Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

RtlCopyMemory to PUCHAR array not working as expected ..

74 views
Skip to first unread message

nakato

unread,
Oct 30, 2009, 6:16:02 PM10/30/09
to
Hi, i have a weird problem with RtlCopyMemory function. It should copy a
specific length of data to destination, but if it copies, it should be there,
but i see in WinDbg only error access.

I have a structure
typedef struct sample_structure
{
... some data definiti0ns
PUCHAR Data[1000];
.. other data def ..
}

// retreiving packet data from callout, there are valid data, displayed i
checked in windbg
packet = (PUCHAR) currentMdl->MappedSystemVa + netBuffer->DataOffset;

Rtlzeromemory clears it to zores first ..Then im trying to copy with:
RtlCopyMemory(sample_structure->Data, packet, currentMdl->ByteCount );

But after copy it should be a string there in Data, but there is in WinDbg
not valid data .. packet is displayed as a PUCHAR* string.


When i try something like this, in mbr will be valid string, that should be
in Data array too but there goes something wrong ..:

PUCHAR mbr;
mbr = ExAllocatePool( NonPagedPoolCacheAligned, currentMdl->ByteCount );
RtlZeroMemory(mbr, currentMdl->ByteCount);
RtlCopyMemory(mbr, packet, currentMdl->ByteCount );
ExFreePool( mbr );

Im guessing there is very wrong with data aligment, but no idea how to solve
this ..

Maxim S. Shatskih

unread,
Oct 30, 2009, 7:54:31 PM10/30/09
to
> packet = (PUCHAR) currentMdl->MappedSystemVa + netBuffer->DataOffset;

The correct is MmGetSystemAddressForMdlSafe

> RtlCopyMemory(sample_structure->Data, packet, currentMdl->ByteCount );

The correct is MmGetMdlByteCount, also note that it can be larger then sample_structure->Data.

> mbr = ExAllocatePool( NonPagedPoolCacheAligned, currentMdl->ByteCount );

"CacheAligned" is not necessary.

--
Maxim S. Shatskih
Windows DDK MVP
ma...@storagecraft.com
http://www.storagecraft.com

Tim Roberts

unread,
Oct 31, 2009, 12:08:18 AM10/31/09
to
nakato <nak...@discussions.microsoft.com> wrote:
>
>Hi, i have a weird problem with RtlCopyMemory function. It should copy a
>specific length of data to destination, but if it copies, it should be there,
>but i see in WinDbg only error access.
>
>I have a structure
>typedef struct sample_structure
>{
> ... some data definiti0ns
> PUCHAR Data[1000];
> .. other data def ..
>}

Is that really what your code says? That defines a region 4000 bytes long
-- it's an array of 1000 pointers. Did you mean this:
UCHAR Data[1000];

>Rtlzeromemory clears it to zores first ..Then im trying to copy with:
>RtlCopyMemory(sample_structure->Data, packet, currentMdl->ByteCount );
>
>But after copy it should be a string there in Data, but there is in WinDbg
>not valid data .. packet is displayed as a PUCHAR* string.

Well, yes, because you have defined the member as 1,000 pointers, not a
string of 1,000 characters.
--
Tim Roberts, ti...@probo.com
Providenza & Boekelheide, Inc.

nakato

unread,
Oct 31, 2009, 3:46:02 AM10/31/09
to
Thx, you have right Tim ! ..
0 new messages