Using ntintsafe.h is a great idea, but I don’t know how readable the results are

The addition of ntintsafe.h for detecting integer overflow/underflow is a great addition to the WDK. It unifies how everyone detects these math errors, leading to common code that anyone can pickup and see what it does…BUT, I have found it does have a “tax.” What is actually being computed can be become unclear! For instance,…

13

Apple’s Secure Coding Guide

While I don’t write apps or drivers for the Macintosh, some of you out there probably do.  If you have not already seen it, they posted a Secure Coding Guide (PDF) which is focused on OS X, but has generic recommendations as well.  I just started reading it, so I don’t have much of an…

1

Not a big fan of #ifdef or #ifndef

I am not a big fan of the C/C++ preprocessor directives #ifdef or #ifndef. I am not denying that they certainly have their place and usage in the language. I’ll first write about where I think they are useful and then about the situations where I feel they are not. #ifndef is very useful for…

12

How to break in at the call site that invokes the break point

I think everyone at some point in time wants to embed a break point in there code, whether it be for debugging purposes, path tracing, or detecting edge conditions that have not yet been tested. When I hit a break point, I would prefer that the debugger break in at the call frame which needs…

8

Avoiding #defines for constant data and using enums instead

I think that the C preprocessor is a very powerful tool, but I like to limit my use of #defines. I have already touched on this when i talked about why I liked FORCEINLINE and I want to talk about it some more. I realize I can’t eliminate the use of #defines throughout all of…

27

When is string constant not really constant?

While this is not necessarily specific to a driver, the affects can be, so read on.  A string constant (e.g. “Foo”) all by itself is harmless, but if you use the string constant when initializing a variable, it depends on how you declar the variable and then use it.  If you intialize the variable this…


I like FORCEINLINE

For kernel mode code, if I have choice between using a #define or a FORCEINLINE function, the FORCEINLINE function wins every time.  #defines have their place, especially for quotifying (the # operator) or concatenating (the ## operator), but they have no place in my heart for constants or pseudo functions. FORCEINLINEs have type checking.  On…

14