Windows Driver: ZwReadFile returns STATUS_INVALID_HANDLE

Question

In learning how to write Windows drivers, I am modifying the Windows Driver Sample for the AvsCamera.

I want to replace the simulated image with one from a bitmap file. In the Synthesizer.cpp file, I have commented out the calls to SynthesizeBars(), ApplyGradient(), and EncodeNumber() within the Synthesize() method, and replaced them with this code:

KIRQL level = KeGetCurrentIrql();
if( level == PASSIVE_LEVEL ) {
    DbgPrintEx(DPFLTR_IHVDRIVER_ID, DPFLTR_INFO_LEVEL, "Ok to perform file io.");
    UNICODE_STRING filename;
    OBJECT_ATTRIBUTES fileAttr;
    IO_STATUS_BLOCK fhStatus;
    HANDLE fh;
    NTSTATUS status;
    RtlInitUnicodeString(&filename, L"\\SystemRoot\\AvsCameraTest.bmp");
    InitializeObjectAttributes(&fileAttr, &filename, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, NULL, NULL);
    status = ZwOpenFile(&fh, FILE_READ_DATA, &fileAttr, &fhStatus, 0, FILE_RANDOM_ACCESS);
    if( NT_SUCCESS(status) ) {
        status = ZwReadFile(&fh, NULL, NULL, NULL, &fhStatus, m_Buffer, m_Length, /*&byteOffset*/NULL, NULL);
        if( NT_SUCCESS(status) ) {
            DbgPrintEx(DPFLTR_IHVDRIVER_ID, DPFLTR_INFO_LEVEL, "Read bitmap file success.\n");
        } else DbgPrintEx(DPFLTR_IHVDRIVER_ID, DPFLTR_ERROR_LEVEL, "Unable to read bitmap file [0x%x].\n", status);
        ZwClose(fh);
    } else DbgPrintEx(DPFLTR_IHVDRIVER_ID, DPFLTR_ERROR_LEVEL, "Unable to open bitmap file [0x%x].\n", status);
} else DbgPrintEx(DPFLTR_IHVDRIVER_ID, DPFLTR_ERROR_LEVEL, "Do not perform file io at IRQ level 0x%x.\n", level);

This is my first step: I am aware that I'm ignoring the bmp header.

The call to ZwOpenFile() is successful, but ZwReadFile() returns STATUS_INVALID_HANDLE.

I've tried using a LARGE_INTEGER byteOffset, and FILE_SYNCHRONOUS_IO_NONALERT instead of FILE_RANDOM_ACCESS. I've also tried using ZwCreateFile() with GENERIC_READ and FILE_ATTRIBUTE_READONLY parameters.

I have been successful in writing to a file using similar code.

What is the issue with my attempt at acquiring the proper filehandle for reading?

`ZwReadFile(&fh` Why do you pass the *address* of the handle there? — dxiv, Jul 06 '16 at 23:46

score 3 · Accepted Answer · edited Jul 06 '16 at 23:58

3

You are passing a pointer to the HANDLE variable itself when you should be passing the value of the HANDLE instead.

Change this:

status = ZwReadFile(&fh, ...);

To this:

status = ZwReadFile(fh, ...);

edited Jul 06 '16 at 23:58

Remy Lebeau

555,201
31
458
770

answered Jul 06 '16 at 23:52

bennji_of_the_overflow

1,123
5
13

Thanks. It's strange that I didn't get a compiler warning about that. I'm still getting an invalid handle status back, though. – Hildigerr Jul 07 '16 at 18:03
Correction: now it is a STATUS_INVALID_PARAMETER error. At least now I know where to look next. Thanks. – Hildigerr Jul 07 '16 at 18:26
Unfortunately, `HANDLE` is typedef'd as `void *` and [both C and C++ will implicitly convert any kind of pointer to a void pointer](http://stackoverflow.com/a/1736841/886887). – Harry Johnston Jul 09 '16 at 04:37

Windows Driver: ZwReadFile returns STATUS_INVALID_HANDLE

1 Answers1