RtlStringCbCopyUnicodeStringEx - NtDoc

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers
#ifndef _NTSTRSAFE_H_INCLUDED_
#ifndef NTSTRSAFE_LIB_IMPL
#ifndef NTSTRSAFE_NO_UNICODE_STRING_FUNCTIONS

/*++

  NTSTATUS
  RtlStringCbCopyUnicodeStringEx(
  _Out_writes_bytes_(cbDest) PWSTR               pszDest         OPTIONAL,
  _In_ size_t              cbDest,
  _In_ PCUNICODE_STRING    SourceString    OPTIONAL,
  _Outptr_opt_result_bytebuffer_(*pcbRemaining) PWSTR*              ppszDestEnd     OPTIONAL,
  _Out_opt_ size_t*             pcbRemaining    OPTIONAL,
  _In_ DWORD               dwFlags
  );

  Routine Description:

  This routine copies a PUNICODE_STRING to a PWSTR. In addition to
  functionality provided by RtlStringCbCopyUnicodeString, this routine also
  returns a pointer to the end of the destination string and the number of
  characters left in the destination string including the null terminator.
  The flags parameter allows additional controls.

Arguments:

pszDest         -   destination string

cchDest         -   size of destination buffer in characters.
length must be = ((DestinationString->Length / sizeof(wchar_t)) + 1)
to hold all of the source and null terminate the string.

SourceString    -   pointer to the counted unicode source string

ppszDestEnd     -   if ppszDestEnd is non-null, the function will return a
pointer to the end of the destination string.  If the
function copied any data, the result will point to the
null termination character

pcbRemaining    -   pcbRemaining is non-null,the function will return the
number of bytes left in the destination string,
including the null terminator

dwFlags         -   controls some details of the string copy:

STRSAFE_FILL_BEHIND_NULL
if the function succeeds, the low byte of dwFlags will be
used to fill the uninitialize part of destination buffer
behind the null terminator

STRSAFE_IGNORE_NULLS
treat NULL string pointers like empty strings (TEXT("")).
this flag is useful for emulating functions like lstrcpy

STRSAFE_FILL_ON_FAILURE
if the function fails, the low byte of dwFlags will be
used to fill all of the destination buffer, and it will
be null terminated. This will overwrite any truncated
string returned when the failure is
STATUS_BUFFER_OVERFLOW

STRSAFE_NO_TRUNCATION /
STRSAFE_NULL_ON_FAILURE
if the function fails, the destination buffer will be set
to the empty string. This will overwrite any truncated string
returned when the failure is STATUS_BUFFER_OVERFLOW.

Notes:
Behavior is undefined if source and destination strings overlap.

pszDest and SourceString should not be NULL unless the STRSAFE_IGNORE_NULLS flag
is specified.  If STRSAFE_IGNORE_NULLS is passed, both pszDest and SourceString
may be NULL.  An error may still be returned even though NULLS are ignored
due to insufficient space.

Return Value:

STATUS_SUCCESS -   if there was source data and it was all copied and the
resultant dest string was null terminated

failure        -   the operation did not succeed

STATUS_BUFFER_OVERFLOW
Note: This status has the severity class Warning - IRPs completed with this
status do have their data copied back to user mode
-   this return value is an indication that the copy
operation failed due to insufficient space. When this
error occurs, the destination buffer is modified to
contain a truncated version of the ideal result. This is
useful for situations where truncation is ok

It is strongly recommended to use the NT_SUCCESS() macro to test the
return value of this function.

--*/

NTSTRSAFEDDI
    RtlStringCbCopyUnicodeStringEx(
            _Out_writes_bytes_(cbDest) NTSTRSAFE_PWSTR pszDest,
            _In_ size_t cbDest,
            _In_ PCUNICODE_STRING SourceString,
            _Outptr_opt_result_bytebuffer_(*pcbRemaining) NTSTRSAFE_PWSTR* ppszDestEnd,
            _Out_opt_ size_t* pcbRemaining,
            _In_ DWORD dwFlags)
{
    NTSTATUS status;
    size_t cchDest = cbDest / sizeof(wchar_t);

    status = RtlStringExValidateDestW(pszDest,
            cchDest,
            NTSTRSAFE_UNICODE_STRING_MAX_CCH,
            dwFlags);

    if (NT_SUCCESS(status))
    {
        wchar_t* pszSrc;
        size_t cchSrcLength;
        wchar_t* pszDestEnd = pszDest;
        size_t cchRemaining = cchDest;

        status = RtlUnicodeStringValidateSrcWorker(SourceString,
                &pszSrc,
                &cchSrcLength,
                NTSTRSAFE_UNICODE_STRING_MAX_CCH,
                dwFlags);

        if (NT_SUCCESS(status))
        {
            if (dwFlags & (~STRSAFE_VALID_FLAGS))
            {
                status = STATUS_INVALID_PARAMETER;

                if (cchDest != 0)
                {
                    *pszDest = L'\0';
                }
            }
            else if (cchDest == 0)
            {
                // only fail if there was actually src data to copy
                if (cchSrcLength != 0)
                {
                    if (pszDest == NULL)
                    {
                        status = STATUS_INVALID_PARAMETER;
                    }
                    else
                    {
                        status = STATUS_BUFFER_OVERFLOW;
                    }
                }
            }
            else
            {
                size_t cchCopied = 0;

                status = RtlStringCopyWideCharArrayWorker(pszDest,
                        cchDest,
                        &cchCopied,
                        pszSrc,
                        cchSrcLength);

                pszDestEnd = pszDest + cchCopied;
                cchRemaining = cchDest - cchCopied;

                if (NT_SUCCESS(status) && (dwFlags & STRSAFE_FILL_BEHIND_NULL))
                {
                    size_t cbRemaining;

                    // safe to multiply cchRemaining * sizeof(wchar_t) since cchRemaining < NTSTRSAFE_MAX_CCH and sizeof(wchar_t) is 2
                    cbRemaining = (cchRemaining * sizeof(wchar_t)) + (cbDest % sizeof(wchar_t));

                    // handle the STRSAFE_FILL_BEHIND_NULL flag
                    RtlStringExHandleFillBehindNullW(pszDestEnd, cbRemaining, dwFlags);
                }
            }
        }
        else
        {
            if (cchDest != 0)
            {
                *pszDest = L'\0';
            }
        }

        if (!NT_SUCCESS(status)                                                                              &&
                (dwFlags & (STRSAFE_NO_TRUNCATION | STRSAFE_FILL_ON_FAILURE | STRSAFE_NULL_ON_FAILURE)) &&
                (cbDest != 0))
        {
            // handle the STRSAFE_FILL_ON_FAILURE, STRSAFE_NULL_ON_FAILURE, and STRSAFE_NO_TRUNCATION flags
            RtlStringExHandleOtherFlagsW(pszDest,
                    cbDest,
                    0,
                    &pszDestEnd,
                    &cchRemaining,
                    dwFlags);
        }

        if (NT_SUCCESS(status) || (status == STATUS_BUFFER_OVERFLOW))
        {
            if (ppszDestEnd)
            {
                *ppszDestEnd = pszDestEnd;
            }

            if (pcbRemaining)
            {
                // safe to multiply cchRemaining * sizeof(wchar_t) since cchRemaining < NTSTRSAFE_MAX_CCH and sizeof(wchar_t) is 2
                *pcbRemaining = (cchRemaining * sizeof(wchar_t)) + (cbDest % sizeof(wchar_t));
            }
        }
    }

    return status;
}

#endif
#endif
#endif

View code on GitHub

No description available.