Filter Driver - Not intercepting IRP’s.

Hi,
I am writing a File system Fileter driver to listen all the File
system calls.
In the Device Entry function, i am creating a device object and set it
in IO manager by IoAttachDeviceToDeviceStack method.
the code is...
------
<code>
ntStatus = IoCreateDevice(
DriverObject,
sizeof(DEVICE_EXTENSION),
&deviceNameUnicodeString,
FILE_DEVICE_UNKNOWN,
0,
TRUE,
&filterDeviceObject);

pDevExt = (PDEVICE_EXTENSION) filterDeviceObject->DeviceExtension;
pDevExt->pDevice = filterDeviceObject; // back pointer
pDevExt->driver_state = Stopped;

LogEvent(ntStatus, filterDeviceObject, L"\nFilterDriver2.SYS:
Entering DriverEntry\n");

pDevExt->pTargetDevice = IoAttachDeviceToDeviceStack(
filterDeviceObject,
DriverObject->DeviceObject);
</code>
-----------
DriverObject is passed in the DriverEntry function.
Now, I am setting the flag for the filterDeviceObject by using,

<code>
pFilterDevObj->DeviceType = pDevExt->pTargetDevice->DeviceType;
pFilterDevObj->Characteristics =
pDevExt->pTargetDevice->Characteristics;

pFilterDevObj->Flags |= ( pDevExt->pTargetDevice->Flags &
( DO_BUFFERED_IO |
DO_POWER_INRUSH |
DO_POWER_PAGABLE));

// Initialize Event Logging counters:
pDevExt->IrpRetryCount = 0;
pDevExt->IrpSequenceNumber = 0;
</code>

When setting the flag, the system crashes and restarts.

How to solve this

If I remove setting flags, I unable to intercept the IRP’s.

How to do this

Thanks in advance.

--
http://www.WindowsForumz.com/ This article was posted by author's request
Articles individually checked for conformance to usenet standards
Topic URL: http://www.WindowsForumz.com/Device-...ict168203.html
Visit Topic URL to contact author (reg. req'd). Report abuse: http://www.WindowsForumz.com/eform.php?p=489077