ctypes: point to buffer in structure

Wanderer wanderer at dialup4less.com
Mon Jul 11 18:04:10 CEST 2011


On Jul 11, 1:12 am, Tim Roberts <t... at probo.com> wrote:
> Jesse R <jessr... at gmail.com> wrote:
>
> >Hey I've been trying to convert this to run through ctypes and i'm
> >having a hard time
>
> >typedef struct _SYSTEM_PROCESS_ID_INFORMATION
> >{
> >    HANDLE ProcessId;
> >    UNICODE_STRING ImageName;
> >} SYSTEM_PROCESS_IMAGE_NAME_INFORMATION,
> >*PSYSTEM_PROCESS_IMAGE_NAME_INFORMATION;
>
> >to
>
> >class SYSTEM_PROCESS_ID_INFORMATION(ctypes.Structure):
> >    _fields_ = [('pid', ctypes.c_ulong),
> >                    ('imageName', ctypes.c_wchar_p)]
> >...
> >does anyone know how to get this working?
>
> UNICODE_STRING is not just a pointer to wide characters.  It is itself a
> structure:
>
> typedef struct _UNICODE_STRING {
>     USHORT Length;
>     USHORT MaximumLength;
>     PWSTR  Buffer;
>
> } UNICODE_STRING;
>
> So, I think you want fields of ctypes.c_ulong, ctypes.c_ushort,
> ctypes.c_ushort, and ctypes.c_wchar_p.  MaximumLength gives the allocated
> size of the buffer.  Length gives the length of the string currently held
> in the buffer.  It can be less than the maximum length, and the buffer does
> NOT necessarily contain a zero-terminator.
>
> UNICODE_STRING and ANSI_STRING are used in kernel programming to avoid the
> potential ambiguities of counted strings.
> --
> Tim Roberts, t... at probo.com
> Providenza & Boekelheide, Inc.

if UNICODE_STRING is a structure you will want a structure for it

class UNICODE_STRING(ctypes.Structure):
    _fields_ = [("Length", ctypes.c_ushort),
                ("MaximumLength" ,ctypes.c_ushort),
                ("Buffer", ctypes.c_wchar_p)]

class SYSTEM_PROCESS_ID_INFORMATION(ctypes.Structure):
    _fields_ = [("pid", ctypes.c_ulong),
                ("imageName", UNICODE_STRING)]





More information about the Python-list mailing list