ChupaChu Posted October 5, 2007 Posted October 5, 2007 I was trying to detect if syser is runing or not, idea is if it is running read access to its driver file will be denied.. balah blah.. but strange thing happens when i execute this code:function isitthere:boolean;var s:pAnsiChar;s1,s3:string;beginGetSystemDirectory(s,255); //s is Pchar of system folder (e.g. c:\win\system32)s1:=String(s)+'\drivers'; //s1=drivers path of windows - where sysboot usualy is..SetCurrentDir(s1); //change to s1 dirs3:='SysBoot.sys';Result := FileAge(s3) <> -1; //look for file s3 (true if its there false if not there)end;When i run this code it throwas an exception - access violation of some kind, then i terminate the process and my winlogon.exe process freeks out and go to 100% cpu usage until next reboot!? What is happening here?!Interesting thing it does not happen if i look for lets say .txt file :?)How to go around this?Any ideas?
4e4en Posted October 5, 2007 Posted October 5, 2007 try this onefunction isitthere:boolean;var s:pAnsiChar;beginGetSystemDirectory(s,255);Result := FileExists( String(s) + '\drivers\SysBoot.sys' );end;
ChupaChu Posted October 5, 2007 Author Posted October 5, 2007 It shud work but it does not.I get in olly: Access violation when reading [65747385] and then it crashes. Last thing i get is:EAX 65747379ECX 7C97C0D8 ntdll.7C97C0D8EDX 65747385EBX 0019F500ESP 000A117CEBP 000A119CESI 00000000EDI 7C90EE18 ntdll.7C90EE18EIP 7C937969 ntdll.7C937969C 0 ES 0023 32bit 0(FFFFFFFF)P 0 CS 001B 32bit 0(FFFFFFFF)A 0 SS 0023 32bit 0(FFFFFFFF)Z 0 DS 0023 32bit 0(FFFFFFFF)S 0 FS 003B 32bit 7FFDF000(FFF)T 0 GS 0000 NULLD 0O 0 LastErr ERROR_SUCCESS (00000000)EFL 00000202 (NO,NB,NE,A,NS,PO,GE,G)I really dont know why is this happening. Any clues?
4e4en Posted October 6, 2007 Posted October 6, 2007 function isitthere:boolean;var s: string; len: cardinal;beginSetLength(s, MAX_PATH);len := GetTempPath(MAX_PATH, PChar(s));SetLength(TempDir, s);Result := FileExists( s + '\drivers\SysBoot.sys' );end;
ChupaChu Posted October 6, 2007 Author Posted October 6, 2007 (edited) Excelent idea to use MAX_PATH, as i looked in olly after crashing it always dies on address of [000000xx]=??? and you will guess i had (xx-1) bytes of data successfully read (full path) and it just did not stop - i really cant imagine why!?..I have found also that in one function the same code work in another not, so i guess it is some bug in place but i dont want to waste my time on that just now.4e4en - Thanks once again for support - You have been extremely helpful its apreciated!!! Edited October 6, 2007 by ChupaChu
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now