Why you want to use POBJECT_TYPEs when converting handles to objects

This post concludes my trilogy (see parts 1 and 2) on PBOJECT_TYPE (although I do reserve the right to pull a George Lucas and add more episodes later 🙂 ). Today we shall cover why passing the PBOJECT_TYPE to ObReferenceObjectByHandle, ObReferenceObjectByPointer, or ObOpenObjectByPointer is important. Let’s take the following snippet NTSTATUS status; PKEVENT pEvent; status…

0

When is string constant not really constant?

While this is not necessarily specific to a driver, the affects can be, so read on.  A string constant (e.g. “Foo”) all by itself is harmless, but if you use the string constant when initializing a variable, it depends on how you declar the variable and then use it.  If you intialize the variable this…

0

Where are the WDF files in the WDK?

The WDF (both UMDF and KMDF) files in the WDK are not found in a single directory, rather they are spread out across the entire WDK directory tree. Why? Because the WDK is not just WDF J and the WDK has directories for different purposes, so replicating a specifically purposed directory (like redistributables) under a…

0

Annotation (SAL) of the day: __reserved

I just stumbled across the __reserved (as in reserved for future or system use) annotation today.  Unlike the __fallthrough annotation (which I wrote about before because I liked the standardized way of conveying its meaning) __reserved will actually affect how PreFAST evaluates your code, or in this case, how it evaluates the function your code is calling.  __reserved enforces…

0

Better control over /GS stack checking in your driver

Michael Howard has a great posting on improvements made in the compiler with respect to the /GS flag (stack checking using a “canary” on function exit). Before these changes, #pragmas to explicitly turn the functionality on or off, the compiler itself decided where it was appropriate to add the stack checks based on internal heuristics….

0