我正在尝试做一些IOCTL（KM到UM通信）

这里的重点是获取进程的基址。

下面是我在驱动程序中的函数:

PVOID ioBuffer = NULL;
PUCHAR UserBuffer;
PIO_STACK_LOCATION io;
io = IoGetCurrentIrpStackLocation(irp);
ULONG inputBufferLength = NULL;
ULONG outputBufferLength = NULL;
ULONG ioControlCode = NULL;
PIO_STACK_LOCATION irpStack;
BASE_ADDRESS2 info = { 0 };
BASE_ADDRESS pOutput = { 0 };
    
irpStack = IoGetCurrentIrpStackLocation(irp);
ioBuffer = (*irp).AssociatedIrp.SystemBuffer;
inputBufferLength = irpStack->Parameters.DeviceIoControl.InputBufferLength;
outputBufferLength = irpStack->Parameters.DeviceIoControl.OutputBufferLength;
    
if (inputBufferLength >= sizeof(BASE_ADDRESS2) &&
outputBufferLength >= sizeof(PBASE_ADDRESS) && ioBuffer) {
irp->IoStatus.Status = GetModuleBaseAddress((PBASE_ADDRESS)ioBuffer, &pOutput);
memcpy(ioBuffer, &pOutput, sizeof(pOutput));
irp->IoStatus.Information = sizeof(pOutput);
DbgPrintEx(0, 0, "pOutput.baseaddress :%p\n", pOutput.baseAddress);
DbgPrintEx(0, 0, "IoStatus.Information :%p\n", irp->IoStatus.Information);
IoCompleteRequest(irp, IO_NO_INCREMENT);
return STATUS_SUCCESS;
}

但是，当我将这个值返回给UM应用程序时，我的输出是0:

    typedef struct _BASEADDRESS
        {
            ULONGLONG baseAddress;
        } BASE_ADDRESS, * PBASE_ADDRESS;
    
        typedef struct _BASEADDRESS2
        {
            LONG pid;
        } BASE_ADDRESS2, * PBASE_ADDRESS2;


        DWORD bytes = 0;
        HANDLE DriverHdl;
        BASE_ADDRESS2 info = { 0 };
        BASE_ADDRESS pResult = { 0 };
        info.pid = pID;
        HANDLE hDevice = INVALID_HANDLE_VALUE;
        hDevice = CreateFileW(DRIVER_NAME, 0, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL);
        if (!hDevice)
            return 0;

        if (DeviceIoControl(hDevice, IOCTL_BASEADDR, &info, sizeof(info), &pResult, sizeof(pResult), &bytes, nullptr))
            printf("%08p", pResult.baseAddress);
        return pResult.baseAddress;

这里，pResult总是0。

知道我做错了什么吗？ 老实说，对C语言有点陌生。