I'm trying to allocate memory for a array of structures, but after it is allocated a int that is passed in the function is set to '0'... The problem is gone when i increase the size of the array. Here is my code:
wchar_t* ISTFallSensor::JSON_EventLog(int nRecords) {
wchar_t* returnstring = new wchar_t[8192]; memset( returnstring, 0, 8192 * sizeof(TCHAR) );
HINSTANCE hIstDLL;
DWORD (*IST_Open)(TCHAR *, HANDLE *) = 0;
DWORD (*IST_Close)(HANDLE) = 0;
DWORD (*IST_GetMotionEventLogCount)(HANDLE, DWORD, PDWORD) = 0;
DWORD (*IST_GetMotionEventLogRecords)(HANDLE, IST_LOG_RECORD[], int, PINT) = 0;
hIstDLL = LoadLibrary(L"ISTAPI32.dll");
if(hIstDLL && nRecords > 0 ){
IST_Open = (DWORD (__cdecl *)(TCHAR *, HANDLE *))GetProcAddress(hIstDLL, L"IST_Open");
IST_Close = (DWORD (__cdecl *)(HANDLE))GetProcAddress(hIstDLL, L"IST_Close");
IST_GetMotionEventLogCount = (DWORD (__cdecl *)(HANDLE, DWORD, PDWORD))GetProcAddress(hIstDLL, L"IST_GetMotionEventLogCount");
IST_GetMotionEventLogRecords = (DWORD (__cdecl *)(HANDLE, IST_LOG_RECORD[], int, PINT))GetProcAddress(hIstDLL, L"IST_GetMotionEventLogRecords");
HANDLE phIst = INVALID_HANDLE_VALUE;
DWORD openStatus = IST_Open( _T("IST1:"), &phIst );
if ( openStatus == IST_ERROR_SUCCESS ) {
DWORD dropsD; IST_GetMotionEventLogCount(phIst, FREEFALL, &dropsD);
int drops = (int)dropsD;
if ( nRecords > drops ) nRecords = drops; if ( nRecords > 32 ) nRecords = 32;
int pnRecords = 0;
IST_LOG_RECORD eventlog[32] = {0};
DWORD getStatus = IST_GetMotionEventLogRecords(phIst, eventlog, drops, &pnRecords);
The last function gets a list of events and uses the given array to store that info. When the function returns the array is filled correcly, but the nRecords value is overwritten by '0'.
Does anyone know what i am doing wrong here?
You have a memory overflow.
You adjust the variable nRecords so that it won't exceed 32, which is the maximum number of IST_LOG_RECORD that fit the eventlog array.
However you don't use it in the call to IST_GetMotionEventLogRecords. Instead you use drops, which equals to dropsD, which is not limited to 32.
Just use nRecords instead of drops:
DWORD getStatus = IST_GetMotionEventLogRecords(phIst, eventlog, nRecords, &pnRecords);
Related
I managed to create a VHD and attached it. Afterwards, I created a disk(IOCTL CREATE_DISK) and set its layout using IOCTL_DISK_SET_DRIVE_LAYOUT_EX. Now, when I examine disk through Disk Management. I have a 14MB with a 7 MB partition, expectedly.
int sign = 80001;
CREATE_DISK disk;
disk.Mbr.Signature = sign;
disk.PartitionStyle = PARTITION_STYLE_MBR;
auto res = DeviceIoControl(device_handle, IOCTL_DISK_CREATE_DISK, &disk, sizeof(disk), NULL, 0, NULL, NULL);
res = DeviceIoControl(device_handle, IOCTL_DISK_UPDATE_PROPERTIES, 0, 0, NULL, 0, NULL, NULL);
LARGE_INTEGER partition_size;
partition_size.QuadPart = 0xF00;
DWORD driver_layout_ex_len = sizeof(DRIVE_LAYOUT_INFORMATION_EX);
DRIVE_LAYOUT_INFORMATION_EX driver_layout_info;
memset(&driver_layout_info, 0, sizeof(DRIVE_LAYOUT_INFORMATION_EX));
driver_layout_info.Mbr.Signature = sign;
driver_layout_info.PartitionCount = 1;
driver_layout_info.PartitionStyle = PARTITION_STYLE_MBR;
PARTITION_INFORMATION_EX part_info;
PARTITION_INFORMATION_MBR mbr_info;
part_info.StartingOffset.QuadPart = 32256;
part_info.RewritePartition = TRUE;
part_info.PartitionLength.QuadPart = partition_size.QuadPart/2 * 4096;
part_info.PartitionNumber = 1;
part_info.PartitionStyle = PARTITION_STYLE_MBR;
mbr_info.BootIndicator = TRUE;
mbr_info.HiddenSectors = 32256 / 512;
mbr_info.PartitionType = PARTITION_FAT32;
mbr_info.RecognizedPartition = 1;
part_info.Mbr = mbr_info;
driver_layout_info.PartitionEntry[0] = part_info;
auto res_layout = DeviceIoControl(device_handle, IOCTL_DISK_SET_DRIVE_LAYOUT_EX, &driver_layout_info, sizeof(driver_layout_info), NULL, 0, NULL, NULL);
Now, how do I partitionize this disk into two partitions? I want to create another partition out of the unpartitioned part of the disk(the other half basically). It says in the documentation is that PartitionEntry is an array of variable size(No, it is not it is an array of size 1.) Do I call set layout IOCTL for every partition I want to create? If so, how do you go about that? Is multi-partitioning possible through WINAPI interface?
P.S: I am aware that people usually invoke diskpart for this line of work.
Edit:
Adding second partition two layout was messing my stack up so I took another route (heap).
DWORD driver_layout_ex_len = sizeof(DRIVE_LAYOUT_INFORMATION_EX) + sizeof(PARTITION_INFORMATION_EX); // one layout+partition + partition
PDRIVE_LAYOUT_INFORMATION_EX driver_layout_info = (PDRIVE_LAYOUT_INFORMATION_EX) std::calloc(1, driver_layout_ex_len);
driver_layout_info->Mbr.Signature = sign;
driver_layout_info->PartitionCount = 2;
driver_layout_info->PartitionStyle = PARTITION_STYLE_MBR;
// omitted here..
PARTITION_INFORMATION_EX part_info2;
part_info2.StartingOffset.QuadPart = 32256 + part_info.PartitionLength.QuadPart;
part_info2.RewritePartition = TRUE;
part_info2.PartitionLength.QuadPart = partition_size.QuadPart / 2 * 4096;
part_info2.PartitionNumber = 2;
part_info2.PartitionStyle = PARTITION_STYLE_MBR;
part_info2.Mbr = mbr_info;
driver_layout_info->PartitionEntry[0] = part_info;
driver_layout_info->PartitionEntry[1] = part_info2;
auto res_layout = DeviceIoControl(device_handle, IOCTL_DISK_SET_DRIVE_LAYOUT_EX, driver_layout_info, driver_layout_ex_len, NULL, 0, NULL, NULL);
auto res_err = GetLastError();
Since it was overriding my device_handle I could not IOCTL at all. This improvement eliminated that. Do not forget to pass driver_layout_info instead of &driver_layout_info after this change.
It says in the documentation is that PartitionEntry is an array of
variable size(No, it is not it is an array of size 1.)
"Some Windows structures are variable-sized,
beginning with a fixed header, followed by
a variable-sized array. When these structures
are declared,
they often declare an array of size 1 where the
variable-sized array should be." Refer to #Raymond blog.
Here DRIVE_LAYOUT_INFORMATION_EX structure is an example:
typedef struct _DRIVE_LAYOUT_INFORMATION_EX {
DWORD PartitionStyle;
DWORD PartitionCount;
union {
DRIVE_LAYOUT_INFORMATION_MBR Mbr;
DRIVE_LAYOUT_INFORMATION_GPT Gpt;
} DUMMYUNIONNAME;
PARTITION_INFORMATION_EX PartitionEntry[1];
} DRIVE_LAYOUT_INFORMATION_EX, *PDRIVE_LAYOUT_INFORMATION_EX;
With this declaration, you would allocate memory for one such
variable-sized DRIVE_LAYOUT_INFORMATION_EX structure like this:
PDRIVE_LAYOUT_INFORMATION_EX driver_layout_info = (PDRIVE_LAYOUT_INFORMATION_EX)malloc(FIELD_OFFSET(DRIVE_LAYOUT_INFORMATION_EX, PartitionEntry[NumberOfPartitions]));
You would initialize the structure like this (Use 2 partitions as example):
DWORD NumberOfPartitions = 2;
LARGE_INTEGER partition_size;
partition_size.QuadPart = 0xF00;
PARTITION_INFORMATION_MBR mbr_info;
mbr_info.BootIndicator = TRUE;
mbr_info.HiddenSectors = 32256 / 512;
mbr_info.PartitionType = PARTITION_FAT32;
mbr_info.RecognizedPartition = TRUE;
PDRIVE_LAYOUT_INFORMATION_EX driver_layout_info = (PDRIVE_LAYOUT_INFORMATION_EX)malloc(FIELD_OFFSET(DRIVE_LAYOUT_INFORMATION_EX, PartitionEntry[NumberOfPartitions]));
for (DWORD Index = 0; Index < NumberOfPartitions ; Index++) {
driver_layout_info->PartitionEntry[Index].PartitionStyle = PARTITION_STYLE_MBR;
driver_layout_info->PartitionEntry[Index].PartitionNumber = Index + 1;
driver_layout_info->PartitionEntry[Index].RewritePartition = TRUE;
driver_layout_info->PartitionEntry[Index].PartitionLength.QuadPart = partition_size.QuadPart / 2 * 4096;
driver_layout_info->PartitionEntry[Index].Mbr = mbr_info;
}
driver_layout_info->Mbr.Signature = sign;
driver_layout_info->PartitionCount = 1;
driver_layout_info->PartitionStyle = PARTITION_STYLE_MBR;
driver_layout_info->PartitionEntry[0].StartingOffset.QuadPart = 32256;
driver_layout_info->PartitionEntry[1].StartingOffset.QuadPart = 32256 + driver_layout_info->PartitionEntry->StartingOffset.QuadPart;
DWORD driver_layout_ex_len = sizeof(DRIVE_LAYOUT_INFORMATION_EX) + sizeof(PARTITION_INFORMATION_EX);
Call free(driver_layout_info); after you use completely.
I came up with the same issue,in which I got a LPTSTR portname param as input from a function.I have to convert this into wstring,so that I can fetch the Port paramaters.
below is the code snippet in which am trying to copy lptstr to wstring.
void C_PORT_MONITOR::SetPrinterComPortParam(LPTSTR PortName)
{
#ifdef _UNICODE
std::wstring l_ComPortName;
#else
std::string l_ComPortName;
#endif
DWORD dwSize,le = 0;
dwSize = sizeof(COMMCONFIG);
LPCOMMCONFIG lpCC = (LPCOMMCONFIG) new BYTE[dwSize];
l_ComPortName = PortName;//mPortName;
if(l_ComPortName.length() <= 0 )
return;
bool SetFlag = false;
//Get COMM port params called to get size of config. block
int length = l_ComPortName.length();
int iPos = l_ComPortName.find_first_of(':');
int iChc = length- iPos; //remove the charactrers after :
l_ComPortName = l_ComPortName.substr(0, (length- iChc)); //remove the characters from colon //COM1
//Get COMM port params with defined size
BOOL ret = GetDefaultCommConfig(l_ComPortName.c_str(), lpCC, &dwSize);
_RPT1(_CRT_WARN, "C_PORT_MONITOR::SetPrinterComPortParam length=%x,iPos=%x,iChc=%x,l_ComPortName=%s",length, iPos, iChc, l_ComPortName);
if(!ret)
{
le = GetLastError();
_RPT1(_CRT_WARN ,"C_PORT_MONITOR::SetPrinterComPortParam LastError=%x",le);
}
I need to assign this portname to l_comportname. and I need to create a substring from this l_comportname as COM1 and I have to use this substring in getdafaultcommconfig()
Your error is the second parameter not the first. Your debugging statement is bugged because it doesn't account for wide strings %s is for narrow strings only, you should use %S for a wide string.
Here's the real error
dwSize = sizeof(COMMCONFIG);
LPCOMMCONFIG lpCC = (LPCOMMCONFIG) new BYTE[dwSize];
lpCC->dwSize = sizeof(COMMCONFIG); // this line is needed
You might need this as well (the documentation isn't very clear)
lpCC->wVersion = 1;
It's very common in Windows programming that you have to initialize a struct with the size of the struct.
Ref: https://technet.microsoft.com/en-us/aa363188(v=vs.90)
My goal is to understand stack unwinding in 64-bit PE32+ executable format in Windows, or how the following API can calculate addresses of a function prologue, body, epilogue, etc.:
CONTEXT context = {0};
RtlCaptureContext(&context);
DWORD64 ImgBase = 0;
RUNTIME_FUNCTION* pRTFn = RtlLookupFunctionEntry(context.Rip, &ImgBase, NULL);
_tprintf(L"Prologue=0x%p\n", (void*)(ImgBase + pRTFn->BeginAddress));
I know that the information on the offsets of all non-leaf functions used by the linker is included in the PE32+ header in the exceptions directory. So I tried to write my own function to parse it. I got to this point where I got stumped:
//INFO -- must be compiled as x64 only!
void GetFunctionTable(BYTE* lpBaseAddress, size_t szImageSz)
{
if(lpBaseAddress)
{
if(szImageSz > sizeof(IMAGE_DOS_HEADER))
{
IMAGE_DOS_HEADER* pDOSHeader = (IMAGE_DOS_HEADER*)lpBaseAddress;
if(pDOSHeader->e_magic == IMAGE_DOS_SIGNATURE)
{
IMAGE_NT_HEADERS* pNtHeader = (IMAGE_NT_HEADERS*)((BYTE*)pDOSHeader + pDOSHeader->e_lfanew);
PIMAGE_DATA_DIRECTORY pDataDirectories = NULL;
if(pNtHeader->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR64_MAGIC)
{
//64-bit image only
IMAGE_NT_HEADERS64* pHdr64 = (IMAGE_NT_HEADERS64*)pNtHeader;
IMAGE_OPTIONAL_HEADER64* pIOH64 = &pHdr64->OptionalHeader;
pDataDirectories = pIOH64->DataDirectory;
IMAGE_DATA_DIRECTORY* pExceptDir = &pDataDirectories[IMAGE_DIRECTORY_ENTRY_EXCEPTION];
if(pExceptDir->VirtualAddress &&
pExceptDir->Size)
{
IMAGE_RUNTIME_FUNCTION_ENTRY* pRFs = (IMAGE_RUNTIME_FUNCTION_ENTRY*)
GetPtrFromRVA64(pExceptDir->VirtualAddress, pNtHeader, lpBaseAddress);
//'pRFs' = should point to an array of RUNTIME_FUNCTION structs
// but in my case it points to an empty region of memory with all zeros.
}
}
}
}
}
}
with the following helper functions:
PIMAGE_SECTION_HEADER GetEnclosingSectionHeader64(DWORD_PTR rva, PIMAGE_NT_HEADERS64 pNTHeader)
{
PIMAGE_SECTION_HEADER section = IMAGE_FIRST_SECTION(pNTHeader);
unsigned int i;
for ( i=0; i < pNTHeader->FileHeader.NumberOfSections; i++, section++ )
{
if ( (rva >= section->VirtualAddress) &&
(rva < (section->VirtualAddress + section->Misc.VirtualSize)))
return section;
}
return 0;
}
LPVOID GetPtrFromRVA64(DWORD rva, const void* pNTHeader, const void* imageBase)
{
PIMAGE_SECTION_HEADER pSectionHdr;
INT_PTR delta;
pSectionHdr = GetEnclosingSectionHeader64( rva, (PIMAGE_NT_HEADERS64)pNTHeader );
if ( !pSectionHdr )
return 0;
delta = (INT_PTR)(pSectionHdr->VirtualAddress - pSectionHdr->PointerToRawData);
return (PVOID) ( (BYTE*)imageBase + rva - delta );
}
So I'm testing it on the self executable:
HMODULE hMod = ::GetModuleHandle(NULL);
MODULEINFO mi = {0};
if(::GetModuleInformation(::GetCurrentProcess(), hMod, &mi, sizeof(mi)))
{
GetFunctionTable((BYTE*)hMod, mi.SizeOfImage);
}
But the problem is that inside my GetFunctionTable when I try to look up the function table mapped in memory in the IMAGE_DIRECTORY_ENTRY_EXCEPTION directory, I'm getting a pointer (i.e. IMAGE_RUNTIME_FUNCTION_ENTRY*) to an empty region of memory. I must be not translating the rva address correctly.
So anyone who knows how PE32+ header is mapped in memory, can please show what am I doing wrong there?
I need put multiple values in a single attribute of a struct, the attribute that will receive the values is LPSTR, I was trying to pass all this as a vector, compile, but it does not work as I would like.
My struct:
typedef struct _wfs_pin_caps
{
WORD wClass;
WORD fwType;
............More...............
BOOL bIDConnect;
WORD fwIDKey;
WORD fwValidationAlgorithms;
WORD fwKeyCheckModes;
LPSTR lpszExtra; //This attribute must receive more than one value
} WFSPINCAPS, * LPWFSPINCAPS;
As I'm trying to do:
HRESULT WINAPI WFPGetInfo(HSERVICE hService, DWORD dwCategory, LPVOID lpQueryDetails, DWORD dwTimeOut, HWND hWnd, REQUESTID ReqID) {
...
result = WFMAllocateMore(sizeof(WFSPINCAPS), lpWFSResult, &lpWFSResult->lpBuffer);
...
//This Values
vector<LPSTR> Tokens;
Tokens[1] = (LPSTR)"Value1";
Tokens[2] = (LPSTR)"Value2";
Tokens[3] = (LPSTR)"Value4";
Tokens[4] = (LPSTR)"Value5";
PinCapabilities.lpszExtra = (LPSTR)&Tokens; //Pass HERE
memcpy(lpWFSResult->lpBuffer,&PinCapabilities,sizeof(WFSPINCAPS));
...
return WFS_SUCCESS;
Your question is very unclear, but if I understand it, the problem is that you are setting lpszExtra to a local vector Tokens (stored in the stack) and that will be destroyed at the end of that function.
One way would be creating the vector in the heap like this:
// Create a new vector in the heap of 5 elements (0..4)
vector<LPSTR> &Tokens = *new vector<LPSTR>(5);
Tokens[1] = (LPSTR) "Value1";
Tokens[2] = (LPSTR) "Value2";
Tokens[3] = (LPSTR) "Value4";
Tokens[4] = (LPSTR) "Value5";
PinCapabilities.lpszExtra = (LPSTR) &Tokens; //Pass HERE
// Assuming that lpBuffer has room for a WFSPINCAPS structure
memcpy(lpWFSResult->lpBuffer, &PinCapabilities, sizeof(WFSPINCAPS));
Now the ((LPWFSPINCAPS)lpWFSResult->lpBuffer)->lpszExtra contains a valid pointer to a vector that can be used in any other function like this:
LPWFSPINCAPS pPinCapabilities = (LPWFSPINCAPS) lpWFSResult->lpBuffer;
vector<LPSTR> &Tokens = *(vector<LPSTR> *) pPinCapabilities->lpszExtra;
LPSTR str = Tokens[3]; // Will get "Value4"
But don't forget that in some point you will have to release the vector's memory:
LPWFSPINCAPS pPinCapabilities2 = (LPWFSPINCAPS) lpWFSResult->lpBuffer;
delete (vector<LPSTR> *) pPinCapabilities2->lpszExtra;
And please next time try to create a Minimal, Complete, and Verifiable example to help us to help you.
I found similar SO question but different from mine here.
My function looks like this:
BOOL ShallowCopy(const LPVOID psource, LPVOID pdest) {
LPBYTE ps = reinterpret_cast<LPBYTE>(psource);
LPBYTE pd = reinterpret_cast<LPBYTE>(pdest);
ULONG sourceCount = 0, destCount = 0;
std::copy(ps, ps + 8, checked_array_iterator<LPBYTE>(((LPBYTE)((LPVOID)&sourceCount)), 8)); // Get psource byte count
std::copy(pd, pd + 8, checked_array_iterator<LPBYTE>(((LPBYTE)((LPVOID)&destCount)), 8)); // Get pdest byte count
if (sourceCount != destCount) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
std::copy(ps, ps + sourceCount, checked_array_iterator<unsigned char *>(pd, destCount));
return TRUE;
}
When I call the function like this:
if (!ShallowCopy(pcsbi, &csbi)) {
cerr << _T("FATAL: Shallow copy failed.") << endl;
}
System throws runtime exception, saying "Run-Time Check Failure #2 - Stack around variable 'sourceCount' was corrupted."
But, if I cast the sourceCount and destCount into a variable, I won't get this error:
BOOL ShallowCopy(const LPVOID psource, LPVOID pdest) {
LPBYTE ps = reinterpret_cast<LPBYTE>(psource);
LPBYTE pd = reinterpret_cast<LPBYTE>(pdest);
LPBYTE pbCount = new BYTE[8];
ULONG sourceCount = 0, destCount = 0;
std::copy(ps, ps + 8, checked_array_iterator<LPBYTE>(pbCount, 8)); // Get psource byte count
sourceCount = *((PULONG)pbCount);
std::copy(pd, pd + 8, checked_array_iterator<LPBYTE>(pbCount, 8)); // Get pdest byte count
destCount = *((PULONG)pbCount);
delete[] pbCount;
if (sourceCount != destCount) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
std::copy(ps, ps + sourceCount, checked_array_iterator<unsigned char *>(pd, destCount));
return TRUE;
}
When I look at this 2 function, I don't see much difference, except the later store the value into variable, then cast to target. So, what actually cause the run-time error?
ULONG is defined as unsigned long then it's just 32 bit (4 bytes, not 8 as in your code).
You have that error because you're overwriting memory after stack allocated variable destCount (or sourceCount, where and in which order they are is just an implementation detail). In your second example it works because you're allocating enough memory (pbCount is 8 bytes) and this sourceCount = *((PULONG)pbCount); will copy just 4 of them.
I'd suggest to use sizeof instead of hard coded data type size:
std::copy(ps, ps + sizeof(ULONG)...
Please note that you may even simply write:
sourceCount = *reinterpret_cast<PULONG>(ps);
destCount = *reinterpret_cast<PULONG>(pd);