looping NtQuerySystemInformation call in VB6

317 views Asked by At

I have a VB6 application which has the following peice of code that appears to be attempting to access Windows Process information

I think it may be the cause of an intermittent endless loop - REDIM-ming an array and chewing up all the memory.

Is there anyone out there that knows what the Following piece of code is for, and if they can help in catching the scenario whereby it loops for A long time and bytBuf grows in size too much (and can you recommend a max array size for bytBuf?)

Do

  ReDim bytBuf(nSize)

  ntStatus = NtQuerySystemInformation(SystemHandleInformation, VarPtr(bytBuf(0)), nSize, 0&)

  If (Not NT_SUCCESS(ntStatus)) Then
     If (ntStatus <> STATUS_INFO_LENGTH_MISMATCH) Then
        Erase bytBuf
        Exit Function
     End If
     'If it always ends up here, it will loop endlessly! How do I stop it?!
  Else
     Exit Do
  End If

  nSize = nSize * 2
  ReDim bytBuf(nSize)

Loop

Many thanks Andrew

1

There are 1 answers

1
jac On BEST ANSWER

The loop is doubling the size of the buffer parameter and calling the NtQuerySystemInformation method again. The loop depends on the call to succeed and assumes that a failure is the result of the ntStatus being STATUS_FLT_BUFFER_TOO_SMALL (0x801C0001) You have a couple of choices for exiting your loop.

  1. exit if the buffer reaches a certain size.
  2. exit if ntStatus is not STATUS_SUCCESS (0x00000000) or STATUS_FLT_BUFFER_TOO_SMALL (0x801C0001)

Also Microsoft advises NOT using the NtQuerySystemInformation method as it might change from Windows version to Windows version. The details and alternative methods can be found at NtQuerySystemInformation function