DEVHIDE
Login Or Sign up

Reading char data from shared memory in kernel mode driver is not successful

48 Views Asked by At

I am writing some text data to a shared memeory from a cpp application and trying to read it from a kernel mode driver. I can write in shared memory through a cpp application and also can read from that memory with another cpp application. But that is not what I need. I need to read that shared memory from kernel mode driver.

I used

status = ZwOpenSection(&sectionHandle, SECTION_ALL_ACCESS, &objAttr);

for openning the section(Here status is success) and

status = ZwMapViewOfSection(sectionHandle, ZwCurrentProcess(), &SharedSection, 0, ulViewSize, NULL, &ulViewSize, ViewShare, MEM_TOP_DOWN, PAGE_READWRITE);

and also tried

status = ZwMapViewOfSection(sectionHandle, NtCurrentProcess(), &SharedSection, 0, ulViewSize, NULL, &ulViewSize, ViewShare, 0, PAGE_READWRITE | PAGE_NOCACHE);

for reading (status is also success in both cases), where the PVOID type SharedSection varibale should have the text from shared memory. I try to print the shared memory in many ways but i only found \V (may be garbage) in the output.

I don't understand what did I miss? Can anyone please help me reading char data from shared memory in kernel mode driver? Here I am sharing my code for writing shared memory from cpp application and reading mechanisms from kernel mode driver.

cpp application code by which i write text in shared memory:

#include <windows.h>
#include <stdio.h>
#include <conio.h>
#include <tchar.h>

#define BUF_SIZE 30
TCHAR szMsg[]=TEXT("Message from first process.");


void createSharedMemory(TCHAR szName[])
{
    HANDLE hMapFile;
    LPCTSTR pBuf;

   hMapFile = CreateFileMapping(
                 INVALID_HANDLE_VALUE,    // use paging file
                 NULL,                    // default security
                 PAGE_READWRITE,          // read/write access
                 0,                       // maximum object size (high-order DWORD)
                 BUF_SIZE,                // maximum object size (low-order DWORD)
                 szName);                 // name of mapping object

   if (hMapFile == NULL)
   {
      _tprintf(TEXT("Could not create file mapping object (%d).\n"),
             GetLastError());
      return;
   }
   pBuf = (LPTSTR) MapViewOfFile(hMapFile,   // handle to map object
                        FILE_MAP_ALL_ACCESS, // read/write permission
                        0,
                        0,
                        BUF_SIZE);

   if (pBuf == NULL)
   {
      _tprintf(TEXT("Could not map view of file (%d).\n"),
             GetLastError());

       CloseHandle(hMapFile);

      return;
   }
    char ch[1000];

    _tprintf(TEXT("Enter Text: "));

    gets(ch);
    CopyMemory((PVOID)pBuf, ch, (_tcslen(ch) * sizeof(TCHAR)));
    _tprintf(TEXT("Press enter to exit()\n"));
    _getch();

   UnmapViewOfFile(pBuf);

   CloseHandle(hMapFile);
    return;
}

int _tmain()
{
    TCHAR szName[]=TEXT("\device\physicalmemory");
    createSharedMemory(szName);

   return 0;
}

kernel mode driver reading shared memory code:

VOID ReadFromSharedMemory() {

    DPF_ENTER(("[ReadFromSharedMemory]"));
    const WCHAR SharedSectionName[] = L"\\device\\physicalmemory";
    OBJECT_ATTRIBUTES objAttr;
    UNICODE_STRING sectionName;
    HANDLE sectionHandle;
    PVOID   SharedSection = NULL;
    SIZE_T ulViewSize = 30;
    char charArray[30];
    RtlInitUnicodeString(&sectionName, SharedSectionName);
    InitializeObjectAttributes(&objAttr, &sectionName, OBJ_KERNEL_HANDLE | OBJ_CASE_INSENSITIVE, NULL, NULL);

    NTSTATUS status = ZwOpenSection(&sectionHandle, SECTION_ALL_ACCESS, &objAttr);
    if (!NT_SUCCESS(status)) {
        // Handle error
        DPF_ENTER(("ZwOpenSection failed %ld\n", status));
    }
    else {
        DPF_ENTER(("ZwOpenSection success %ld\n", status));

    }

    status = ZwMapViewOfSection(sectionHandle, ZwCurrentProcess(), &SharedSection, 0, ulViewSize, NULL, &ulViewSize, ViewShare, MEM_TOP_DOWN, PAGE_READWRITE);
    if (!NT_SUCCESS(status)) {
        // Handle error
        DPF_ENTER(("ZwOpenSection failed %ld\n", status));
    }
    else {
        DPF_ENTER(("ZwOpenSection success sharedsection %s\n", SharedSection));
    
    // first try to read 
        strcpy(charArray, reinterpret_cast<const char*>(SharedSection));
        DPF_ENTER(("print charArray %s\n", charArray));

        // second try
        const char* retriveString = reinterpret_cast<const char*>(SharedSection);
        for (int i = 0; retriveString[i] != '\0'; ++i) {
            DPF_ENTER(("%c", retriveString[i]));
        }
        DPF_ENTER(("end of printing\n"));

        PWCHAR wideString = static_cast<PWCHAR>(SharedSection);
        while (*wideString != L'\0') {
            DPF_ENTER(("print from sharedmemory: %c\n", *wideString));
            wideString++;
        }
        DPF_ENTER(("end printing Sharedsection\n"));
    }

    if (SharedSection != NULL) {
        ZwUnmapViewOfSection(ZwCurrentProcess(), SharedSection);
        SharedSection = NULL;
    }

    if (SharedSection != NULL) {
        ZwClose(SharedSection);
        SharedSection = NULL;
    }
}
c++ kernel driver kmdf windows-driver
Original Q&A
0

There are 0 best solutions below

Related Questions in C++

Related Questions in KERNEL

Related Questions in DRIVER

Related Questions in KMDF

Related Questions in WINDOWS-DRIVER

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs

Popular Questions

.

Copyright © 2021 Jogjafile Inc.