4 Oct
2012
4 Oct
'12
5:25 a.m.
Christian Costa titan.costa@gmail.com wrote:
PEPROCESS WINAPI IoGetCurrentProcess(void) {
- FIXME("() stub\n");
- return NULL;
- TRACE("()\n");
- /* Return current process id since PEPROCESS is opaque and drivers should not access the struct directly */
- return (PEPROCESS)PsGetCurrentProcessId();
}
The returned pointer is supposed to be passed to various other ntoskrnl APIs, and it's needs to be a valid pointer to the kernel object. Besides many not trivial kernel drivers (if not all) really dig into internal kernel structures.
Same for KeGetCurrentThread.
--
Dmitry.