How to identify whether a function pointer is valid?

NTDEV
1

My USB driver sends Irp to query USB_BUS_INTERFACE_USBDI_V1
from bus driver. It returns STATUS_SUCCESS and fills the structure.
I use USB_BUS_INTERFACE_USBDI_V1.IsDeviceHighSpeed() to query
the device running speed mode.
However, the IsDeviceHighSpeed() function pointer is invalid and not NULL.
The system crashes immediately after the driver call the function pointer.
The USB EHCI driver is 3rd party driver. I’m not surprised.
I want to know how the kernel driver to identify whether the function
pointer
is valid before it calls the function pointer.
Or how the kernel driver handle this kind of case.

Best Regards
Jack Huang

2

No, there is no way to check. You have to get a bug fix from the bus driver vendor.

d

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Jack Huang
Sent: Monday, October 15, 2007 9:22 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] How to identify whether a function pointer is valid?

My USB driver sends Irp to query USB_BUS_INTERFACE_USBDI_V1
from bus driver. It returns STATUS_SUCCESS and fills the structure.
I use USB_BUS_INTERFACE_USBDI_V1.IsDeviceHighSpeed() to query
the device running speed mode.
However, the IsDeviceHighSpeed() function pointer is invalid and not NULL.
The system crashes immediately after the driver call the function pointer.
The USB EHCI driver is 3rd party driver. I’m not surprised.
I want to know how the kernel driver to identify whether the function
pointer
is valid before it calls the function pointer.
Or how the kernel driver handle this kind of case.

Best Regards
Jack Huang

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

3

There is no function to determine whether a pointer is valid. The lower driver is doing something patently invalid by providing you with a bad pointer in the interface structure.

What values is the lower driver providing for Size & Version in the structure? Is the driver perhaps providing sizeof(USB_BUS_INTERFACE_USBDI_V0) or USB_BUSIF_USBDI_VERSION_0? If so you could use that to detect this case. But there’s not a function you can call to determine whether the pointer they gave you was valid. And since they’re giving you back trash, there’s also no guarantee that it would be valid code, that it would be the right function, or that it would remain valid for any period of time (it could be a pointer to another driver’s pool allocation)

-p

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Jack Huang
Sent: Monday, October 15, 2007 9:22 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] How to identify whether a function pointer is valid?

My USB driver sends Irp to query USB_BUS_INTERFACE_USBDI_V1
from bus driver. It returns STATUS_SUCCESS and fills the structure.
I use USB_BUS_INTERFACE_USBDI_V1.IsDeviceHighSpeed() to query
the device running speed mode.
However, the IsDeviceHighSpeed() function pointer is invalid and not NULL.
The system crashes immediately after the driver call the function pointer.
The USB EHCI driver is 3rd party driver. I’m not surprised.
I want to know how the kernel driver to identify whether the function
pointer
is valid before it calls the function pointer.
Or how the kernel driver handle this kind of case.

Best Regards
Jack Huang

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

4

Perhaps the bus driver is not setting the value at all…do you zero out the interface structure before sending the query interface?

d

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Peter Wieland
Sent: Monday, October 15, 2007 9:31 AM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] How to identify whether a function pointer is valid?

There is no function to determine whether a pointer is valid. The lower driver is doing something patently invalid by providing you with a bad pointer in the interface structure.

What values is the lower driver providing for Size & Version in the structure? Is the driver perhaps providing sizeof(USB_BUS_INTERFACE_USBDI_V0) or USB_BUSIF_USBDI_VERSION_0? If so you could use that to detect this case. But there’s not a function you can call to determine whether the pointer they gave you was valid. And since they’re giving you back trash, there’s also no guarantee that it would be valid code, that it would be the right function, or that it would remain valid for any period of time (it could be a pointer to another driver’s pool allocation)

-p

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Jack Huang
Sent: Monday, October 15, 2007 9:22 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] How to identify whether a function pointer is valid?

My USB driver sends Irp to query USB_BUS_INTERFACE_USBDI_V1
from bus driver. It returns STATUS_SUCCESS and fills the structure.
I use USB_BUS_INTERFACE_USBDI_V1.IsDeviceHighSpeed() to query
the device running speed mode.
However, the IsDeviceHighSpeed() function pointer is invalid and not NULL.
The system crashes immediately after the driver call the function pointer.
The USB EHCI driver is 3rd party driver. I’m not surprised.
I want to know how the kernel driver to identify whether the function
pointer
is valid before it calls the function pointer.
Or how the kernel driver handle this kind of case.

Best Regards
Jack Huang

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

5

My driver runs on WinME x86 platform.
I didn’t clear USB_BUS_INTERFACE_USBDI_V1 structure.
The function pointer value is filled by the bus driver.
I will zero the structure and check the return version number again.
Thanks for all suggestions.

“Doron Holan”
Perhaps the bus driver is not setting the value at all…do you zero out
the interface structure before sending the query interface?

d

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Peter Wieland
Sent: Monday, October 15, 2007 9:31 AM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] How to identify whether a function pointer is valid?

There is no function to determine whether a pointer is valid. The lower
driver is doing something patently invalid by providing you with a bad
pointer in the interface structure.

What values is the lower driver providing for Size & Version in the
structure? Is the driver perhaps providing
sizeof(USB_BUS_INTERFACE_USBDI_V0) or USB_BUSIF_USBDI_VERSION_0? If so you
could use that to detect this case. But there’s not a function you can call
to determine whether the pointer they gave you was valid. And since they’re
giving you back trash, there’s also no guarantee that it would be valid
code, that it would be the right function, or that it would remain valid for
any period of time (it could be a pointer to another driver’s pool
allocation)

-p