我试图编写一个实现md5哈希单向链表的驱动程序。迭代一个单向链表不工作驱动程序
我到目前为止的代码是:
Signature.h
#ifndef SIGNATURE_H
#define SIGNATURE_H
typedef struct {
char hash[33]; // last byte for null terminator
SINGLE_LIST_ENTRY next;
} SIGNATURE, *PSIGNATURE;
#endif
SignatureList.h
#define CopyCharArrays(src, dest, len) \
do { \
for (int i = 0; i < len; i++) \
dest[i] = src[i]; \
dest[len] = '\0'; \
} while(0)
/* Return TRUE if strings are equal */
static BOOLEAN IsEqual(char* str1, char* str2, int len)
{
for (int i = 0; i < len; i++)
if (str1[i] != str2[i])
return FALSE;
return TRUE;
}
SINGLE_LIST_ENTRY Head;
static void AddToSignatureList(char hash[32]) {
PSIGNATURE Sig = ExAllocatePool(NonPagedPoolNx, sizeof(SIGNATURE)); // allocate memory to store a SIGNATURE node
CopyCharArrays(hash, Sig->hash, 32); // place the hash in our new allocated node (puts null terminator at position 33)
DbgPrintEx(0, DPFLTR_ERROR_LEVEL, "Hash: %s\n", Sig->hash);
PushEntryList(&Head, &Sig->next); // insert the new node in our list
}
/*Returns TRUE if the hash is in the library*/
static BOOLEAN SignatureScan(char hash[32])
{
if (IsListEmpty(Head)) { // if there is no signature in the index
return FALSE;
}
else {
PSINGLE_LIST_ENTRY pSig = Head; // this is the pointer we will use to iterate
PSIGNATURE Sig;
do {
Sig = CONTAINING_RECORD(pSig, SIGNATURE, next); // get the PSIGNATURE on the current pointer
DbgPrintEx(0, DPFLTR_ERROR_LEVEL, "%s - %s\n", Sig->hash, hash);
if (!IsEqual(Sig->hash, hash, 32)) {
return TRUE;
}
pSig = &Sig->next; // go to the next node
} while (pSig != Head);
return FALSE;
}
}
MAIN.C
AddToSignatureList("2d75cc1bf8e57872781f9cd04a529256");
AddToSignatureList("00f538c3d410822e241486ca061a57ee");
AddToSignatureList("3f066dd1f1da052248aed5abc4a0c6a1");
AddToSignatureList("781770fda3bd3236d0ab8274577dddde");
AddToSignatureList("86b6c59aa48a69e16d3313d982791398");
DbgPrintEx(0, DPFLTR_ERROR_LEVEL, "Should return TRUE: %d\n", SignatureScan("3f066dd1f1da052248aed5abc4a0c6a1"));
DbgPrintEx(0, DPFLTR_ERROR_LEVEL, "Should return FALSE: %d\n", SignatureScan("3f066dd1f1da052248aed5abc4a0c6a2"));
DbgPrintEx(0, DPFLTR_ERROR_LEVEL, "Should return FALSE: %d\n", SignatureScan("526ae1b5f10eccfa069f4fd1c8b18097"));
我已阅读并this blog post但this msdn article我还是不知道什么是错在我的司机
听起来像你需要使用调试器。 – aschepler
@aschepler我正在使用WinDBG ..但你的意思是用它来查看内存空间? – L3n
逐步浏览您的代码,看看这些值的位置是不是您所期望的。 – aschepler