|
|
|
The ProbeForRead routine checks that a user-mode buffer actually resides in the user portion of the address space, and is correctly aligned.
VOID
ProbeForRead(
IN CONST VOID *Address,
IN SIZE_T Length,
IN ULONG Alignment
);
None
Declared in wdm.h and ntddk.h. Include wdm.h or ntddk.h.
If the specified range of memory is not within the user-mode address range, ProbeForRead raises the STATUS_ACCESS_VIOLATION exception. If the beginning of the address range is not aligned on the byte boundary that is specified by Alignment, ProbeForRead raises the STATUS_DATATYPE_MISALIGNMENT exception.
Kernel-mode drivers must use ProbeForRead to validate read access to buffers that are allocated in user space. It is most commonly used during METHOD_NEITHER I/O to validate the user buffer pointed to by Irp -> UserBuffer.
Drivers must call ProbeForRead inside a try/except block. If the routine raises an exception, the driver should complete the IRP with the appropriate error. Note that subsequent accesses by the driver to the user-mode buffer must also be encapsulated within a try/except block: a malicious application could have another thread deleting, substituting, or changing the protection of user address ranges at any time (even after or during a call to ProbeForRead or ProbeForWrite). For more information, see Handling Exceptions.
Do not use this routine on kernel-mode addresses; it will raise an exception.
Callers of ProbeForRead must be running at IRQL <= APC_LEVEL.