Coding Secure Drivers
In the next few pages, I'll cover some common coding problems I've encountered that might lead to security issues within drivers. If you're not a developer writing your own drivers, you'll want to skip to the section "Driver Signing."
Note
There is some excellent documentation in the DDK concerning common coding errors. I highly recommend that you carefully look this over if you are a driver developer.
Checking Your Buffer Lengths
By far, the most common driver issues concern missing buffer length checks. Missing length checks can lead to famous (and deadly) buffer overruns and/or information leakage. Both are very serious security concerns—when writing anything (especially drivers and services), make sure you check all ...
Get Microsoft® Windows® 2000 Security Handbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
