Question on banned API as per Microsoft SDL

NTDEV
1

Hi Guys,

Kernel call RtlCopyMemory() listed as banned API as per security
development cycle and does not have strsafe replacement. I see writing a
new routine is other option, but there is a little hesitation from team to
write own replacement and OK to live with it(as code review & verifier does
not complain). Is there any better way to deal with this?

Thanks,
Suresh

2

Can somebody really understand why this call is unsafe? and how can one live without this call?
“Suresh Chepuri” wrote in message news:xxxxx@ntdev…
Hi Guys,

Kernel call RtlCopyMemory() listed as banned API as per security development cycle and does not have strsafe replacement. I see writing a new routine is other option, but there is a little hesitation from team to write own replacement and OK to live with it(as code review & verifier does not complain). Is there any better way to deal with this?

Thanks,
Suresh

3

If we are going to be asking SDL questions, then why is it the RtlInitAnsiString, RtlInitString, and RtlInitUnicodeString are still allowed, they all do the equivalent of a strlen (definitely considered unsafe). There are better ways of doing this for a constant string, and it is not safe for a variable.

Don Burn
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Maxim S. Shatskih
Sent: Tuesday, October 21, 2014 11:10 AM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] Question on banned API as per Microsoft SDL

Can somebody really understand why this call is unsafe? and how can one live without this call?

“Suresh Chepuri” wrote in message news:xxxxx@ntdev…

Hi Guys,

Kernel call RtlCopyMemory() listed as banned API as per security development cycle and does not have strsafe replacement. I see writing a new routine is other option, but there is a little hesitation from team to write own replacement and OK to live with it(as code review & verifier does not complain). Is there any better way to deal with this?

Thanks,
Suresh


NTDEV is sponsored by OSR

Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev

OSR is HIRING!! See http://www.osr.com/careers

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

4

Suresh Chepuri wrote:

Kernel call RtlCopyMemory() listed as banned API as per security
development cycle and does not have strsafe replacement. I see writing
a new routine is other option, but there is a little hesitation from
team to write own replacement and OK to live with it(as code review &
verifier does not complain). Is there any better way to deal with this?

The key is just to make sure in code review that the destination buffer
has enough room. This is way easier than with strcpy, in which the
length of the copy is not known until run-time.

I believe the static code analysis in VS will catch this, if possible.


Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.

5

got it, thanks!!

On Tue, Oct 21, 2014 at 9:56 PM, Tim Roberts wrote:

> Suresh Chepuri wrote:
>
>
> Kernel call RtlCopyMemory() listed as banned API as per security
> development cycle and does not have strsafe replacement. I see writing a
> new routine is other option, but there is a little hesitation from team to
> write own replacement and OK to live with it(as code review & verifier does
> not complain). Is there any better way to deal with this?
>
>
> The key is just to make sure in code review that the destination buffer
> has enough room. This is way easier than with strcpy, in which the length
> of the copy is not known until run-time.
>
> I believe the static code analysis in VS will catch this, if possible.
>
> –
> Tim Roberts, xxxxx@probo.com
> Providenza & Boekelheide, Inc.
>
>
> —
> NTDEV is sponsored by OSR
>
> Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev
>
> OSR is HIRING!! See http://www.osr.com/careers
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>