Re: Question about ObReferenceObjectByHandle under verifier

Thank you for the response,

Unfortunately, your assumption regarding future usage of the a handle is not
correct, I never had any intention to do so - whatever check I must do, I do
in context of the hook. In addition, I can agree that passing *my own*
invalid handle to ObReferenceObjectByHandle can be bug, althrough , if it’s
bug, why DDK help for the function hints that this function *can* handle it
and return suitable error code?

In my case I have a handle that was created( or not ) by other software
component.
I believe that for such cases it’s best to have verifier check disabled or
,at least, configured as “warning” only( i.e. without BSOD ). The question -
how to do it? I do not want to turn down whole verifier validation process,
I also dislike inserting code that will check for verifier presense and
alter code execution path - it’s bad practice…

Thanks,
Alex.

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Tim Roberts
Sent: Friday, April 29, 2005 11:56 AM
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] Question about ObReferenceObjectByHandle under
verifier(Win2k3 and WinXP case )

Alex Korthny wrote:

> Hello,
>
> Lately I encounter next problem with the
> function(ObReferenceObjectByHandle):
>
> When the function being called with invalid handle( my driver hooks >
certain system API and works with intercepted handles - handle may be >
invalid, it’s not in my hands ), verifier trigger BSOD with > appropriate
error - since I can’t enforce OS to always pass down only > valid handles,
how I can disable verifier checks on this particular > function?

Why would you want to disable the verifier? This is a bug. If the
verifier didn’t catch it, you’d just screw up some operating system table,
causing bugs that are much harder to find.

> Handles validation not an option because of performance and other >
issues( a process(handle owner) may be terminated right after I > validated
a handle, etc. ).

You are grabbing these handle in some API hook, and then using them later
in some asynchronous process, right? You have some guarantee that the
handle cannot evaporate until the API returns. Why don’t you call
ObReferenceObjectByHandle during the API hook? Once you have declared a
reference to it, the handle cannot be deleted, even if the process
terminates.


Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.


Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

You are currently subscribed to ntdev as: xxxxx@windows.microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com


Express yourself instantly with MSN Messenger! Download today it’s FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/