摘要:本文主要向大家介绍了 C/C++知识点之通过读源码win10驱动下实现3环的GetEnvironmentVariable,通过具体的内容向大家展示,希望对大家学习C/C++知识点有所帮助。
本文主要向大家介绍了 C/C++知识点之通过读源码win10驱动下实现3环的GetEnvironmentVariable,通过具体的内容向大家展示,希望对大家学习C/C++知识点有所帮助。
效果图:
NTSTATUS NTAPI
RtlQueryEnvironmentVariable_U(PWSTR Environment,
PCUNICODE_STRING Name,
PUNICODE_STRING Value)
{
NTSTATUS Status;
PWSTR wcs;
UNICODE_STRING var;
PWSTR val;
BOOLEAN SysEnvUsed = FALSE;
DbgPrint("RtlQueryEnvironmentVariable_U Environment %p Variable %wZ Value %p\n",
Environment, Name, Value);
if (Environment == NULL)
{
MPPEB Peb = RtlGetCurrentPeb();
if (Peb) {
//RtlAcquirePebLock();
Environment = Peb->ProcessParameters->Environment;
SysEnvUsed = TRUE;
}
}
if (Environment == NULL)
{
//if (SysEnvUsed)
//RtlReleasePebLock();
return(STATUS_VARIABLE_NOT_FOUND);
}
Value->Length = 0;
wcs = Environment;
DbgPrint("Starting search at :%p\n", wcs);
while (*wcs)
{
var.Buffer = wcs++;
wcs = wcschr(wcs, L'=');
if (wcs == NULL)
{
wcs = var.Buffer + wcslen(var.Buffer);
DbgPrint("Search at :%S\n", wcs);
}
if (*wcs)
{
var.Length = var.MaximumLength = (USHORT)(wcs - var.Buffer) * sizeof(WCHAR);
val = ++wcs;
wcs += wcslen(wcs);
DbgPrint("Search at :%S\n", wcs);
if (RtlEqualUnicodeString(&var, Name, TRUE))
{
Value->Length = (USHORT)(wcs - val) * sizeof(WCHAR);
if (Value->Length <= Value->MaximumLength)
{
memcpy(Value->Buffer, val,
min(Value->Length + sizeof(WCHAR), Value->MaximumLength));
DbgPrint("Value %S\n", val);
DbgPrint("Return STATUS_SUCCESS\n");
Status = STATUS_SUCCESS;
}
else
{
DbgPrint("Return STATUS_BUFFER_TOO_SMALL\n");
Status = STATUS_BUFFER_TOO_SMALL;
}
//if (SysEnvUsed)
//RtlReleasePebLock();
return(Status);
}
}
wcs++;
}
/*if (SysEnvUsed)
RtlReleasePebLock();
*/
DbgPrint("Return STATUS_VARIABLE_NOT_FOUND: %wZ\n", Name);
return(STATUS_VARIABLE_NOT_FOUND);
}
//获取环境变量
DWORD My_Get_Environment_Variable(IN LPCWSTR lpName,
IN LPWSTR lpBuffer,
IN DWORD nSize) {
UNICODE_STRING VarName, VarValue;
NTSTATUS Status;
USHORT UniSize;
if (nSize <= (UNICODE_STRING_MAX_CHARS - 1))
{
if (nSize)
{
UniSize = (USHORT)nSize * sizeof(WCHAR) - sizeof(UNICODE_NULL);
}
else
{
UniSize = 0;
}
}
else
{
UniSize = UNICODE_STRING_MAX_BYTES - sizeof(UNICODE_NULL);
}
Status = RtlInitUnicodeStringEx(&VarName, lpName);
if (!NT_SUCCESS(Status))
{
BaseSetLastNTError(Status);
return 0;
}
RtlInitEmptyUnicodeString(&VarValue, lpBuffer, UniSize);
Status = RtlQueryEnvironmentVariable_U(NULL, &VarName, &VarValue);
if (!NT_SUCCESS(Status))
{
DbgPrint("RtlQueryEnvironmentVariable_U----------- %S\n", VarValue);
if (Status == STATUS_BUFFER_TOO_SMALL)
{
return (VarValue.Length / sizeof(WCHAR)) + sizeof(ANSI_NULL);
}
BaseSetLastNTError(Status);
return 0;
}
lpBuffer[VarValue.Length / sizeof(WCHAR)] = UNICODE_NULL;
return (VarValue.Length / sizeof(WCHAR));
}
用法:
wchar_t buffer[256];
wchar_t pwcDevNameBuf = NULL;
DWORD code = My_Get_Environment_Variable(L"TEMP", buffer, 256);
DbgPrint("buffer----------- %S\n", buffer);
本文由职坐标整理并发布,希望对同学们有所帮助。了解更多详情请关注职坐标编程语言C/C+频道!
您输入的评论内容中包含违禁敏感词
我知道了
请输入正确的手机号码
请输入正确的验证码
您今天的短信下发次数太多了,明天再试试吧!
我们会在第一时间安排职业规划师联系您!
您也可以联系我们的职业规划师咨询:
版权所有 职坐标-一站式IT培训就业服务领导者 沪ICP备13042190号-4
上海海同信息科技有限公司 Copyright ©2015 www.zhizuobiao.com,All Rights Reserved.
沪公网安备 31011502005948号