Okay!
So, ProbeForReadUnicodeString is crippled and only copies the structure data... I see,,,, I must add that we are using the wrong structure too. LARGE_UNICODE_STRING is passed not that other one.
Thanks, James
On Sat, Jan 3, 2009 at 10:18 AM, Thomas Bluemel thomas@reactsoft.com wrote:
ProbeForReadUnicodeString should at least probe the buffers, otherwise the function is pointless. I believe at one point it did, and it was probably removed for some strange reason. The reason it copies the UNICODE_STRING is so that the pointers can't be modified anymore.
Thomas
Timo Kreuzer wrote:
SEH is still needed. SafeText doesn't really deserve it's name, as it's only a safe copy of the UNICODE_STRING structure returned by ProbeForReadUnicodeString(), but with the still unsafe string buffer. Also the Buffer was never probed (ProbeForReadUnicodeString only checks the UNICODE_STRING and copies it)
IMO the function is dangerous, as it implies that the Buffer was probed, too.
Timo
Ref: http://www.reactos.org/wiki/index.php/Techwiki/win32k/LARGE_UNICODE_STRING