archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 75c48ba87f
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '75c48ba87f'
${ noResults }
windows-xp/Source/XPSP1/NT/sdktools/ioverify/regutil.cxx

890 lines
21 KiB
Raw Normal View History

Add source files
4 years ago
  1. //
  2. // System level IO verification configuration utility
  3. // Copyright (c) Microsoft Corporation, 1999
  4. //
  6. //
  7. // module: regutil.cxx
  8. // author: DMihai
  9. // created: 04/19/99
  10. // description: registry keys manipulation routines
  11. //
  13. extern "C" {
  14. #include "nt.h"
  15. #include "ntrtl.h"
  16. #include "nturtl.h"
  17. }
  19. #include <windows.h>
  20. #include <tchar.h>
  21. #include <stdlib.h>
  23. #include "ResId.hxx"
  24. #include "ResUtil.hxx"
  25. #include "RegUtil.hxx"
  27. #define VRF_MAX_DRIVER_STRING_LENGTH 4196
  29. //////////////////////////////////////////////////////////////////////
  30. ///////////////////////////////////////////////////// Registry Strings
  31. //////////////////////////////////////////////////////////////////////
  33. LPCTSTR RegMemoryManagementKeyName =
  34. TEXT ("System\\CurrentControlSet\\Control\\Session Manager\\Memory Management");
  36. LPCTSTR RegMmVerifyDriverLevelValueName =
  37. TEXT ("VerifyDriverLevel");
  39. LPCTSTR RegVerifyDriversValueName =
  40. TEXT ("VerifyDrivers");
  42. LPCTSTR RegSessionManagerKeyName =
  43. TEXT ("System\\CurrentControlSet\\Control\\Session Manager");
  45. LPCTSTR RegIOVerifyKeyName =
  46. TEXT ("System\\CurrentControlSet\\Control\\Session Manager\\I/O System");
  48. LPCTSTR RegIOVerifySubKeyName =
  49. TEXT ("I/O System");
  51. LPCTSTR RegIOVerifyLevelValueName =
  52. TEXT ("IoVerifierLevel");
  54. //////////////////////////////////////////////////////////////////////
  55. /////////////// Forward decl for local registry manipulation functions
  56. //////////////////////////////////////////////////////////////////////
  58. BOOL
  59. ReadRegistryValue (
  60. HKEY hKey,
  61. LPCTSTR Name,
  62. DWORD * Value);
  64. BOOL
  65. WriteRegistryValue (
  66. HKEY hKey,
  67. LPCTSTR Name,
  68. DWORD Value);
  70. BOOL
  71. ReadRegistryString (
  72. HKEY hKey,
  73. LPCTSTR Name,
  74. LPTSTR Buffer,
  75. DWORD BufferSize );
  77. BOOL
  78. WriteRegistryString (
  79. HKEY hKey,
  80. LPCTSTR Name,
  81. LPTSTR Value);
  83. BOOL
  84. IsKernelVerifierEnabled( HKEY MmKey );
  86. //////////////////////////////////////////////////////////////////////
  87. ///////////////////////////////////////////////////// Public functions
  88. //////////////////////////////////////////////////////////////////////
  90. void
  91. EnableSysIoVerifier(
  92. DWORD dwNewVerifierLevel )
  93. {
  94. HKEY MmKey = NULL;
  95. HKEY IoKey = NULL;
  96. HKEY SmKey = NULL;
  97. DWORD dwExitCode;
  98. DWORD dwCrtFlags;
  99. DWORD dwCrtSysVerifierLevel;
  100. LONG lResult;
  102. dwExitCode = EXIT_CODE_NOTHING_CHANGED;
  104. //
  105. // Open the Mm key
  106. //
  108. lResult = RegOpenKeyEx (
  109. HKEY_LOCAL_MACHINE,
  110. RegMemoryManagementKeyName,
  111. 0,
  112. KEY_QUERY_VALUE | KEY_WRITE,
  113. &MmKey);
  115. if (lResult != ERROR_SUCCESS)
  116. {
  117. dwExitCode = EXIT_CODE_ERROR;
  119. if( lResult == ERROR_ACCESS_DENIED )
  120. {
  121. DisplayErrorMessage( IDS_ACCESS_IS_DENIED );
  122. }
  123. else
  124. {
  125. DisplayErrorMessage(
  126. IDS_REGOPENKEYEX_FAILED,
  127. RegMemoryManagementKeyName,
  128. (DWORD)lResult);
  129. }
  130. }
  131. else
  132. {
  133. if( IsKernelVerifierEnabled( MmKey ) )
  134. {
  135. //
  136. // must disable kernel verifier first
  137. //
  139. dwExitCode = EXIT_CODE_ERROR;
  141. DisplayErrorMessage( IDS_KVERIFY_ENABLED );
  142. }
  143. else
  144. {
  145. //
  146. // Open the "I/O System" key
  147. //
  149. lResult = RegOpenKeyEx (
  150. HKEY_LOCAL_MACHINE,
  151. RegIOVerifyKeyName,
  152. 0,
  153. KEY_QUERY_VALUE | KEY_WRITE,
  154. &IoKey);
  156. if( lResult != ERROR_SUCCESS )
  157. {
  158. dwExitCode = EXIT_CODE_ERROR;
  160. if( lResult == ERROR_ACCESS_DENIED )
  161. {
  162. //
  163. // access is denied
  164. //
  166. DisplayErrorMessage( IDS_ACCESS_IS_DENIED );
  167. }
  168. else
  169. {
  170. if( lResult == ERROR_FILE_NOT_FOUND )
  171. {
  172. //
  173. // the "I/O System" key doesn't exist, try to create it
  174. //
  176. //
  177. // open the "Session Manager" key
  178. //
  180. lResult = RegOpenKeyEx (
  181. HKEY_LOCAL_MACHINE,
  182. RegSessionManagerKeyName,
  183. 0,
  184. KEY_QUERY_VALUE | KEY_WRITE,
  185. &SmKey);
  187. if( lResult != ERROR_SUCCESS )
  188. {
  189. DisplayErrorMessage(
  190. IDS_REGOPENKEYEX_FAILED,
  191. RegSessionManagerKeyName,
  192. (DWORD)lResult);
  193. }
  194. else
  195. {
  196. //
  197. // create the "I/O System" key
  198. //
  200. lResult = RegCreateKeyEx(
  201. SmKey,
  202. RegIOVerifySubKeyName,
  203. 0,
  204. NULL,
  205. REG_OPTION_NON_VOLATILE,
  206. KEY_WRITE | KEY_QUERY_VALUE,
  207. NULL,
  208. &IoKey,
  209. NULL );
  211. if( lResult != ERROR_SUCCESS )
  212. {
  213. DisplayErrorMessage(
  214. IDS_REGCREATEKEYEX_FAILED,
  215. RegIOVerifySubKeyName,
  216. (DWORD)lResult);
  217. }
  218. else
  219. {
  220. //
  221. // recover from RegOpenKeyEx failure - reset the error code
  222. //
  224. dwExitCode = EXIT_CODE_NOTHING_CHANGED;
  225. }
  227. //
  228. // close the "Session Manager" key
  229. //
  231. lResult = RegCloseKey(
  232. SmKey );
  233. }
  234. }
  235. else
  236. {
  237. //
  238. // other error opening the "I/O System" key
  239. //
  241. DisplayErrorMessage(
  242. IDS_REGOPENKEYEX_FAILED,
  243. RegIOVerifyKeyName,
  244. (DWORD)lResult);
  245. }
  246. }
  247. }
  249. if( dwExitCode != EXIT_CODE_ERROR )
  250. {
  251. //
  252. // read "Mm\VerifyDriverLevel" value
  253. //
  255. if( ReadRegistryValue( MmKey, RegMmVerifyDriverLevelValueName, &dwCrtFlags ) == FALSE )
  256. {
  257. dwExitCode = EXIT_CODE_ERROR;
  258. }
  259. else
  260. {
  261. if( dwCrtFlags == -1 )
  262. {
  263. //
  264. // could not find the value
  265. //
  267. dwCrtFlags = 0;
  268. }
  270. if( ( dwCrtFlags & DRIVER_VERIFIER_IO_CHECKING ) == 0 )
  271. {
  272. //
  273. // set DRIVER_VERIFIER_IO_CHECKING bit in "Mm\VerifyDriverLevel" value
  274. //
  276. dwCrtFlags |= DRIVER_VERIFIER_IO_CHECKING ;
  278. if( WriteRegistryValue( MmKey, RegMmVerifyDriverLevelValueName, dwCrtFlags ) == FALSE )
  279. {
  280. //
  281. // cannot recover from this
  282. //
  284. dwExitCode = EXIT_CODE_ERROR;
  285. }
  286. else
  287. {
  288. dwExitCode = EXIT_CODE_REBOOT;
  289. }
  290. }
  291. }
  293. if( dwExitCode != EXIT_CODE_ERROR )
  294. {
  295. if( ReadRegistryValue( IoKey, RegIOVerifyLevelValueName, &dwCrtSysVerifierLevel ) == FALSE )
  296. {
  297. dwExitCode = EXIT_CODE_ERROR;
  298. }
  299. else
  300. {
  301. if( dwCrtSysVerifierLevel != dwNewVerifierLevel )
  302. {
  303. //
  304. // set "I/O System\IoVerifierLevel" value
  305. //
  307. if( WriteRegistryValue( IoKey, RegIOVerifyLevelValueName, dwNewVerifierLevel ) == FALSE )
  308. {
  309. //
  310. // cannot recover from this
  311. //
  313. dwExitCode = EXIT_CODE_ERROR;
  314. }
  315. else
  316. {
  317. dwExitCode = EXIT_CODE_REBOOT;
  318. }
  319. }
  320. }
  321. }
  323. RegCloseKey (IoKey);
  324. }
  325. }
  327. RegCloseKey (MmKey);
  328. }
  330. if( EXIT_CODE_REBOOT == dwExitCode )
  331. {
  332. DisplayErrorMessage( IDS_MUST_REBOOT );
  333. }
  334. else
  335. {
  336. if( EXIT_CODE_NOTHING_CHANGED == dwExitCode )
  337. {
  338. DisplayErrorMessage( IDS_NOTHING_CHANGED );
  339. }
  340. }
  342. exit( dwExitCode );
  343. }
  345. ///////////////////////////////////////////////////////////////////
  347. void
  348. DisableSysIoVerifier( void )
  349. {
  350. HKEY MmKey = NULL;
  351. HKEY IoKey = NULL;
  352. DWORD dwExitCode;
  353. DWORD dwCrtFlags;
  354. LONG lResult;
  356. dwExitCode = EXIT_CODE_NOTHING_CHANGED;
  358. //
  359. // Open the Mm key
  360. //
  362. lResult = RegOpenKeyEx (
  363. HKEY_LOCAL_MACHINE,
  364. RegMemoryManagementKeyName,
  365. 0,
  366. KEY_QUERY_VALUE | KEY_WRITE,
  367. &MmKey);
  369. if (lResult != ERROR_SUCCESS)
  370. {
  371. dwExitCode = EXIT_CODE_ERROR;
  373. if( lResult == ERROR_ACCESS_DENIED )
  374. {
  375. DisplayErrorMessage( IDS_ACCESS_IS_DENIED );
  376. }
  377. else
  378. {
  379. DisplayErrorMessage(
  380. IDS_REGOPENKEYEX_FAILED,
  381. RegMemoryManagementKeyName,
  382. (DWORD)lResult);
  383. }
  384. }
  385. else
  386. {
  387. //
  388. // read "Mm\VerifyDriverLevel" value
  389. //
  391. if( ReadRegistryValue( MmKey, RegMmVerifyDriverLevelValueName, &dwCrtFlags ) == FALSE )
  392. {
  393. dwExitCode = EXIT_CODE_ERROR;
  394. }
  395. else
  396. {
  397. if( ( dwCrtFlags != -1 ) &&
  398. ( ( dwCrtFlags & DRIVER_VERIFIER_IO_CHECKING ) != 0 ) )
  399. {
  400. //
  401. // wipe out the DRIVER_VERIFIER_IO_CHECKING flag
  402. //
  404. dwCrtFlags &= ~DRIVER_VERIFIER_IO_CHECKING;
  406. if( WriteRegistryValue( MmKey, RegMmVerifyDriverLevelValueName, dwCrtFlags ) == FALSE )
  407. {
  408. //
  409. // cannot recover from this
  410. //
  412. dwExitCode = EXIT_CODE_ERROR;
  413. }
  414. else
  415. {
  416. dwExitCode = EXIT_CODE_REBOOT;
  417. }
  418. }
  419. }
  421. RegCloseKey (MmKey);
  422. }
  424. if( dwExitCode != EXIT_CODE_ERROR )
  425. {
  426. //
  427. // open the "I/O" key
  428. //
  430. lResult = RegOpenKeyEx (
  431. HKEY_LOCAL_MACHINE,
  432. RegIOVerifyKeyName,
  433. 0,
  434. KEY_QUERY_VALUE | KEY_WRITE,
  435. &IoKey);
  437. if (lResult != ERROR_SUCCESS)
  438. {
  439. if( lResult != ERROR_FILE_NOT_FOUND )
  440. {
  441. dwExitCode = EXIT_CODE_ERROR;
  443. if( lResult == ERROR_ACCESS_DENIED )
  444. {
  445. DisplayErrorMessage( IDS_ACCESS_IS_DENIED );
  446. }
  447. else
  448. {
  449. DisplayErrorMessage(
  450. IDS_REGOPENKEYEX_FAILED,
  451. RegIOVerifyKeyName,
  452. (DWORD)lResult);
  453. }
  454. }
  455. }
  456. else
  457. {
  458. //
  459. // delete "I/O System\IoVerifierLevel" value
  460. //
  462. lResult = RegDeleteValue(
  463. IoKey,
  464. RegIOVerifyLevelValueName );
  466. if( lResult != ERROR_SUCCESS && lResult != ERROR_FILE_NOT_FOUND )
  467. {
  468. dwExitCode = EXIT_CODE_ERROR;
  470. DisplayErrorMessage(
  471. IDS_REGDELETEVALUE_FAILED,
  472. RegIOVerifyLevelValueName,
  473. (DWORD)lResult);
  474. }
  476. RegCloseKey (IoKey);
  477. }
  478. }
  480. if( EXIT_CODE_REBOOT == dwExitCode )
  481. {
  482. DisplayErrorMessage( IDS_MUST_REBOOT );
  483. }
  484. else
  485. {
  486. if( EXIT_CODE_NOTHING_CHANGED == dwExitCode )
  487. {
  488. DisplayErrorMessage( IDS_NOTHING_CHANGED );
  489. }
  490. }
  492. exit( dwExitCode );
  493. }
  495. //////////////////////////////////////////////////
  497. void
  498. DumpSysIoVerifierStatus( void )
  499. {
  500. HKEY MmKey = NULL;
  501. HKEY IoKey = NULL;
  502. DWORD dwExitCode;
  503. DWORD dwCrtFlags;
  504. DWORD dwCrtSysVerifLevel;
  505. LONG lResult;
  506. BOOL bMmFlagIsSet = FALSE;
  508. dwExitCode = EXIT_CODE_NOTHING_CHANGED;
  510. //
  511. // Open the Mm key
  512. //
  514. lResult = RegOpenKeyEx (
  515. HKEY_LOCAL_MACHINE,
  516. RegMemoryManagementKeyName,
  517. 0,
  518. KEY_QUERY_VALUE,
  519. &MmKey);
  521. if (lResult != ERROR_SUCCESS)
  522. {
  523. if( lResult != ERROR_FILE_NOT_FOUND )
  524. {
  525. dwExitCode = EXIT_CODE_ERROR;
  527. if( lResult == ERROR_ACCESS_DENIED )
  528. {
  529. DisplayErrorMessage( IDS_ACCESS_IS_DENIED );
  530. }
  531. else
  532. {
  533. DisplayErrorMessage(
  534. IDS_REGOPENKEYEX_FAILED,
  535. RegMemoryManagementKeyName,
  536. (DWORD)lResult);
  537. }
  538. }
  539. }
  540. else
  541. {
  542. //
  543. // read "Mm\VerifyDriverLevel" value
  544. //
  546. if( ReadRegistryValue( MmKey, RegMmVerifyDriverLevelValueName, &dwCrtFlags ) == FALSE )
  547. {
  548. dwExitCode = EXIT_CODE_ERROR;
  549. }
  550. else
  551. {
  552. if( ( dwCrtFlags != -1 ) &&
  553. ( ( dwCrtFlags & DRIVER_VERIFIER_IO_CHECKING ) != 0 ) )
  554. {
  555. //
  556. // DRIVER_VERIFIER_IO_CHECKING is set
  557. //
  559. bMmFlagIsSet = TRUE;
  560. }
  561. }
  564. RegCloseKey (MmKey);
  565. }
  567. if( dwExitCode != EXIT_CODE_ERROR && bMmFlagIsSet )
  568. {
  569. //
  570. // open the "I/O" key
  571. //
  573. lResult = RegOpenKeyEx (
  574. HKEY_LOCAL_MACHINE,
  575. RegIOVerifyKeyName,
  576. 0,
  577. KEY_QUERY_VALUE | KEY_WRITE,
  578. &IoKey);
  580. if (lResult != ERROR_SUCCESS)
  581. {
  582. if( lResult != ERROR_FILE_NOT_FOUND )
  583. {
  584. dwExitCode = EXIT_CODE_ERROR;
  586. if( lResult == ERROR_ACCESS_DENIED )
  587. {
  588. DisplayErrorMessage( IDS_ACCESS_IS_DENIED );
  589. }
  590. else
  591. {
  592. DisplayErrorMessage(
  593. IDS_REGOPENKEYEX_FAILED,
  594. RegIOVerifyKeyName,
  595. (DWORD)lResult);
  596. }
  597. }
  598. }
  599. else
  600. {
  601. //
  602. // read "I/O System\IoVerifierLevel" value
  603. //
  605. if( ReadRegistryValue( IoKey, RegIOVerifyLevelValueName, &dwCrtSysVerifLevel ) == FALSE )
  606. {
  607. dwExitCode = EXIT_CODE_ERROR;
  608. }
  610. RegCloseKey (IoKey);
  611. }
  612. }
  614. if( dwExitCode != EXIT_CODE_ERROR )
  615. {
  616. if( bMmFlagIsSet &&
  617. ( dwCrtSysVerifLevel == 2 || dwCrtSysVerifLevel == 3 ) )
  618. {
  619. DisplayErrorMessage(
  620. IDS_VERIFIER_ENABLED_FORMAT,
  621. dwCrtSysVerifLevel);
  622. }
  623. else
  624. {
  625. DisplayErrorMessage(
  626. IDS_VERIFIER_NOT_ENABLED_FORMAT );
  627. }
  628. }
  630. exit( dwExitCode );
  631. }
  633. //////////////////////////////////////////////////////////////////////
  634. //////////////////////////////// Local registry manipulation functions
  635. //////////////////////////////////////////////////////////////////////
  637. BOOL
  638. ReadRegistryValue (
  640. HKEY hKey,
  641. LPCTSTR Name,
  642. DWORD * Value)
  643. {
  644. LONG Result;
  645. DWORD Reserved;
  646. DWORD Type;
  647. DWORD Size;
  649. //
  650. // default value
  651. //
  653. *Value = -1;
  655. Size = sizeof( *Value );
  657. Result = RegQueryValueEx (
  658. hKey,
  659. Name,
  660. 0,
  661. &Type,
  662. (LPBYTE)(Value),
  663. &Size);
  665. //
  666. // Deal with a value that is not defined.
  667. //
  669. if (Result == ERROR_FILE_NOT_FOUND)
  670. {
  671. *Value = -1;
  672. return TRUE;
  673. }
  675. if (Result != ERROR_SUCCESS)
  676. {
  677. DisplayErrorMessage (
  678. IDS_REGQUERYVALUEEX_FAILED,
  679. Name,
  680. Result);
  682. return FALSE;
  683. }
  685. if (Type != REG_DWORD)
  686. {
  687. DisplayErrorMessage (
  688. IDS_REGQUERYVALUEEX_UNEXP_TYPE,
  689. Name);
  691. return FALSE;
  692. }
  694. if (Size != sizeof *Value)
  695. {
  696. DisplayErrorMessage (
  697. IDS_REGQUERYVALUEEX_UNEXP_SIZE,
  698. Name);
  700. return FALSE;
  701. }
  703. return TRUE;
  704. }
  708. BOOL
  709. WriteRegistryValue (
  711. HKEY hKey,
  712. LPCTSTR Name,
  713. DWORD Value)
  714. {
  715. LONG Result;
  717. Result = RegSetValueEx (
  718. hKey,
  719. Name,
  720. 0,
  721. REG_DWORD,
  722. (LPBYTE)(&Value),
  723. sizeof Value);
  726. if (Result != ERROR_SUCCESS)
  727. {
  728. DisplayErrorMessage (
  729. IDS_REGSETVALUEEX_FAILED,
  730. Name,
  731. Result);
  733. return FALSE;
  734. }
  736. return TRUE;
  737. }
  740. BOOL
  741. ReadRegistryString (
  743. HKEY hKey,
  744. LPCTSTR Name,
  745. LPTSTR Buffer,
  746. DWORD BufferSize )
  747. {
  748. LONG Result;
  749. DWORD Reserved;
  750. DWORD Type;
  751. DWORD Size;
  753. //
  754. // default value
  755. //
  757. *Buffer = 0;
  759. Size = BufferSize;
  761. Result = RegQueryValueEx (
  762. hKey,
  763. Name,
  764. 0,
  765. &Type,
  766. (LPBYTE)(Buffer),
  767. &Size);
  769. //
  770. // Deal with a value that is not defined.
  771. //
  773. if (Result == ERROR_FILE_NOT_FOUND)
  774. {
  775. *Buffer = 0;
  776. return TRUE;
  777. }
  779. if (Result != ERROR_SUCCESS)
  780. {
  781. DisplayErrorMessage (
  782. IDS_REGQUERYVALUEEX_FAILED,
  783. Name,
  784. Result);
  786. return FALSE;
  787. }
  789. if (Type != REG_SZ)
  790. {
  791. DisplayErrorMessage (
  792. IDS_REGQUERYVALUEEX_UNEXP_TYPE,
  793. Name);
  795. return FALSE;
  796. }
  798. return TRUE;
  799. }
  802. BOOL
  803. WriteRegistryString (
  805. HKEY hKey,
  806. LPCTSTR Name,
  807. LPTSTR Value)
  808. {
  809. LONG Result;
  810. DWORD Reserved;
  811. DWORD Type;
  813. Result = RegSetValueEx (
  815. hKey,
  816. Name,
  817. 0,
  818. REG_SZ,
  819. (LPBYTE)(Value),
  820. (_tcslen (Value) + 1) * sizeof (TCHAR));
  822. if (Result != ERROR_SUCCESS)
  823. {
  824. DisplayErrorMessage (
  825. IDS_REGSETVALUEEX_FAILED,
  826. Name,
  827. Result);
  829. return FALSE;
  830. }
  832. return TRUE;
  833. }
  835. BOOL
  836. IsKernelVerifierEnabled( HKEY MmKey )
  837. {
  838. BOOL bKernelVerified;
  839. int nKernelModuleNameLen;
  840. TCHAR *pstrCrtNameMatch, *pstrSubstring, *pCrtChar;
  841. TCHAR strVrfDriver [VRF_MAX_DRIVER_STRING_LENGTH];
  842. const TCHAR strKernelModuleName[] = _T( "ntoskrnl.exe" );
  844. bKernelVerified = FALSE;
  846. if( ReadRegistryString (MmKey, RegVerifyDriversValueName, strVrfDriver, sizeof( strVrfDriver ) ) )
  847. {
  848. pstrSubstring = _tcsstr( strVrfDriver, strKernelModuleName );
  850. if( pstrSubstring != NULL )
  851. {
  852. //
  853. // the name seems to be already there
  854. //
  856. pCrtChar = strVrfDriver;
  858. while( pCrtChar < pstrSubstring )
  859. {
  860. if( (*pCrtChar) != _T( ' ' ) && (*pCrtChar) != _T( '\t' ) )
  861. {
  862. //
  863. // non-blanc character before the name
  864. //
  866. break;
  867. }
  869. pCrtChar ++;
  870. }
  872. if( pCrtChar >= pstrSubstring )
  873. {
  874. //
  875. // the module name begins as the first non-blanc character
  876. //
  878. nKernelModuleNameLen = _tcsclen( strKernelModuleName );
  880. if( pstrSubstring[ nKernelModuleNameLen ] == (TCHAR)0 ||
  881. pstrSubstring[ nKernelModuleNameLen ] == _T( ' ' ) ||
  882. pstrSubstring[ nKernelModuleNameLen ] == _T( '\t' ) )
  883. {
  884. bKernelVerified = TRUE;
  885. }
  886. }
  887. }
  888. }
  890. return bKernelVerified;
  891. }