//用于在LoadImageRoutine中使用,修改用户态内存
PMDL MapUserModeAddrWritable(PVOID BaseAddr,ULONG Length, PVOID *pNewAddr);
VOID UnmapMemory(PVOID pAddr, PMDL pMdl);
PMDL MapUserModeAddrWritable(PVOID BaseAddr,ULONG Length, PVOID *pNewAddr)
{
PVOID pMapedAddr = NULL ;
//创建一个MDL
PMDL pMdl = IoAllocateMdl(BaseAddr,Length,FALSE,FALSE,NULL);
if (pMdl == NULL)
{
dprintf("pMDL == NULL\n");
return NULL;
}
__try
{
MmProbeAndLockPages(pMdl,UserMode,IoReadAccess);
}
__except(EXCEPTION_EXECUTE_HANDLER)
{
dprintf("MmProbeAndLockPages exception. Code = 0x%08X\n",GetExceptionCode());
IoFreeMdl(pMdl);
return NULL;
}
pMapedAddr = MmMapLockedPagesSpecifyCache(pMdl,KernelMode,MmCached,NULL,FALSE,NormalPagePriority);
if (!pMapedAddr)
{
dprintf("pMapedAdd == NULL\n");
MmUnlockPages(pMdl);
IoFreeMdl(pMdl);
return NULL;
}
*pNewAddr = pMapedAddr ;
return pMdl;
}
VOID UnmapMemory(PVOID pAddr, PMDL pMdl)
{
if (pAddr != NULL)
{
MmUnmapLockedPages(pAddr,pMdl);
}
if (pMdl != NULL)
{
MmUnlockPages(pMdl);
IoFreeMdl(pMdl);
}
}
浙公网安备 33010602011771号