Hello,
Lately I encounter next problem with the
function(ObReferenceObjectByHandle):
When the function being called with invalid handle( my driver hooks certain
system API and works with intercepted handles - handle may be invalid, it’s
not in my hands ), verifier trigger BSOD with
appropriate error - since I can’t enforce OS to always pass down only valid
handles, how I can
disable verifier checks on this particular function?
Handles validation not an option because of performance and other issues( a
process(handle owner) may be terminated right after I validated a handle,
etc. ).
Thanks,
A.
Express yourself instantly with MSN Messenger! Download today it’s FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
Alex Korthny wrote:
Hello,
Lately I encounter next problem with the
function(ObReferenceObjectByHandle):
When the function being called with invalid handle( my driver hooks
certain system API and works with intercepted handles - handle may be
invalid, it’s not in my hands ), verifier trigger BSOD with
appropriate error - since I can’t enforce OS to always pass down only
valid handles, how I can
disable verifier checks on this particular function?
Why would you want to disable the verifier? This is a bug. If the
verifier didn’t catch it, you’d just screw up some operating system
table, causing bugs that are much harder to find.
Handles validation not an option because of performance and other
issues( a process(handle owner) may be terminated right after I
validated a handle, etc. ).
You are grabbing these handle in some API hook, and then using them
later in some asynchronous process, right? You have some guarantee that
the handle cannot evaporate until the API returns. Why don’t you call
ObReferenceObjectByHandle during the API hook? Once you have declared a
reference to it, the handle cannot be deleted, even if the process
terminates.
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.
the handle can be deleted - the object can’t.
-p
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Tim Roberts
Sent: Friday, April 29, 2005 11:56 AM
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] Question about ObReferenceObjectByHandle
under verifier(Win2k3 and WinXP case )
Alex Korthny wrote:
> Hello,
>
> Lately I encounter next problem with the
> function(ObReferenceObjectByHandle):
>
> When the function being called with invalid handle( my driver hooks
> certain system API and works with intercepted handles -
handle may be
> invalid, it’s not in my hands ), verifier trigger BSOD with
> appropriate error - since I can’t enforce OS to always pass
down only
> valid handles, how I can disable verifier checks on this particular
> function?
Why would you want to disable the verifier? This is a bug.
If the verifier didn’t catch it, you’d just screw up some
operating system table, causing bugs that are much harder to find.
> Handles validation not an option because of performance and other
> issues( a process(handle owner) may be terminated right after I
> validated a handle, etc. ).
You are grabbing these handle in some API hook, and then
using them later in some asynchronous process, right? You
have some guarantee that the handle cannot evaporate until
the API returns. Why don’t you call
ObReferenceObjectByHandle during the API hook? Once you have
declared a reference to it, the handle cannot be deleted,
even if the process terminates.
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as:
xxxxx@windows.microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com