windows Driver 查询指定键值

NTSTATUS status;
	HANDLE hKey = NULL;
	OBJECT_ATTRIBUTES oa;
	UNICODE_STRING strPath = RTL_CONSTANT_STRING(L"\\Registry\\Machine\\HARDWARE\\DEVICEMAP\\SERIALCOMM");
	UNICODE_STRING strKeyName = RTL_CONSTANT_STRING(L"\\Device\\Serial0");
	ULONG ResultLength = 0;
	PKEY_VALUE_PARTIAL_INFORMATION Pkvpi;
	ULONG index = 0;

	UNICODE_STRING strOutPut;
	wchar_t strTemp[ArrayLength] = {0};
	RtlInitEmptyUnicodeString(&strOutPut, strTemp, ArrayLength);

	InitializeObjectAttributes(&oa, &strPath, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, NULL, NULL);
	status = ZwOpenKey(&hKey, KEY_ALL_ACCESS, &oa);
	if (!NT_SUCCESS(status)){
		KdPrint(("ZwOpenKey failed"));
		return;
	}

	status = ZwQueryValueKey(hKey, &strKeyName, KeyValuePartialInformation, NULL, 0, &ResultLength);
	if (status == STATUS_OBJECT_NAME_NOT_FOUND || ResultLength == 0){
		KdPrint(("ZwQueryValueKey failed"));
		ZwClose(hKey);
		return ;
	}
	Pkvpi = (PKEY_VALUE_PARTIAL_INFORMATION) ExAllocatePool(PagedPool, ResultLength);
	if (!Pkvpi){
		KdPrint(("ExAllocatePool failed"));
		ExFreePool(Pkvpi);
		ZwClose(hKey);
		return;
	}
	status = ZwQueryValueKey(hKey, &strKeyName, KeyValuePartialInformation, Pkvpi, ResultLength, &ResultLength);
	if (!NT_SUCCESS(status)){
		KdPrint(("ZwQueryValueKey failed"));
		ExFreePool(Pkvpi);
		ZwClose(hKey);
		return;
	}

	RtlStringCbPrintfW(strOutPut.Buffer, ArrayLength, L"%s", Pkvpi->Data);
	KdPrint(("%ws", strOutPut.Buffer));

	ExFreePool(Pkvpi);
	ZwClose(hKey);

 

版权声明：本文为博主原创文章，未经博主允许不得转载。