Real newbie question: RtlCopyMemory

Hi

just one newbie question:
I tried the following to copy three buffers 'in a row':

FIRSTBUFFER firstbuffer;
SECBUFFER secbuffer;
THIRDBUFFER thirdbuffer;

RtlCopyMemory(buffer,&firstbuffer,sizeof(firstbuffer));

RtlCopyMemory(buffer + sizeof _
(firstbuffer),&secbuffer,sizeof(secbuffer));

RtlCopyMemory(buffer + sizeof(firstbuffer) + sizeof
(secbuffer),&thirdbuffer,sizeof(thirdbuffer));

When I run this code in my driver, the system crashes.
Why?

Thanks
Sam

Sam
Wed Sep 03 08:29:35 CDT 2003

OK, here's the complete source...so what's wrong with it?

PCHAR *buffer = NULL;
FIRSTBUFFER firstbuffer;
SECBUFFER secbuffer;
THIRDBUFFER thirdbuffer;

NdisAllocateMemoryWithTag((PCHAR*)&buffer,sizeof
(firstbuffer) + sizeof(secbuffer) + sizeof
(thirdbuffer),'ALC');

RtlCopyMemory(buffer,&firstbuffer,sizeof(firstbuffer));

RtlCopyMemory(buffer + sizeof _
(firstbuffer),&secbuffer,sizeof(secbuffer));

RtlCopyMemory(buffer + sizeof(firstbuffer) + sizeof
(secbuffer),&thirdbuffer,sizeof(thirdbuffer));


NdisFreeMemory((PCHAR*)&buffer,sizeof(firstbuffer) +
sizeof(secbuffer) + sizeof(thirdbuffer),0);


Thanks for any help
Sam

John
Wed Sep 03 09:25:32 CDT 2003

"Sam Gordon" <none@none.none> wrote in message
news:056101c3721f$6a65e080$a001280a@phx.gbl...
> OK, here's the complete source...so what's wrong with it?
>
> PCHAR *buffer = NULL;
> FIRSTBUFFER firstbuffer;
> SECBUFFER secbuffer;
> THIRDBUFFER thirdbuffer;
>
> NdisAllocateMemoryWithTag((PCHAR*)&buffer,sizeof
> (firstbuffer) + sizeof(secbuffer) + sizeof
> (thirdbuffer),'ALC');

Are you checking the return status from the call to
NdisAllocateMemoryWithTag() and also ensuring that NULL != buffer? This call
allocates non-paged pool and can fail if you specify an amount of non-paged
memory greater than what's available.

One common problem is using the sizeof() operator on pointers to your
buffers when doing the allocations and sizeof() on the array or structure
making up the buffer in other locations.

>
> RtlCopyMemory(buffer,&firstbuffer,sizeof(firstbuffer));
>
> RtlCopyMemory(buffer + sizeof _
> (firstbuffer),&secbuffer,sizeof(secbuffer));
>
> RtlCopyMemory(buffer + sizeof(firstbuffer) + sizeof
> (secbuffer),&thirdbuffer,sizeof(thirdbuffer));
>
>
> NdisFreeMemory((PCHAR*)&buffer,sizeof(firstbuffer) +
> sizeof(secbuffer) + sizeof(thirdbuffer),0);
>
>
> Thanks for any help
> Sam

The easiest way to see if there is something wrong with the code being
generated by the compiler is to have the compiler generate an assembly
listing. This will allow you to see the code that is being generated.

You could also trace through the code with WinDbg and watch the code execute
to see what is happening.

...John

Pavel
Wed Sep 03 11:15:03 CDT 2003

So does it crash at the NdisFreeMemory?
Change it to NdisFreeMemory( buffer, 0, 0 )

- PA

"Sam Gordon" <none@none.none> wrote in message news:056101c3721f$6a65e080$a001280a@phx.gbl...
> OK, here's the complete source...so what's wrong with it?
>
> PCHAR *buffer = NULL;
> FIRSTBUFFER firstbuffer;
> SECBUFFER secbuffer;
> THIRDBUFFER thirdbuffer;
>
> NdisAllocateMemoryWithTag((PCHAR*)&buffer,sizeof
> (firstbuffer) + sizeof(secbuffer) + sizeof
> (thirdbuffer),'ALC');
>
> RtlCopyMemory(buffer,&firstbuffer,sizeof(firstbuffer));
>
> RtlCopyMemory(buffer + sizeof _
> (firstbuffer),&secbuffer,sizeof(secbuffer));
>
> RtlCopyMemory(buffer + sizeof(firstbuffer) + sizeof
> (secbuffer),&thirdbuffer,sizeof(thirdbuffer));
>
>
> NdisFreeMemory((PCHAR*)&buffer,sizeof(firstbuffer) +
> sizeof(secbuffer) + sizeof(thirdbuffer),0);
>
>
> Thanks for any help
> Sam

Pavel
Wed Sep 03 11:50:55 CDT 2003

The buffer should be declared either as PCHAR buffer or CHAR* buffer - not both.
Otherwise, guess what you get from pointer addition buffer+ sizeof(...) ?

- PA
[ today is a really bad day for my eyes :-( ]


> "Sam Gordon" <none@none.none> wrote in message news:056101c3721f$6a65e080$a001280a@phx.gbl...
> > OK, here's the complete source...so what's wrong with it?
> >
> > PCHAR *buffer = NULL;
> > FIRSTBUFFER firstbuffer;
> > SECBUFFER secbuffer;
> > THIRDBUFFER thirdbuffer;
> >
> > NdisAllocateMemoryWithTag((PCHAR*)&buffer,sizeof
> > (firstbuffer) + sizeof(secbuffer) + sizeof
> > (thirdbuffer),'ALC');
> >
> > RtlCopyMemory(buffer,&firstbuffer,sizeof(firstbuffer));
> >
> > RtlCopyMemory(buffer + sizeof _
> > (firstbuffer),&secbuffer,sizeof(secbuffer));
> >
> > RtlCopyMemory(buffer + sizeof(firstbuffer) + sizeof
> > (secbuffer),&thirdbuffer,sizeof(thirdbuffer));
> >
> >
> > NdisFreeMemory((PCHAR*)&buffer,sizeof(firstbuffer) +
> > sizeof(secbuffer) + sizeof(thirdbuffer),0);
> >
> >
> > Thanks for any help
> > Sam
>
>

James
Thu Sep 04 10:09:19 CDT 2003

1) You've not shown the type declarations for FIRSTBUFFER, SECBUFFER and
THIRDBUFFER. Depending on what the types are, that could be a mistake.
For example, if these are buffer descriptors -- like UNICODE_STRING --
you're using the descriptors' sizes and not that of the buffer.

2) Your 3 RtlCopyMemory are copying from the so-called buffers into your
buffer variable, overlaying it.

3) As a consequence of 2), NdisFreeMemory is almost guaranteed to fail
in one manner or another.

Sam Gordon wrote:

> PCHAR *buffer = NULL;
> FIRSTBUFFER firstbuffer;
> SECBUFFER secbuffer;
> THIRDBUFFER thirdbuffer;
>
> NdisAllocateMemoryWithTag((PCHAR*)&buffer,sizeof
> (firstbuffer) + sizeof(secbuffer) + sizeof
> (thirdbuffer),'ALC');
>
> RtlCopyMemory(buffer,&firstbuffer,sizeof(firstbuffer));
>
> RtlCopyMemory(buffer + sizeof _
> (firstbuffer),&secbuffer,sizeof(secbuffer));
>
> RtlCopyMemory(buffer + sizeof(firstbuffer) + sizeof
> (secbuffer),&thirdbuffer,sizeof(thirdbuffer));
>
> NdisFreeMemory((PCHAR*)&buffer,sizeof(firstbuffer) +
> sizeof(secbuffer) + sizeof(thirdbuffer),0);

--
If replying by e-mail, please remove "nospam." from the address.

James Antognini
Windows DDK MVP