RtlUnicodeStringPrintfEx - NtDoc
Native API online documentation, based on the System Informer
(formerly Process Hacker) phnt
headers
#ifndef _NTSTRSAFE_H_INCLUDED_
#ifndef NTSTRSAFE_LIB_IMPL
#ifndef NTSTRSAFE_NO_UNICODE_STRING_FUNCTIONS
#ifndef _M_CEE_PURE
/*++
NTSTATUS
RtlUnicodeStringPrintfEx(
_Inout_ PUNICODE_STRING DestinationString OPTIONAL,
_Out_opt_ PUNICODE_STRING RemainingString OPTIONAL,
_In_ DWORD dwFlags,
_In_ _Printf_format_string_ PCWSTR pszFormat OPTIONAL,
...
);
Routine Description:
This routine is a safer version of the C built-in function 'sprintf' with
some additional parameters for PUNICODE_STRINGs. In addition to the
functionality provided by RtlUnicodeStringPrintf, this routine also
returns a PUNICODE_STRING which points to the end of the destination
string. The flags parameter allows additional controls.
Arguments:
DestinationString - pointer to the counted unicode destination string
RemainingString - if RemainingString is non-null, the function will format
the pointer with the remaining buffer and number of
bytes left in the destination string
dwFlags - controls some details of the string copy:
STRSAFE_FILL_BEHIND
if the function succeeds, the low byte of dwFlags will be
used to fill the uninitialize part of destination buffer
STRSAFE_IGNORE_NULLS
do not fault if DestinationString is null and treat NULL pszFormat like
empty strings (L"").
STRSAFE_FILL_ON_FAILURE
if the function fails, the low byte of dwFlags will be
used to fill all of the destination buffer. This will
overwrite any truncated string returned when the failure is
STATUS_BUFFER_OVERFLOW
STRSAFE_NO_TRUNCATION /
STRSAFE_ZERO_LENGTH_ON_FAILURE
if the function fails, the destination Length will be set
to zero. This will overwrite any truncated string
returned when the failure is STATUS_BUFFER_OVERFLOW.
pszFormat - format string which must be null terminated
... - additional parameters to be formatted according to
the format string
Notes:
Behavior is undefined if destination, format strings or any arguments
strings overlap.
DestinationString and pszFormat should not be NULL unless the STRSAFE_IGNORE_NULLS
flag is specified. If STRSAFE_IGNORE_NULLS is passed, both DestinationString and
pszFormat may be NULL. An error may still be returned even though NULLS
are ignored due to insufficient space.
Return Value:
STATUS_SUCCESS - if there was sufficient space in the dest buffer for
the resultant string
failure - the operation did not succeed
STATUS_BUFFER_OVERFLOW
Note: This status has the severity class Warning - IRPs completed with this
status do have their data copied back to user mode
- this return value is an indication that the print
operation failed due to insufficient space. When this
error occurs, the destination buffer is modified to
contain a truncated version of the ideal result. This is
useful for situations where truncation is ok.
It is strongly recommended to use the NT_SUCCESS() macro to test the
return value of this function
--*/
NTSTRSAFEDDI
RtlUnicodeStringPrintfEx(
_Inout_ PUNICODE_STRING DestinationString,
_Out_opt_ PUNICODE_STRING RemainingString,
_In_ DWORD dwFlags,
_In_ _Printf_format_string_ NTSTRSAFE_PCWSTR pszFormat,
...)
{
NTSTATUS status;
wchar_t* pszDest;
size_t cchDest;
status = RtlUnicodeStringValidateDestWorker(DestinationString,
&pszDest,
&cchDest,
NULL,
NTSTRSAFE_UNICODE_STRING_MAX_CCH,
dwFlags);
if (NT_SUCCESS(status))
{
wchar_t* pszDestEnd = pszDest;
size_t cchRemaining = cchDest;
size_t cchNewDestLength = 0;
status = RtlStringExValidateSrcW(&pszFormat, NULL, NTSTRSAFE_UNICODE_STRING_MAX_CCH, dwFlags);
if (NT_SUCCESS(status))
{
if (dwFlags & (~STRSAFE_UNICODE_STRING_VALID_FLAGS))
{
status = STATUS_INVALID_PARAMETER;
}
else if (cchDest == 0)
{
// only fail if there was actually a non-empty format string
if (*pszFormat != L'\0')
{
if (pszDest == NULL)
{
status = STATUS_INVALID_PARAMETER;
}
else
{
status = STATUS_BUFFER_OVERFLOW;
}
}
}
else
{
va_list argList;
va_start(argList, pszFormat);
status = RtlWideCharArrayVPrintfWorker(pszDest,
cchDest,
&cchNewDestLength,
pszFormat,
argList);
va_end(argList);
pszDestEnd = pszDest + cchNewDestLength;
cchRemaining = cchDest - cchNewDestLength;
if (NT_SUCCESS(status) &&
(dwFlags & STRSAFE_FILL_BEHIND) &&
(cchRemaining != 0))
{
// handle the STRSAFE_FILL_BEHIND flag
RtlUnicodeStringExHandleFill(pszDestEnd, cchRemaining, dwFlags);
}
}
}
if (!NT_SUCCESS(status) &&
(dwFlags & (STRSAFE_NO_TRUNCATION | STRSAFE_FILL_ON_FAILURE | STRSAFE_ZERO_LENGTH_ON_FAILURE)) &&
(cchDest != 0))
{
// handle the STRSAFE_NO_TRUNCATION, STRSAFE_FILL_ON_FAILURE, and STRSAFE_ZERO_LENGTH_ON_FAILURE flags
RtlUnicodeStringExHandleOtherFlags(pszDest,
cchDest,
0,
&cchNewDestLength,
&pszDestEnd,
&cchRemaining,
dwFlags);
}
if (DestinationString)
{
// safe to multiply cchNewDestLength * sizeof(wchar_t) since cchDest < NTSTRSAFE_UNICODE_STRING_MAX_CCH and sizeof(wchar_t) is 2
DestinationString->Length = (USHORT)(cchNewDestLength * sizeof(wchar_t));
}
if (NT_SUCCESS(status) || (status == STATUS_BUFFER_OVERFLOW))
{
if (RemainingString)
{
RemainingString->Length = 0;
// safe to multiply cchRemaining * sizeof(wchar_t) since cchRemaining < NTSTRSAFE_UNICODE_STRING_MAX_CCH and sizeof(wchar_t) is 2
RemainingString->MaximumLength = (USHORT)(cchRemaining * sizeof(wchar_t));
RemainingString->Buffer = pszDestEnd;
}
}
}
return status;
}
View code on GitHubNo description available.