|
Hi all,
I am trying to read a particular bit on the kernel memory. That page belongs to a driver, say cdrom.sys.
Jus before proceeding further, i jus tried to read the contents in the physical memory where the driver is loaded. i.e. i found the driver load address and tried reading that location from kernel memory.
But it simply returns 'FF'.
Any thoughts??? I am using ZwOpenSection to open the memory and lock the pages, then read. Is there any other way of doing it..
Are there any tools which can read the kernel memory location....
Thanks in advance....
Selva
|
|
|
|
|
It doesn't work because the OS is designed so that it doesn't work. User mode programs cannot access kernel mode areas except through the exposed interfaces. In general, those interfaces do not give direct access to the kernel area but copy kernel info into a user space address. The only time user mode can directly access kernel mode is with the help of a cooperating driver and, even then, user mode can only safely direct access the kernel area of the specific driver.
General answer - can't do it.
Judy
|
|
|
|
|
Thanks for your reply Judy,
But i am reading the kernel only thru a driver (created for physical memory reading)..
all the functions are returning true (analyzed thru dbgview)..
any thoughts???
Selva
|
|
|
|
|
Not without seeing your code and, even then, I probably can't provide too much help since this is something I haven't done. Also, your problem is probably in the driver and drivers are not within the purview of this site. Try a driver development site. If you do go to a driver site, be warned: Providing unfettered user access to kernel memory is highly frowned upon since it is a huge security hole and invites BSODs. There is almost always a better safer way and one of the first responses you will get will be "why this way instead of the proper way".
Judy
|
|
|
|
|
Good morning... My query is......
After user selects PRINT menu one message box(usr created)will appear.
The message box consists of 2 command button controls.
one is OK and the other is CANCEL.
If the user presses OK it should take snapshot of the background and should create a BITMAP IMAGE without the message box. That means IMAGE shouldn't contain the message box. For this I am calling EndDialog() function. But now the problem message box is creating some empty space in the background and IMAGE is coming with that empty space. But it shouldn't come.
The code is as folows.
After selecting PRINT menu it will execute the following code.... i.e.,
**************************************************************************8
CSaiMessage m_objMsg;
m_objMsg.m_strMSG = "\n\n\nPress Print to Print the Screen or Cancel To Quit";
m_objMsg.DoModal();
****************************************************************************
Know the message box will appear. If the user selects PRINT button it will execute the following code.....
****************************************************************************
void CSaiMessage::OnClickCmdbtnPrint()
{
CSaiMessage::EndDialog(10);
snap();
}
****************************************************************************
void CSaiMessage::snap()
{
CWnd* pWnd = AfxGetApp()->m_pMainWnd;
if (windowtobmp("ShipStatus.bmp",pWnd)==FALSE)
{
MessageBox("ERROR");
}
}
BOOL CSaiMessage::windowtobmp(CString filename,CWnd* pwnd)
{
CWindowDC dc(pwnd);
CDC memdc;
memdc.CreateCompatibleDC(&dc);
CRect rect;
pwnd->GetWindowRect(rect);
CBitmap bmp;
bmp.CreateCompatibleBitmap(&dc,rect.Width(),rect.Height()-150);
CBitmap* poldbmp = memdc.SelectObject(&bmp);
memdc.BitBlt(0,0,rect.Width(),rect.Height(),&dc,0,0,SRCCOPY);
memdc.SelectObject(poldbmp);
HANDLE hdib = ConvertDDBToDIB(bmp);
writebmp(filename,hdib);
GlobalFree(hdib);
CString strPrintFilePath = FindPrintFilePath();
HINSTANCE hInstancePrint;//,hInstanceEditor;
hInstancePrint = ShellExecute(this->m_hWnd,"print","ShipStatus.bmp",NULL,NULL,SW_HIDE);
return TRUE;
}
Thanks in Advance
Sairam
|
|
|
|
|
I don't know how do you are showing the information into that window that you "windowtobmp", but could it be a problem in the redrawing of that information? have you tried something like a pWnd->Invalidate() just at the first line of "windowtobmp"?
Hope this helps...
|
|
|
|
|
hi how to do unit testing in mfc. is there any article to unit test my mfc code. pls help me
Arise Awake Stop Not Till ur Goal is Reached.
|
|
|
|
|
Unit testing is meant for developer to check whether the functionality implemented is working according to what was planned. If there are any discrepancies in the fn'lity the developer must resolve it before a release is sent to the Testing team. This ensures that the testing team finds least number of bugs.
So in order to perform a unit testing you should know exactly what you want your code to do. Once you know this go ahead and execute the application to check if there is any bug that needs to be resolved. You can write test cases for yourself to check the execution and then perform a run.
For eg:
If you want your edit box to accept only chars and no special characters, number you would need to enter such values in the edit box and see it for yourself.
Somethings seem HARD to do, until we know how to do them.
_AnShUmAn_
|
|
|
|
|
Dear all
after i built my simulation, compiler showed "can't open include file 'afxres.h'.how to resolve this issue. thanks.
before i installed VC++ 2005 express, but i already uninstalled. any affection for this issue?
but i make sure my simulation is right. urgent!!!.thanks very much.
regards
-- modified at 23:47 Wednesday 27th June, 2007
Li Zhiyuan
28/06/2007
|
|
|
|
|
Simply add (Microsoft Visual Studio 8)\VC\atlmfc\include (replacing (Microsoft Visual Studio 8) with your 'Microsoft Visual Studio 8' installation directory) to Project -> Properties -> C/C++ -> Additional Include Directories and compile.
|
|
|
|
|
Do you know a method or a ready big code snippet to convert DWORDs defined in winerror.h
retrieved by GetLastError, to strings ?
|
|
|
|
|
|
I have a dialog User Interface that has two Sliders and several other buttons. I am looking for a way to find out when a particular slider is selected and/or active. Active meaning the mouse movement results in slider movement. Any help would be great.
Scott Dolan
Jernie Corporation
Engineering & Manufacturing
Software, Hardware, & Enclosures
|
|
|
|
|
ScotDolan wrote: find out when a particular slider is selected and/or active. Active meaning the mouse movement results in slider movement.
The parent will receive WM_HSCROLL/WM_HSCROLL notification messages on slider movement.
To look for it being selected, maybe respond to WM_SETFOCUS in the control(?)
Check out the "Trackbar Notification Messages" section here: Trackbar Controls[^]
Mark
"Go that way, really fast. If something gets in your way, turn."
|
|
|
|
|
Whether is his meaning ON_WM_MOUSEMOVE/WM_MOUSELEAVE messages on slider movement .
|
|
|
|
|
I am not sure how to obtain, set or get the WM_SETFOCUS messages from Dialog item.
Scott Dolan
Jernie Corporation
Engineering & Manufacturing
Software, Hardware, & Enclosures
|
|
|
|
|
You stated you wanted to know if the control was "selected" so hopefully that means you need to
know when it gets focus (like when you tab to a control in a dialog).
If so, you could...
In MFC, derive a class from CSliderCtrl and add a handler for WM_SETFOCUS.
For non-MFC, subclass the trackbar control and look for the WM_SETFOCUS message there.
"Go that way, really fast. If something gets in your way, turn."
|
|
|
|
|
Why don't you cast the pScrollBar parameter pass with the OnHScroll to CSliderctrl..
void OnHScroll(UINT nSBCode, UINT nPos, CScrollBar *pScrollBar)
{
// TODO: Add your message handler code here and/or call default
int nControl=pScrollBar->GetDlgCtrlID();
CSliderCtrl* pControl= static_cast<csliderctrl*>(GetDlgItem(nControl));
switch (nControl)
{
case IDC_SLD_CTRL:
{
}.
.
.
.
.
|
|
|
|
|
Hello,
I am planning to write a program that will do string find and replace for any text file. Can anyone one give me any suggestion what is the best way to do it, or is there any existing library already provide this feature? I can write my own but it may not be efficient enough. Any suggestion? Thanks!
Nacho
Nacho
|
|
|
|
|
may be you can find good example if you look into the souce code of the CString::Replace();
|
|
|
|
|
There is shell script to do string find and replace for any text file in liunx . You can find the code of liunx , may be help to you .
|
|
|
|
|
Can this help to start?
http://www.codeguru.com/forum/showthread.php?t=426623&highlight=functions
|
|
|
|
|
Hello,
In my program I have a variable which stores hwnd of a window. In order to close that window I use Postmessage and WM_Close but there is a problem. When the program is launched second time hwnd of the window that was closed is the same and the window is not shown at all. Consequently IsWindowVisible returns false for that window. I decided to use Showwindow to make that window visible but it doesn't work. After executing Showwindow(hwnd,1) Iswindowvisible returns true but that window is still not shown. So is there a way to make invisible window visible or to close it in such a way that when it is initialized second time it is visible. Thanks
|
|
|
|
|
Giorgi Dalakishvili wrote: When the program is launched second time hwnd of the window that was closed is the same
There's no guarantee the HWND will be the same the next time you run an application, so comparing
the HWND to the one in a previous instance is irrelevant.
If you meant "When the window is launched second time ..." then -
If the default window proc for the window handled the WM_CLOSE message then DestroyWindow() has
been called on the HWND so it's no longer valid. In that case, you need to create a new window,
which possibly will have a different HWND.
It's up to you to keep track of the HWND
Mark
"Go that way, really fast. If something gets in your way, turn."
|
|
|
|
|
Mark Salsbery wrote: There's no guarantee the HWND will be the same the next time you run an application, so comparing
Yes I know but in my case it is the same.
Mark Salsbery wrote: you meant "When the window is launched second time ..."
No I didn't
|
|
|
|