到App空间?
保存
在DDK的例子Mapmem中,用ZwMapViewOfSection將物理地址映射到App空間,該函數(shù)能否將系統(tǒng)地址映射到App空間?
我嘗試著做了一下,但返回invalid_view_size,好像length給的不對(duì)。各位大俠幫忙看看啊。
PVOID
GetUserAddressFromSystemAddress(IN PVOID iSystemAddress,///系統(tǒng)地址
IN ULONG iBufferLength ?///地址空間長(zhǎng)度
)
{
UNICODE_STRING ? ? systemMemoryUnicodeString;
OBJECT_ATTRIBUTES ?objectAttributes;
HANDLE ? ? ? ? ? ? systemMemoryHandle ?= NULL;
PVOID ? ? ? ? ? ? ?systemMemorySection = NULL;
NTSTATUS ? ? ? ? ? ntStatus;
PVOID ? ? ? ? ? ? ?virtualAddress;
ULONG length=iBufferLength;
LARGE_INTEGER lSystemAddress;
KIRQL irql=KeGetCurrentIrql();
RtlInitUnicodeString (&systemMemoryUnicodeString,
L\"\\\\Device\\\\SystemMemory\");
InitializeObjectAttributes(&objectAttributes,///OUT
&systemMemoryUnicodeString, ?///the ObjectName
OBJ_CASE_INSENSITIVE, ?the Attributes
(HANDLE) NULL,
(PSECURITY_DESCRIPTOR) NULL);
ntStatus = ZwOpenSection(&systemMemoryHandle, //SectionHandle OUT
SECTION_ALL_ACCESS,///DesireAccess
&objectAttributes);///ObjectAttributes
if (!NT_SUCCESS(ntStatus))
{
return NULL;
}
ntStatus = ObReferenceObjectByHandle (systemMemoryHandle,//got by ZwOpenSection
SECTION_ALL_ACCESS,
(POBJECT_TYPE) NULL,
KernelMode,
&systemMemorySection,//OUT Pointer to the object bocy
(POBJECT_HANDLE_INFORMATION) NULL);
///OUT points to the struture receives the handle attributes
///and the granted access rights for the object
if (!NT_SUCCESS(ntStatus))
{
goto close_handle;
}
virtualAddress = NULL;
///存放Driver分配的系統(tǒng)地址
lSystemAddress.QuadPart=(LONGLONG)iSystemAddress;
// Map the section
ntStatus = ZwMapViewOfSection(systemMemoryHandle,
(HANDLE) -1,
&virtualAddress,
0L,///IN ZeroBits
length,
&lSystemAddress,
&length,
ViewShare,
0,
PAGE_READWRITE | PAGE_NOCACHE);
if (!NT_SUCCESS(ntStatus))
{
goto close_handle;
}
//
return virtualAddress;
close_handle:
ZwClose (systemMemoryHandle);
return NULL;
}
總結(jié)
以上是生活随笔為你收集整理的php内存映射,如何用ZwMapViewOfSection将Driver分配的内存映射到App空间?的全部?jī)?nèi)容,希望文章能夠幫你解決所遇到的問(wèn)題。
- 上一篇: php 中数组的定义赋值吗,怎么在php
- 下一篇: php任意文件删除漏洞,phpshe后台