You are rebrowsing the *whole* list, yet the caller gave you an argument
(DriverObjectListSize) that indicated to you how large his array is.
You should browse the minimum of the whole list while making sure that "Index"
does not grow larger than DriverObjectListSize / sizeof(pointer).
Right now the function is overwriting memory possibly.
This is because + /* Then, check if given buffer is big enough to contain
list */
+ if (ListSize > DriverObjectListSize / sizeof(PDRIVER_OBJECT))
+ {
+ Status = STATUS_BUFFER_TOO_SMALL;
+ }
+ else
is incorrect. The function attempts to write as many entries as possible
instead of failing.
As per the docs:
" Note that if the array at DriverObjectList is too small, the number of driver
object pointers that are copied into the array will be less than
ActualNumberDriverObjects."
--
Best regards,
Alex Ionescu
On 2011-06-02, at 1:43 PM, [email protected] wrote:
> + /* Rebrowse the whole list */
> + ListEntry = IopFsNotifyChangeQueueHead.Flink;
> + while (ListEntry != &IopFsNotifyChangeQueueHead)
> + {
_______________________________________________
Ros-dev mailing list
[email protected]
http://www.reactos.org/mailman/listinfo/ros-dev
