Retrieve UNICODE_STRING...

Retrieve UNICODE_STRING...: Posted by janemba on July 17th, 2007; Hello,

I'm having a problem using UNICODE_STRING in a structure.

First, I have a structure with a PUNICODE type data and
others values, this a chained list and I declare a global
variable :
---
typedef struct _FOO
{
PUNICODE_STRING string;
WORD value;
struct FOO* next;
} FOO, *PFOO;

PFOO GLOBAL;
---

Second, I have a function receive a WCHAR* type data and
convert it to UNICODE_STRING and call a second function :
---
void foo(WCHAR *value)
{
UNICODE_STRING uString;

RtlInitUnicodeString(&uString, value);
foo2(&uString);
testList();
}
---

Third, the second function. It fill the structure with the
string :
---
void foo2(PUNICODE_STRING uString)
{
PFOO foo_s, e;

foo_s = ExAllocatePoo(NonPagedPool, sizeof(FOO));
foo_s->string = uString;

if (GLOBAL)
{
e = GLOBAL;
while (e->next)
e = e->next;
e->next = foo_s;
} else {
GLOBAL = foo_s;
}
}
---

Fourth, Hmm...this the "testList()" that iterate into the list:

---
void testList(void)
{
while (GLOBAL)
{
DbgPrint("%wZ\n", GLOBAL->string);
GLOBAL = GLOBAL->next;
}
}
---

My problem is the PUNICODE_STRING type data. When I display it
I have nothing !!! I diddn't put it in the test but the DWORD
value in the list is ok.

Where I'm wrong ?

Regards,; Posted by janemba on July 17th, 2007; On Tue, 17 Jul 2007 01:21:31 +0200, janemba wrote:

I forgot one thing...I'm in DDK.

Regards,; Posted by danny zhao on July 18th, 2007; hi,janemba
your FOO->string is the pointer, the real unicode_string is allocated on
stack.
when it is out of scope, FOO->string is invalid. for example ,when you
call foo the second time, when DbgPrint("%wZ\n", GLOBAL->string) is first
called, Global->string is already invalid;
danny
"janemba" wrote:; Posted by Tim Roberts on July 18th, 2007; janemba <janemba@wanadoo.fr> wrote:
Danny correctly diagnosed the problem. I thought I would suggest a fix.

Make this a UNICODE_STRING instead of a pointer. A UNICODE_STRING is only
12 bytes, so it doesn't cost you very much.

However, there are more problems in your code:

It's true that this will be initialized to zero, but I never like to rely
on that in case I change it to a function local variable at some point. I
would write

PFOO GLOBAL;

Actually, I would not make this a global variable, and I would never, ever
name a global variable with all caps.

At the end of this, you have leaked all of the memory you allocated. You
have lost the pointer to the list. You should use a local, like you did in
the previous function.
--
Tim Roberts, timr@probo.com
Providenza & Boekelheide, Inc.

Similar Posts

Newbie: How to create or allocate a copy of symbolic link (UNICODE_STRING)? (Drivers) by Paulo
How can I DbgPrint a UNICODE_STRING ? (Drivers) by
UNICODE_STRING storage (Drivers) by Alex
retrieve.emg (Windows NT) by Rich Hall
Way to retrieve IP! (Programming) by JM