- This topic has 2 replies, 2 voices, and was last updated 13 years, 11 months ago by
.
-
Posts
-
Hello,
I am processing the IOCTL_TDI_QUERY_DIRECT_SEND_HANDLER request and register a completion routine with the context parameter set to
IoGetCurrentIrpStackLocation( pIRP )->Parameters.DeviceIoControl.Type3InputBuffer. In the respective completion routine, I change the handler address:typedef NTSTATUS ( *PFNTCPSendData )(IN PIRP pIRP, IN PIO_STACK_LOCATION pIOSL);
NTSTATUS CRTCPFltQuerySendHandler( IN PDEVICE_OBJECT DeviceObject, IN PIRP pIRP, IN void* pvContext )
{
/*pvContext is IoGetCurrentIrpStackLocation( pIRP )->Parameters.DeviceIoControl.Type3InputBuffer*/
PFNTCPSendData* ppfnTCPSendData = (PFNTCPSendData*)pvContext;//save the handler in a global variable
g_KeIOTDIData.pfnTCPSendData_IA = *( (PFNTCPSendData **)pvContext );//modify the handler given by tcpip.sys to point to my handler
*( ( PFNTCPSendData ** )pvContext ) = MyTCPSendData;return CRBase( DeviceObject, pIRP, pvContext );
}I have noticed that MyTCPSendData is never called, instead, the previous handler ( tcpip!TCPSendData or smth like this, set by the lower driver in Type3InputBuffer ) is called multiple times. If I open a share to another computer and put some files there, my handler is never called. This code used to work. Anyone can help?
Thank you
May the prblem is in your driver load order. If SendHandler was registered before you have had a chance to modify the results then your code will be never called.
- You must be logged in to reply to this topic.