Can a driver compiled with this option (default for 2003 SP1 DDK) ran on
W2k or XP?
What are the criteria for the compiler to add the check code to a
function?
What does happen if the check fails? A bug check?
The latest WinDbg help doesn’t have anything on that, the latest (WinHec) DDK
has very little in
the release notes.
Dmitriy Budko VMware
Hi, sorry i won’t reply to your question because i don’t know the answer
but …
I think it’s a very very bad thing if developpers abuse of such
functionnality because error/user input checking is not correct.
/GS compiler option does not protect from buffer overflow, it just add
another little difficulty to buffer overflow exploitation.
If someone want to exploit a buffer overflow in a program compiled with
/GS flag, he will do it.
Maybe wide-spreading worms won’t be able to do that but it’s just a dream.
One thing is sure, in kernel mode (driver), all user input buffer *must*
be checked.
People start to use try/catch whenever they want. But that’s just
lazyness 
Well i’m not talking about accessing dangerous page like in case of
IOCTL not buffered by windows I/O manager …
bye
– nico
p.s: sorry for my bad english
Dmitriy Budko wrote:
Can a driver compiled with this option (default for 2003 SP1 DDK) ran on
W2k or XP?What are the criteria for the compiler to add the check code to a
function?What does happen if the check fails? A bug check?
The latest WinDbg help doesn’t have anything on that, the latest (WinHec) DDK
has very little in
the release notes.Dmitriy Budko VMware