Invalid Key Object Pointers in Registry Notifications
来源:互联网 发布:淘宝店铺所有宝贝链接 编辑:程序博客网 时间:2024/05/29 13:30
Invalid Key Object Pointers in Registry Notifications
To avoid fatal errors and possible memory corruption, a registry filtering driver must not try to access a key object by using an invalid object pointer. This topic lists the circumstances in which theObject member of a registry callback notification structure might contain an undefined, non-NULL value.
In a registry filtering driver, the second parameter of the RegistryCallback routine is a REG_NOTIFY_CLASS enumeration value. This value indicates which type of registry callback notification structure the third parameter of theRegistryCallback routine points to. The notification structure contains information about the registry operation. The type of this structure varies according to the registry operation that is being performed.
Many of the notification structure types contain an Object member that points to a key object. In some cases, theObject member can contain a value that is non-NULL, but is not a pointer to a valid key object.
Key Object Value is Undefined
If the second parameter in a call to the RegistryCallback routine of a registry filtering driver is aREG_NOTIFY_CLASS enumeration value of RegNtPostCreateKeyEx orRegNtPostOpenKeyEx, the third parameter is a pointer to a REG_POST_OPERATION_INFORMATION structure. TheObject member of this structure is valid only if the Status member of the structure is set to STATUS_SUCCESS. Any otherStatus value, including a nonzero status code for which the NT_SUCCESS macro evaluates to TRUE, indicates that the value of theObject member is undefined.
Key Object Value is Not in a Valid State
If the second parameter in a registry callback is one of the following REG_NOTIFY_CLASS enumeration values, the Object member of the registry callback notification structure points to a key object that is being destroyed and whose reference count is zero:
RegNtPreKeyHandleClose (REG_KEY_HANDLE_CLOSE_INFORMATION structure)
RegNtPostKeyHandleClose (REG_POST_OPERATION_INFORMATION structure)
RegNtCallbackObjectContextCleanup (REG_CALLBACK_CONTEXT_CLEANUP_INFORMATION structure)
Because the Object member points to a key object that is not in a valid state, the registry filtering driver must not pass theObject pointer value as a parameter to a Windows driver support routine (for example,ObReferenceObjectByPointer).
However, during a RegistryCallback call to handle aRegNtPreKeyHandleClose or RegNtPostKeyHandleClose notification, a registry filter driver can call aconfiguration manager routine (for example,CmGetBoundTransaction) that takes a registry object as a parameter.
- Invalid Key Object Pointers in Registry Notifications
- Read Registry Key in Script Task
- Object.key()与for...in...
- MongoDB invalid char in key file
- Registry key and Registry value
- Error opening registry key
- Notifications in Android N
- linux2.6.28 insmod no invalid module in object
- Error in predict.rpart(...):invalid prediction for "rpart" object
- sftp-the server‘s host key is not cached in the registry .
- Java ---- Error:opening registry key
- SSIS 之 Exception "Cannot insert duplicate key in object..."
- NumberFormatException in setTag(int key, Object tag) method
- GitHub "Key is invalid"
- Sourcetree使用ssh后出现 The server's host key is not cached in the registry问题的解决办法
- Smart Pointers in Boost
- Smart Pointers in C++
- Notifications
- 使用 Visual Studio 进行调试
- 什么是托管应用程序和非托管应用程序
- Windows下搭建PHP开发环境
- 数组指针和指针数组的区别
- 三大著名加密算法(MD5、RSA、DES)的解析
- Invalid Key Object Pointers in Registry Notifications
- 0304
- 获取另外应用程序上下文Context的方法
- 一些科研中经常用到的工具
- 图片验证码
- SHELL TIPS: GNU SCREEN 的一些小技巧
- 郭德纲的收到货后地方
- WORD修订状态使用教程
- C++ 复制构造函数中深拷贝、浅拷贝的区别