Okay!
So, ProbeForReadUnicodeString is crippled and only copies the structure data...
I see,,,, I must add that we are using the wrong structure too.
LARGE_UNICODE_STRING is passed not that other one.
Thanks,
James
On Sat, Jan 3, 2009 at 10:18 AM, Thomas Bluemel <thomas(a)reactsoft.com> wrote:
ProbeForReadUnicodeString should at least probe the
buffers, otherwise
the function is pointless. I believe at one point it did, and it was
probably removed for some strange reason. The reason it copies the
UNICODE_STRING is so that the pointers can't be modified anymore.
Thomas
Timo Kreuzer wrote:
> SEH is still needed. SafeText doesn't really deserve it's name, as it's
> only a safe copy of the UNICODE_STRING structure returned by
> ProbeForReadUnicodeString(), but with the still unsafe string buffer.
> Also the Buffer was never probed (ProbeForReadUnicodeString only checks
> the UNICODE_STRING and copies it)
>
> IMO the function is dangerous, as it implies that the Buffer was probed,
> too.
>
> Timo
>
>
Ref:
http://www.reactos.org/wiki/index.php/Techwiki/win32k/LARGE_UNICODE_STRING