August 2000
Intermediate to advanced
800 pages
21h 5m
English
Content preview from Microsoft® Windows® 2000 Security Handbook
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Coding Secure Drivers
In the next few pages, I'll cover some common coding problems I've encountered that might lead to security issues within drivers. If you're not a developer writing your own drivers, you'll want to skip to the section "Driver Signing."
Note
There is some excellent documentation in the DDK concerning common coding errors. I highly recommend that you carefully look this over if you are a driver developer.
Checking Your Buffer Lengths
By far, the most common driver issues concern missing buffer length checks. Missing length checks can lead to famous (and deadly) buffer overruns and/or information leakage. Both are very serious security concerns—when writing anything (especially drivers and services), make sure you check all ...