Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <ntddk.h>
- #include <ntifs.h>
- #include <ndk/exfuncs.h>
- #include <ndk/ketypes.h>
- #include <pseh/pseh2.h>
- #include <ntstrsafe.h>
- #ifndef NDEBUG
- #define NDEBUG
- #endif
- #include <debug.h>
- DoTlistCommand(VOID)
- {
- NTSTATUS Status;
- PVOID NewGlobalBuffer;
- ULONG Size;
- SAC_DBG(SAC_DBG_ENTRY_EXIT, "SAC DoTlistCommand: Entering.\n");
- /* Check if a global buffer already exists */
- if (!GlobalBuffer)
- {
- /* It doesn't, allocate one */
- GlobalBuffer = SacAllocatePool(4096, GLOBAL_BLOCK_TAG);
- if (GlobalBuffer)
- {
- /* Remember its current size */
- GlobalBufferSize = 4096;
- }
- else
- {
- /* Out of memory, bail out */
- SacPutSimpleMessage(11);
- SAC_DBG(SAC_DBG_ENTRY_EXIT, "SAC DoTlistCommand: Exiting.\n");
- return;
- }
- }
- /* Loop as long as the buffer is too small */
- while (TRUE)
- {
- /* Get the process list */
- ProcessInfo = (PSYSTEM_PROCESS_INFORMATION)P;
- Status = ZwQuerySystemInformation(SystemProcessInformation,
- ProcessInfo,
- RemainingSize,
- &ReturnLength);
- if ((Status != STATUS_NO_MEMORY) &&
- (Status != STATUS_INFO_LENGTH_MISMATCH))
- {
- /* It fits! Bail out */
- break;
- }
- /* We need a new bigger buffer */
- NewGlobalBuffer = SacAllocatePool(GlobalBufferSize + 4096,
- GLOBAL_BLOCK_TAG);
- if (!NewGlobalBuffer)
- {
- /* Out of memory, bail out */
- SacPutSimpleMessage(11);
- SAC_DBG(SAC_DBG_ENTRY_EXIT, "SAC DoTlistCommand: Exiting.\n");
- return;
- }
- /* Free the old one, update state */
- ExFreePool(GlobalBuffer);
- GlobalBufferSize += 4096;
- GlobalBuffer = NewGlobalBuffer;
- }
- }
- NTSTATUS NTAPI DriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegPath)
- {
- DPRINT1("Sukhanov\n");
- ProcessInfo = (PSYSTEM_PROCESS_INFORMATION)P;
- Status = ZwQuerySystemInformation(SystemProcessInformation,
- ProcessInfo,
- RemainingSize,
- &ReturnLength);
- return STATUS_SUCCESS;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
