📄 pnp.cod
字号:
; 609 : IoSetDeviceInterfaceState ( &devExt->SymbolicLink , FALSE ) ;
0000a 6a 00 push 0
0000c 8d 47 5c lea eax, DWORD PTR [edi+92]
0000f 50 push eax
00010 ff 15 00 00 00
00 call DWORD PTR __imp__IoSetDeviceInterfaceState@8
; 610 : #ifdef DBG
; 611 : if ( status != STATUS_SUCCESS )
; 612 : {
; 613 : DBGPRINT( DBG_COMP_PNP, DBG_LEVEL_VERBOSE, ("IoSetDeviceInterfaceState : reports %d\n" , status ) );
; 614 : }
; 615 : #endif
; 616 :
; 617 : Irp->IoStatus.Status = STATUS_SUCCESS;
00016 8b 74 24 14 mov esi, DWORD PTR _Irp$[esp+8]
0001a 83 66 18 00 and DWORD PTR [esi+24], 0
; 618 : IoSkipCurrentIrpStackLocation( Irp );
0001e fe 46 23 inc BYTE PTR [esi+35]
00021 83 46 60 24 add DWORD PTR [esi+96], 36 ; 00000024H
; 619 : status = IoCallDriver( devExt->LowerDeviceObject, Irp );
00025 8b 4f 04 mov ecx, DWORD PTR [edi+4]
00028 8b d6 mov edx, esi
0002a ff 15 00 00 00
00 call DWORD PTR __imp_@IofCallDriver@8
; 620 :
; 621 :
; 622 : //
; 623 : // Set the device status to REMOVED and wait for other drivers
; 624 : // to release the lock, then delete the device object
; 625 : //
; 626 : devExt->DevState = REMOVED;
; 627 : IoReleaseRemoveLockAndWait(&devExt->RemoveLock, Irp);
00030 6a 18 push 24 ; 00000018H
00032 c7 47 0c 05 00
00 00 mov DWORD PTR [edi+12], 5
00039 56 push esi
0003a 83 c7 10 add edi, 16 ; 00000010H
0003d 57 push edi
0003e ff 15 00 00 00
00 call DWORD PTR __imp__IoReleaseRemoveLockAndWaitEx@12
; 628 :
; 629 : driverExtension = IoGetDriverObjectExtension(DeviceObject->DriverObject,
; 630 : RAMDISK_DRIVER_EXTENSION_KEY);
00044 68 00 00 00 00 push OFFSET FLAT:_DriverEntry@8
00049 ff 73 08 push DWORD PTR [ebx+8]
0004c ff 15 00 00 00
00 call DWORD PTR __imp__IoGetDriverObjectExtension@8
; 631 : ASSERT ( driverExtension != NULL );
; 632 : driverExtension->DeviceInitialized = FALSE;
00052 83 60 08 00 and DWORD PTR [eax+8], 0
; 633 :
; 634 : RamDiskCleanUp( DeviceObject );
00056 53 push ebx
00057 e8 00 00 00 00 call _RamDiskCleanUp@4
0005c 5f pop edi
0005d 5e pop esi
0005e 5b pop ebx
; 635 :
; 636 : DBGPRINT( DBG_COMP_PNP, DBG_LEVEL_NOTIFY, ("Device Removed succesfully\n" ) );
; 637 :
; 638 : return;
; 639 : } // end RamDiskRemoveDevice()
0005f c2 08 00 ret 8
_RamDiskRemoveDevice@8 ENDP
_TEXT ENDS
PUBLIC _GetPnpIrpName@4
EXTRN __imp__sprintf:NEAR
_BSS SEGMENT
?functionName@?1??GetPnpIrpName@@9@9 DB 050H DUP (?) ; `GetPnpIrpName'::`2'::functionName
_BSS ENDS
; COMDAT _GetPnpIrpName@4
_TEXT SEGMENT
$SG14584 DB 'IRP_MN_START_DEVICE', 00H
$SG14586 DB 'IRP_MN_QUERY_REMOVE_DEVICE', 00H
ORG $+1
$SG14588 DB 'IRP_MN_REMOVE_DEVICE', 00H
ORG $+3
$SG14590 DB 'IRP_MN_CANCEL_REMOVE_DEVICE', 00H
$SG14592 DB 'IRP_MN_STOP_DEVICE', 00H
ORG $+1
$SG14594 DB 'IRP_MN_QUERY_STOP_DEVICE', 00H
ORG $+3
$SG14596 DB 'IRP_MN_CANCEL_STOP_DEVICE', 00H
ORG $+2
$SG14598 DB 'IRP_MN_QUERY_DEVICE_RELATIONS', 00H
ORG $+2
$SG14600 DB 'IRP_MN_QUERY_INTERFACE', 00H
ORG $+1
$SG14602 DB 'IRP_MN_QUERY_CAPABILITIES', 00H
ORG $+2
$SG14604 DB 'IRP_MN_QUERY_RESOURCES', 00H
ORG $+1
$SG14606 DB 'IRP_MN_QUERY_RESOURCE_REQUIREMENTS', 00H
ORG $+1
$SG14608 DB 'IRP_MN_QUERY_DEVICE_TEXT', 00H
ORG $+3
$SG14610 DB 'IRP_MN_FILTER_RESOURCE_REQUIREMENTS', 00H
$SG14612 DB 'IRP_MN_READ_CONFIG', 00H
ORG $+1
$SG14614 DB 'IRP_MN_WRITE_CONFIG', 00H
$SG14616 DB 'IRP_MN_EJECT', 00H
ORG $+3
$SG14618 DB 'IRP_MN_SET_LOCK', 00H
$SG14620 DB 'IRP_MN_QUERY_ID', 00H
$SG14622 DB 'IRP_MN_QUERY_PNP_DEVICE_STATE', 00H
ORG $+2
$SG14624 DB 'IRP_MN_QUERY_BUS_INFORMATION', 00H
ORG $+3
$SG14626 DB 'IRP_MN_DEVICE_USAGE_NOTIFICATION', 00H
ORG $+3
$SG14628 DB 'IRP_MN_SURPRISE_REMOVAL', 00H
$SG14630 DB 'IRP_MN_QUERY_LEGACY_BUS_INFORMATION', 00H
$SG14632 DB 'Unknown IRP(0x%x)', 00H
; Function compile flags: /Ogsy
_PnpMinorFunction$ = 8
_GetPnpIrpName@4 PROC NEAR ; COMDAT
; 662 : static char functionName[80];
; 663 :
; 664 : PAGED_CODE();
; 665 :
; 666 : switch ( PnpMinorFunction ) {
0028a 0f b6 44 24 04 movzx eax, BYTE PTR _PnpMinorFunction$[esp-4]
0028f 83 f8 18 cmp eax, 24 ; 00000018H
00292 0f 87 ca 00 00
00 ja $L14631
00298 ff 24 85 00 00
00 00 jmp DWORD PTR $L14698[eax*4]
$L14583:
; 667 :
; 668 : case IRP_MN_START_DEVICE: // 0x00
; 669 : return "IRP_MN_START_DEVICE";
0029f b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14584
002a4 e9 d2 00 00 00 jmp $L14580
$L14585:
; 670 : break;
; 671 :
; 672 : case IRP_MN_QUERY_REMOVE_DEVICE: // 0x01
; 673 : return "IRP_MN_QUERY_REMOVE_DEVICE";
002a9 b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14586
002ae e9 c8 00 00 00 jmp $L14580
$L14587:
; 674 : break;
; 675 :
; 676 : case IRP_MN_REMOVE_DEVICE: // 0x02
; 677 : return "IRP_MN_REMOVE_DEVICE";
002b3 b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14588
002b8 e9 be 00 00 00 jmp $L14580
$L14589:
; 678 : break;
; 679 :
; 680 : case IRP_MN_CANCEL_REMOVE_DEVICE: // 0x03
; 681 : return "IRP_MN_CANCEL_REMOVE_DEVICE";
002bd b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14590
002c2 e9 b4 00 00 00 jmp $L14580
$L14591:
; 682 : break;
; 683 :
; 684 : case IRP_MN_STOP_DEVICE: // 0x04
; 685 : return "IRP_MN_STOP_DEVICE";
002c7 b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14592
002cc e9 aa 00 00 00 jmp $L14580
$L14593:
; 686 : break;
; 687 :
; 688 : case IRP_MN_QUERY_STOP_DEVICE: // 0x05
; 689 : return "IRP_MN_QUERY_STOP_DEVICE";
002d1 b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14594
002d6 e9 a0 00 00 00 jmp $L14580
$L14595:
; 690 : break;
; 691 :
; 692 : case IRP_MN_CANCEL_STOP_DEVICE: // 0x06
; 693 : return "IRP_MN_CANCEL_STOP_DEVICE";
002db b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14596
002e0 e9 96 00 00 00 jmp $L14580
$L14597:
; 694 : break;
; 695 :
; 696 : case IRP_MN_QUERY_DEVICE_RELATIONS: // 0x07
; 697 : return "IRP_MN_QUERY_DEVICE_RELATIONS";
002e5 b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14598
002ea e9 8c 00 00 00 jmp $L14580
$L14599:
; 698 : break;
; 699 :
; 700 : case IRP_MN_QUERY_INTERFACE: // 0x08
; 701 : return "IRP_MN_QUERY_INTERFACE";
002ef b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14600
002f4 e9 82 00 00 00 jmp $L14580
$L14601:
; 702 : break;
; 703 :
; 704 : case IRP_MN_QUERY_CAPABILITIES: // 0x09
; 705 : return "IRP_MN_QUERY_CAPABILITIES";
002f9 b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14602
002fe eb 7b jmp SHORT $L14580
$L14603:
; 706 : break;
; 707 :
; 708 : case IRP_MN_QUERY_RESOURCES: // 0x0A
; 709 : return "IRP_MN_QUERY_RESOURCES";
00300 b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14604
00305 eb 74 jmp SHORT $L14580
$L14605:
; 710 : break;
; 711 :
; 712 : case IRP_MN_QUERY_RESOURCE_REQUIREMENTS: // 0x0B
; 713 : return "IRP_MN_QUERY_RESOURCE_REQUIREMENTS";
00307 b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14606
0030c eb 6d jmp SHORT $L14580
$L14607:
; 714 : break;
; 715 :
; 716 : case IRP_MN_QUERY_DEVICE_TEXT: // 0x0C
; 717 : return "IRP_MN_QUERY_DEVICE_TEXT";
0030e b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14608
00313 eb 66 jmp SHORT $L14580
$L14609:
; 718 : break;
; 719 :
; 720 : case IRP_MN_FILTER_RESOURCE_REQUIREMENTS: // 0x0D
; 721 : return "IRP_MN_FILTER_RESOURCE_REQUIREMENTS";
00315 b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14610
0031a eb 5f jmp SHORT $L14580
$L14611:
; 722 : break;
; 723 :
; 724 : case IRP_MN_READ_CONFIG: // 0x0F
; 725 : return "IRP_MN_READ_CONFIG";
0031c b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14612
00321 eb 58 jmp SHORT $L14580
$L14613:
; 726 : break;
; 727 :
; 728 : case IRP_MN_WRITE_CONFIG: // 0x10
; 729 : return "IRP_MN_WRITE_CONFIG";
00323 b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14614
00328 eb 51 jmp SHORT $L14580
$L14615:
; 730 : break;
; 731 :
; 732 : case IRP_MN_EJECT: // 0x11
; 733 : return "IRP_MN_EJECT";
0032a b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14616
0032f eb 4a jmp SHORT $L14580
$L14617:
; 734 : break;
; 735 :
; 736 : case IRP_MN_SET_LOCK: // 0x12
; 737 : return "IRP_MN_SET_LOCK";
00331 b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14618
00336 eb 43 jmp SHORT $L14580
$L14619:
; 738 : break;
; 739 :
; 740 : case IRP_MN_QUERY_ID: // 0x13
; 741 : return "IRP_MN_QUERY_ID";
00338 b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14620
0033d eb 3c jmp SHORT $L14580
$L14621:
; 742 : break;
; 743 :
; 744 : case IRP_MN_QUERY_PNP_DEVICE_STATE: // 0x14
; 745 : return "IRP_MN_QUERY_PNP_DEVICE_STATE";
0033f b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14622
00344 eb 35 jmp SHORT $L14580
$L14623:
; 746 : break;
; 747 :
; 748 : case IRP_MN_QUERY_BUS_INFORMATION: // 0x15
; 749 : return "IRP_MN_QUERY_BUS_INFORMATION";
00346 b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14624
0034b eb 2e jmp SHORT $L14580
$L14625:
; 750 : break;
; 751 :
; 752 : case IRP_MN_DEVICE_USAGE_NOTIFICATION: // 0x16
; 753 : return "IRP_MN_DEVICE_USAGE_NOTIFICATION";
0034d b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14626
00352 eb 27 jmp SHORT $L14580
$L14627:
; 754 : break;
; 755 :
; 756 : case IRP_MN_SURPRISE_REMOVAL: // 0x17
; 757 : return "IRP_MN_SURPRISE_REMOVAL";
00354 b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14628
00359 eb 20 jmp SHORT $L14580
$L14629:
; 758 : break;
; 759 :
; 760 : case IRP_MN_QUERY_LEGACY_BUS_INFORMATION: // 0x18
; 761 : return "IRP_MN_QUERY_LEGACY_BUS_INFORMATION";
0035b b8 00 00 00 00 mov eax, OFFSET FLAT:$SG14630
00360 eb 19 jmp SHORT $L14580
$L14631:
00362 56 push esi
; 762 : break;
; 763 :
; 764 : default:
; 765 : sprintf( functionName, "Unknown IRP(0x%x)", PnpMinorFunction );
00363 50 push eax
00364 68 00 00 00 00 push OFFSET FLAT:$SG14632
00369 be 00 00 00 00 mov esi, OFFSET FLAT:?functionName@?1??GetPnpIrpName@@9@9
0036e 56 push esi
0036f ff 15 00 00 00
00 call DWORD PTR __imp__sprintf
00375 83 c4 0c add esp, 12 ; 0000000cH
; 766 : return functionName;
00378 8b c6 mov eax, esi
0037a 5e pop esi
$L14580:
; 767 : break;
; 768 :
; 769 : } // switch
; 770 : } // End of GetPnpIrpName()
0037b c2 04 00 ret 4
$L14698:
0037e 00 00 00 00 DD $L14583
00382 00 00 00 00 DD $L14585
00386 00 00 00 00 DD $L14587
0038a 00 00 00 00 DD $L14589
0038e 00 00 00 00 DD $L14591
00392 00 00 00 00 DD $L14593
00396 00 00 00 00 DD $L14595
0039a 00 00 00 00 DD $L14597
0039e 00 00 00 00 DD $L14599
003a2 00 00 00 00 DD $L14601
003a6 00 00 00 00 DD $L14603
003aa 00 00 00 00 DD $L14605
003ae 00 00 00 00 DD $L14607
003b2 00 00 00 00 DD $L14609
003b6 00 00 00 00 DD $L14631
003ba 00 00 00 00 DD $L14611
003be 00 00 00 00 DD $L14613
003c2 00 00 00 00 DD $L14615
003c6 00 00 00 00 DD $L14617
003ca 00 00 00 00 DD $L14619
003ce 00 00 00 00 DD $L14621
003d2 00 00 00 00 DD $L14623
003d6 00 00 00 00 DD $L14625
003da 00 00 00 00 DD $L14627
003de 00 00 00 00 DD $L14629
_GetPnpIrpName@4 ENDP
_TEXT ENDS
PUBLIC _RamDiskAddDevice@8
EXTRN _RamDiskQueryDiskRegParameters@8:NEAR
EXTRN _RamDiskFormatDisk@4:NEAR
EXTRN __imp__RtlInitUnicodeString@8:NEAR
EXTRN __imp__RtlCopyUnicodeString@8:NEAR
EXTRN __imp__RtlAppendUnicodeStringToString@8:NEAR
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -