内核模式下内存释放问题,望大神解答!!
0
悬赏园豆:10
[待解决问题]
在下面的这段代码中,
pValue->Buffer = (PWSTR)ExAllocatePool(PagedPool, pBuffer->DataLength);
申请的内存在哪里释放??
我在函数结束时释放和在调用函数后释放都会出错。
NTSTATUS Reg_GetStringValue(IN HANDLE hKey, IN LPCWSTR pszValueName, OUT PUNICODE_STRING pValue) { NTSTATUS status = STATUS_SUCCESS; UNICODE_STRING ValueName; RtlInitUnicodeString(&ValueName, pszValueName); ULONG ResultLength = 0; status = ZwQueryValueKey(hKey, &ValueName, KeyValuePartialInformation, NULL, 0, &ResultLength); if (status == STATUS_OBJECT_NAME_NOT_FOUND || ResultLength == 0) { KdPrint(("注册表键值不存在!\n")); return CUSTOM_STATUS_REGISTRY_KEY_NOTEXIST; } KEY_VALUE_PARTIAL_INFORMATION *pBuffer = (PKEY_VALUE_PARTIAL_INFORMATION)ExAllocatePool(PagedPool, ResultLength); if (pBuffer) { status = ZwQueryValueKey(hKey, &ValueName, KeyValuePartialInformation, pBuffer, ResultLength, &ResultLength); if (pBuffer->Type != REG_SZ) { KdPrint(("注册表键值类型不匹配!\n")); return CUSTOM_STATUS_REGISTRY_KEYVALUE_TYPEMISMATCH; } pValue->Buffer = (PWSTR)ExAllocatePool(PagedPool, pBuffer->DataLength); if (pValue->Buffer) { pValue->MaximumLength = (USHORT)pBuffer->DataLength; pValue->Length = pValue->MaximumLength-2; RtlMoveMemory(pValue->Buffer, pBuffer->Data, pBuffer->DataLength); } else { return STATUS_INSUFFICIENT_RESOURCES; } ExFreePool(pBuffer); } else { return STATUS_INSUFFICIENT_RESOURCES; } return STATUS_SUCCESS; }
