WaxDragon wrote:
I've emailed arty the details of what I have already. c0000023 is STATUS_BUFFER_TOO_SMALL.
WD
Art and I have found the problem. Art was failing the IRP with STATUS_BUFFER_TOOS_AMALL and expecting the I/O Manager to fill in UserIosb->Information, so that the usermode application could then request the correct number of bytes. Since this does not happen on NT/ROS (the source of much heated discussion :P), it fails after my patches. After some analysis of 3rd-party drivers and some reading, the solutions are either:
1) return STATUS_BUFFER_OVERFLOW which is a 'warning', so the IO manager will write the stuff back. But this would break compatibility with apsp which use TDI directly to query this information 2) do like I have seen other 3rd-part drivers do, which is to wrap in SEH somethign along: *Irp->UserIosb = Irp->IoStatus; and then return STATUS_BUFFER_OVERFLOW. After testing, I can confirm method #2...Art will be fixing this.
I want to mention this in case anyone is aware of any other of our drivers which does this trick and hopes the I/O manager will return the UserIosb (it did befor emy changes). I'll grep the tree for any STATUS_BUFFER_OVERFLOW in /drivers myself.
Best regards, Alex Ionescu