Coding Secure Drivers

In the next few pages, I'll cover some common coding problems I've encountered that might lead to security issues within drivers. If you're not a developer writing your own drivers, you'll want to skip to the section "Driver Signing."

Note

There is some excellent documentation in the DDK concerning common coding errors. I highly recommend that you carefully look this over if you are a driver developer.

Checking Your Buffer Lengths

By far, the most common driver issues concern missing buffer length checks. Missing length checks can lead to famous (and deadly) buffer overruns and/or information leakage. Both are very serious security concerns—when writing anything (especially drivers and services), make sure you check all ...

Get Microsoft® Windows® 2000 Security Handbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.