MSDN Library

Windows Development

Windows Driver Development

Kernel-Mode Driver Architecture

Reference

Driver Support Routines

Executive Library Support Routines

ExAcquireFastMutex

ExAcquireFastMutexUnsafe

ExAcquireResourceExclusive

ExAcquireResourceExclusiveLite

ExAcquireResourceShared

ExAcquireResourceSharedLite

ExAcquireSharedStarveExclusive

ExAcquireSharedWaitForExclusive

ExAcquireSpinLockExclusive

ExAcquireSpinLockExclusiveAtDpcLevel

ExAcquireSpinLockShared

ExAcquireSpinLockSharedAtDpcLevel

ExAllocateFromLookasideListEx

ExAllocateFromNPagedLookasideList

ExAllocateFromPagedLookasideList

ExAllocateFromZone

ExAllocatePool

ExAllocatePoolWithQuota

ExAllocatePoolWithQuotaTag

ExAllocatePoolWithTag

ExAllocatePoolWithTagPriority

ExConvertExclusiveToShared

ExConvertExclusiveToSharedLite

ExCreateCallback

ExDeleteLookasideListEx

ExDeleteNPagedLookasideList

ExDeletePagedLookasideList

ExDeleteResource

ExDeleteResourceLite

ExExtendZone

ExFlushLookasideListEx

ExFreePool

ExFreePoolWithTag

ExFreeToLookasideListEx

ExFreeToNPagedLookasideList

ExFreeToPagedLookasideList

ExFreeToZone

ExGetCurrentResourceThread

ExGetExclusiveWaiterCount

ExGetPreviousMode

ExGetSharedWaiterCount

ExInitializeFastMutex

ExInitializeLookasideListEx

ExInitializeNPagedLookasideList

ExInitializePagedLookasideList

ExInitializeResource

ExInitializeResourceLite

ExInitializeSListHead

ExInitializeWorkItem

ExInitializeZone

ExInterlockedAddLargeInteger

ExInterlockedAddLargeStatistic

ExInterlockedAddUlong

ExInterlockedAllocateFromZone

ExInterlockedCompareExchange64

ExInterlockedDecrementLong

ExInterlockedExchangeAddLargeInteger

ExInterlockedExchangeUlong

ExInterlockedExtendZone

ExInterlockedFlushSList

ExInterlockedFreeToZone

ExInterlockedIncrementLong

ExInterlockedInsertHeadList

ExInterlockedInsertTailList

ExInterlockedPopEntryList

ExInterlockedPopEntrySList

ExInterlockedPushEntryList

ExInterlockedPushEntrySList

ExInterlockedRemoveHeadList

ExIsFullZone

ExIsObjectInFirstZoneSegment

ExIsProcessorFeaturePresent

ExIsResourceAcquired

ExIsResourceAcquiredExclusive

ExIsResourceAcquiredExclusiveLite

ExIsResourceAcquiredLite

ExIsResourceAcquiredShared

ExIsResourceAcquiredSharedLite

ExLocalTimeToSystemTime

ExNotifyCallback

ExQueryDepthSList

ExRaiseAccessViolation

ExRaiseDatatypeMisalignment

ExRaiseStatus

ExRegisterCallback

ExReinitializeResourceLite

ExReleaseFastMutex

ExReleaseFastMutexUnsafe

ExReleaseResource

ExReleaseResourceForThread

ExReleaseResourceForThreadLite

ExReleaseResourceLite

ExReleaseSpinLockExclusive

ExReleaseSpinLockExclusiveFromDpcLevel

ExReleaseSpinLockShared

ExReleaseSpinLockSharedFromDpcLevel

ExSetResourceOwnerPointer

ExSetResourceOwnerPointerEx

ExSetTimerResolution

ExSystemTimeToLocalTime

ExTryToAcquireFastMutex

ExTryConvertSharedSpinLockExclusive

ExUnregisterCallback

ExUuidCreate

InterlockedAnd

InterlockedCompareExchange

InterlockedCompareExchangeAcquire

InterlockedCompareExchangeRelease

InterlockedCompareExchangePointer

InterlockedDecrement

InterlockedDecrementAcquire

InterlockedDecrementRelease

InterlockedExchange

InterlockedExchangeAdd

InterlockedExchangePointer

InterlockedIncrement

InterlockedIncrementAcquire

InterlockedIncrementRelease

InterlockedOr

InterlockedXor

PAGED_CODE

PAGED_CODE_LOCKED

ProbeForRead

ProbeForWrite

This topic has not yet been rated - Rate this topic

ProbeForWrite routine

The ProbeForWrite routine checks that a user-mode buffer actually resides in the user-mode portion of the address space, is writable, and is correctly aligned.

Syntax

Copy

VOID ProbeForWrite(
  __inout  PVOID Address,
  __in     SIZE_T Length,
  __in     ULONG Alignment
);

Parameters

Address [in, out]: Specifies the beginning of the user-mode buffer.
Length [in]: Specifies the length, in bytes, of the user-mode buffer.
Alignment [in]: Specifies the required alignment, in bytes, of the beginning of the user-mode buffer.

Return value

None

Remarks

If the specified range of memory is not a valid user-mode address range or is not writable (no access, read-only, and so on), ProbeForWrite raises the STATUS_ACCESS_VIOLATION exception. If the beginning of the address range is not aligned on the byte boundary that is specified by Alignment, ProbeForWrite raises the STATUS_DATATYPE_MISALIGNMENT exception.

Kernel-mode drivers must use ProbeForWrite to validate write access to buffers allocated in user space. It is most commonly used during METHOD_NEITHER I/O to validate the user buffer pointed to by Irp->UserBuffer.

Drivers must call ProbeForWrite inside a try/except block. If the routine raises an exception, the driver should complete the IRP with the appropriate error. Note that subsequent accesses by the driver to the user-mode buffer must also be encapsulated within a try/except block: a malicious application could have another thread deleting, substituting, or changing the protection of user address ranges at any time (even after or during a call to ProbeForRead or ProbeForWrite). For more information, see Handling Exceptions.

Do not use this routine on kernel-mode addresses; it will raise an exception.

If Irp->RequestorMode = KernelMode, the Irp->AssociatedIrp.SystemBuffer and Irp->UserBuffer fields do not contain user-mode addresses, and a call to ProbeForWrite to probe a buffer pointed to by either field will raise an exception.

Requirements

Version	Available in Windows 2000 and later versions of Windows.
Header	Wdm.h (include Wdm.h, Ntddk.h, or Ntifs.h)
Library	Contained in Ntoskrnl.lib.
IRQL	<= APC_LEVEL

See also

ProbeForRead

Send comments about this topic to Microsoft

Build date: 4/2/2012

Did you find this helpful? Yes No

Not accurate

Not enough depth

Need more code examples

(1500 characters remaining)

© 2012 Microsoft. All rights reserved.

Terms of Use | Trademarks | Privacy Statement | Site Feedback Site Feedback

Site Feedback

x

Tell us about your experience...

Did the page load quickly?

Yes No

Do you like the page design?

Yes No

Tell us more