RtlUnicodeStringVPrintfEx - NtDoc
Native API online documentation, based on the System Informer
(formerly Process Hacker) phnt
headers
#ifndef _NTSTRSAFE_H_INCLUDED_
#ifndef NTSTRSAFE_LIB_IMPL
#ifndef NTSTRSAFE_NO_UNICODE_STRING_FUNCTIONS
/*++
NTSTATUS
RtlUnicodeStringVPrintfEx(
_Inout_ PUNICODE_STRING DestinationString OPTIONAL,
_Out_opt_ PUNICODE_STRING RemainingString OPTIONAL,
_In_ DWORD dwFlags,
_In_ _Printf_format_string_ PCWSTR pszFormat OPTIONAL,
_In_ va_list argList
);
Routine Description:
This routine is a safer version of the C built-in function 'vsprintf' with
some additional parameters for PUNICODE_STRING. In addition to the
functionality provided by RtlUnicodeStringVPrintf, this routine also
returns a PUNICODE_STRING which points to the end of the destination
string. The flags parameter allows additional controls.
Arguments:
DestinationString - pointer to the counted unicode destination string
RemainingString - if RemainingString is non-null, the function will format
the pointer with the remaining buffer and number of
bytes left in the destination string
dwFlags - controls some details of the string copy:
STRSAFE_FILL_BEHIND
if the function succeeds, the low byte of dwFlags will be
used to fill the uninitialize part of destination buffer
STRSAFE_IGNORE_NULLS
do not fault if DestinationString is null and treat NULL pszFormat like
empty strings (L"").
STRSAFE_FILL_ON_FAILURE
if the function fails, the low byte of dwFlags will be
used to fill all of the destination buffer. This will
overwrite any truncated string returned when the failure is
STATUS_BUFFER_OVERFLOW
STRSAFE_NO_TRUNCATION /
STRSAFE_ZERO_LENGTH_ON_FAILURE
if the function fails, the destination Length will be set
to zero. This will overwrite any truncated string
returned when the failure is STATUS_BUFFER_OVERFLOW.
pszFormat - format string which must be null terminated
argList - va_list from the variable arguments according to the
stdarg.h convention
Notes:
Behavior is undefined if destination, format strings or any arguments
strings overlap.
DestinationString and pszFormat should not be NULL unless the STRSAFE_IGNORE_NULLS
flag is specified. If STRSAFE_IGNORE_NULLS is passed, both DestinationString and
pszFormat may be NULL. An error may still be returned even though NULLS
are ignored due to insufficient space.
Return Value:
STATUS_SUCCESS - if there was sufficient space in the dest buffer for
the resultant string
failure - the operation did not succeed
STATUS_BUFFER_OVERFLOW
Note: This status has the severity class Warning - IRPs completed with this
status do have their data copied back to user mode
- this return value is an indication that the print
operation failed due to insufficient space. When this
error occurs, the destination buffer is modified to
contain a truncated version of the ideal result. This is
useful for situations where truncation is ok.
It is strongly recommended to use the NT_SUCCESS() macro to test the
return value of this function
--*/
NTSTRSAFEDDI
RtlUnicodeStringVPrintfEx(
_Inout_ PUNICODE_STRING DestinationString,
_Out_opt_ PUNICODE_STRING RemainingString,
_In_ DWORD dwFlags,
_In_ _Printf_format_string_ NTSTRSAFE_PCWSTR pszFormat,
_In_ va_list argList)
{
NTSTATUS status;
wchar_t* pszDest;
size_t cchDest;
status = RtlUnicodeStringValidateDestWorker(DestinationString,
&pszDest,
&cchDest,
NULL,
NTSTRSAFE_UNICODE_STRING_MAX_CCH,
dwFlags);
if (NT_SUCCESS(status))
{
wchar_t* pszDestEnd = pszDest;
size_t cchRemaining = cchDest;
size_t cchNewDestLength = 0;
status = RtlStringExValidateSrcW(&pszFormat, NULL, NTSTRSAFE_UNICODE_STRING_MAX_CCH, dwFlags);
if (NT_SUCCESS(status))
{
if (dwFlags & (~STRSAFE_UNICODE_STRING_VALID_FLAGS))
{
status = STATUS_INVALID_PARAMETER;
}
else if (cchDest == 0)
{
// only fail if there was actually a non-empty format string
if (*pszFormat != L'\0')
{
if (pszDest == NULL)
{
status = STATUS_INVALID_PARAMETER;
}
else
{
status = STATUS_BUFFER_OVERFLOW;
}
}
}
else
{
status = RtlWideCharArrayVPrintfWorker(pszDest,
cchDest,
&cchNewDestLength,
pszFormat,
argList);
pszDestEnd = pszDest + cchNewDestLength;
cchRemaining = cchDest - cchNewDestLength;
if (NT_SUCCESS(status) &&
(dwFlags & STRSAFE_FILL_BEHIND) &&
(cchRemaining != 0))
{
// handle the STRSAFE_FILL_BEHIND flag
RtlUnicodeStringExHandleFill(pszDestEnd, cchRemaining, dwFlags);
}
}
}
if (!NT_SUCCESS(status) &&
(dwFlags & (STRSAFE_NO_TRUNCATION | STRSAFE_FILL_ON_FAILURE | STRSAFE_ZERO_LENGTH_ON_FAILURE)) &&
(cchDest != 0))
{
// handle the STRSAFE_NO_TRUNCATION, STRSAFE_FILL_ON_FAILURE, and STRSAFE_ZERO_LENGTH_ON_FAILURE flags
RtlUnicodeStringExHandleOtherFlags(pszDest,
cchDest,
0,
&cchNewDestLength,
&pszDestEnd,
&cchRemaining,
dwFlags);
}
if (DestinationString)
{
// safe to multiply cchNewDestLength * sizeof(wchar_t) since cchDest < NTSTRSAFE_UNICODE_STRING_MAX_CCH and sizeof(wchar_t) is 2
DestinationString->Length = (USHORT)(cchNewDestLength * sizeof(wchar_t));
}
if (NT_SUCCESS(status) || (status == STATUS_BUFFER_OVERFLOW))
{
if (RemainingString)
{
RemainingString->Length = 0;
// safe to multiply cchRemaining * sizeof(wchar_t) since cchRemaining < NTSTRSAFE_UNICODE_STRING_MAX_CCH and sizeof(wchar_t) is 2
RemainingString->MaximumLength = (USHORT)(cchRemaining * sizeof(wchar_t));
RemainingString->Buffer = pszDestEnd;
}
}
}
return status;
}
View code on GitHub// ntstrsafe.h
NTSTRSAFEDDI RtlUnicodeStringVPrintfEx(
[out] PUNICODE_STRING DestinationString,
[out, optional] PUNICODE_STRING RemainingString,
[in] DWORD dwFlags,
[in] NTSTRSAFE_PCWSTR pszFormat,
[in] va_list argList
);
View the official Windows Driver Kit DDI referenceNo description available.
The RtlUnicodeStringVPrintfEx function creates a text string, with formatting that is based on supplied formatting information, and stores the string in a UNICODE_STRING structure.
DestinationString [out]Optional. A pointer to a UNICODE_STRING structure that receives a formatted string. RtlUnicodeStringVPrintfEx creates this string from the formatting string that pszFormat supplies and the function's argument list. The maximum number of characters in the string is NTSTRSAFE_UNICODE_STRING_MAX_CCH. DestinationString can be NULL, but only if STRSAFE_IGNORE_NULLS is set in dwFlags.
RemainingString [out, optional]Optional. If the caller supplies a non-NULL pointer to a UNICODE_STRING structure, RtlUnicodeStringVPrintfE sets this structure's Buffer member to the end of the formatted string, sets the structure's Length member to zero, and sets the structure's MaximumLength member to the number of bytes that are remaining in the destination buffer. RemainingString can be NULL, but only if STRSAFE_IGNORE_NULLS is set in dwFlags.
dwFlags [in]One or more flags and, optionally, a fill byte. The flags are defined as follows:
If this flag is set and the function succeeds, the low byte of dwFlags is used to fill the portion of the destination buffer that follows the last character in the string.
If this flag is set, the source or destination pointer, or both, can be NULL. RtlUnicodeStringVPrintfEx treats NULL source buffer pointers like empty strings (TEXT("")), which can be copied. NULL destination buffer pointers cannot receive nonempty strings.
If this flag is set and the function fails, the low byte of dwFlags is used to fill the entire destination buffer. This operation overwrites any preexisting buffer contents.
If this flag is set and the function fails, the destination buffer is set to an empty string (TEXT("")). This operation overwrites any preexisting buffer contents.
If this flag is set and the function returns STATUS_BUFFER_OVERFLOW, the contents of the destination buffer are not modified.
If this flag is set and the function returns STATUS_BUFFER_OVERFLOW, the destination string length is set to zero bytes.
pszFormat [in]A pointer to a null-terminated text string that contains printf-styled formatting directives. This pointer can be NULL, but only if STRSAFE_IGNORE_NULLS is set in dwFlags.
argList [in]A va_list-typed argument list. Arguments in this argument list will be interpreted by the using formatting string that pszFormat supplies.
RtlUnicodeStringVPrintfEx returns one of the following NTSTATUS values.
| Return code | Description |
|---|---|
| STATUS_SUCCESS | This success status means source data was present, and the strings were concatenated without truncation. |
| STATUS_BUFFER_OVERFLOW | This warning status means the copy operation did not complete due to insufficient space in the destination buffer. If STRSAFE_NO_TRUNCATION is set in dwFlags, the destination buffer is not modified. If the flag is not set, the destination buffer contains a truncated version of the copied string. |
| STATUS_INVALID_PARAMETER | This error status means the function received an invalid input parameter. For more information, see the following paragraph. |
RtlUnicodeStringVPrintfEx returns the STATUS_INVALID_PARAMETER value when one of the following occurs:
For information about how to test NTSTATUS values, see Using NTSTATUS Values.
The RtlUnicodeStringVPrintfEx function uses the destination buffer's size to ensure that the string formatting operation does not write past the end of the buffer. By default, the function does not terminate the resultant string with a null character value (that is, with zero). As an option, the caller can use the STRSAFE_FILL_BEHIND flag and a fill byte value of zero to null-terminate a resultant string that does not occupy the entire destination buffer.
RtlUnicodeStringVPrintfEx adds to the functionality of the RtlUnicodeStringVPrintf function by returning a UNICODE_STRING structure that identifies the end of the destination string and the number of bytes that are left unused in that string. You can pass flags to RtlUnicodeStringVPrintfEx for additional control.
If the format string and the destination string overlap, the behavior of the function is undefined.
The pszFormat and DestinationString pointers cannot be NULL unless the STRSAFE_IGNORE_NULLS flag is set in dwFlags. If STRSAFE_IGNORE_NULLS is set, one or both of these pointers can be NULL. If the DestinationString pointer is NULL, the pszFormat pointer must be NULL or point to an empty string.
For more information about va_list-typed argument lists, see the Microsoft Windows SDK documentation.
For more information about the safe string functions, see Using Safe String Functions.