четверг, 17 января 2013 г.

bug in Malware and Rootkits Secrets and Solutions

Code from appendix of this book:
 pModuleList=ExAllocatePoolWithTag(NonPagedPool,bufsize,MY_TAG);
 //oops, out of memory...
 if (pModuleList == NULL)
 {
    DbgPrint("\nExamineDriverIrpTables():  [0] Out of memory.\n");
    return;
 }
 nt=ZwQuerySystemInformation(SystemModuleInformation,
                             pModuleList,
                             bufsize,
                             returnLength);
 if (nt != STATUS_SUCCESS)
 {
       DbgPrint("\nExamineDriverIrpTables():  [0] Error:
             ZwQuerySystemInformation() failed\n.");
       return;
 } 

Yeah, memory leak - when authors prepare for memory freeing if call to ZwQuerySystemInformation was unsuccessful ?

Комментариев нет:

Отправить комментарий