接前文Windows驱动开发(一) MDL驱动读写
下面是驱动申请内存
NTSTATUS AllocMemory(IN ULONG ProcessPid, IN SIZE_T Length, OUT PVOID Buffer)
{
NTSTATUS Status = STATUS_SUCCESS;
PEPROCESS pEProcess = NULL;
KAPC_STATE ApcState = { 0 };
PVOID BaseAddress = NULL;
Status = PsLookupProcessByProcessId((HANDLE)ProcessPid, &pEProcess);
if (!NT_SUCCESS(Status) && !MmIsAddressValid(pEProcess)) { return STATUS_UNSUCCESSFUL; }
__try
{
KeStackAttachProcess(pEProcess, &ApcState);
Status = ZwAllocateVirtualMemory(NtCurrentProcess(), &BaseAddress, 0, &Length, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
RtlZeroMemory(BaseAddress, Length);
*(PVOID*)Buffer = BaseAddress;
KeUnstackDetachProcess(&ApcState);
}
__except (EXCEPTION_EXECUTE_HANDLER)
{
KeUnstackDetachProcess(&ApcState);
Status = STATUS_UNSUCCESSFUL;
}
ObDereferenceObject(pEProcess);
return Status;
}