SKETCH OF HOW RESEARCH MIGHT CONTINUE AND RESULTS BE PRESENTED

OB_PARSE_METHOD

The OB_PARSE_METHOD type is a pointer to a routine that can be defined for all objects of the same type. It is specified as the ParseProcedure member of the OBJECT_TYPE_INITIALIZER structure when creating the object type. It is then retained in this structure as nested into the OBJECT_TYPE structure.

Declaration 

typedef 
NTSTATUS 
(*OB_PARSE_METHOD) (
    PVOID ParseObject, 
    PVOID ObjectType, 
    ACCESS_STATE *AccessState, 
    KPROCESSOR_MODE AccessMode, 
    ULONG Attributes, 
    UNICODE_STRING *CompleteName, 
    UNICODE_STRING *RemainingName, 
    PVOID Context, 
    SECURITY_QUALITY_OF_SERVICE *SecurityQos, 
    PVOID *Object);

This page was created on 22nd June 2020 but was not published until 31st August 2022.

Copyright © 2022. Geoff Chappell. All rights reserved. Conditions apply.