Hi ,
I need to read an application’s buffer from a dispatch routine (application process context)
The buffer pointer is given to the driver by a Ioctl METHOD_NEITHER.
What is the right way to validate the pointer and the memory before start reading ?
Is ProbForRead() enough or I have to lock the buffer down completely with MDL and ProbeAndLockPage ?
Would you please advise.
Thanks,
xxxxx@hotmail.com wrote:
I need to read an application’s buffer from a dispatch routine (application process context)
The buffer pointer is given to the driver by a Ioctl METHOD_NEITHER.
How did you end up with METHOD_NEITHER? There are very, very, very few
good use cases for that.
What is the right way to validate the pointer and the memory before start reading ?
Is ProbForRead() enough or I have to lock the buffer down completely with MDL and ProbeAndLockPage ?
If you’re only working in the process context in the ioctl call, then
ProbeForRead in an exception handler is enough. If you need to use the
memory later, then you need to lock and make an MDL.
https://msdn.microsoft.com/en-us/library/windows/hardware/ff565432.aspx
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.
I have to disagree with Tim here, I always lock the pages down, just because
ProbeForRead is ok, there is nothing that says the buffer will be there in
the next millisecond. The right approach is replace the IOCTL with one that
does not use METHOD_NEITHER if you possibly can.
Don Burn
Windows Driver Consulting
Website: http://www.windrvr.com
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Tim Roberts
Sent: Friday, January 23, 2015 4:07 PM
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] Read the user buffer from the driver
xxxxx@hotmail.com wrote:
I need to read an application’s buffer from a dispatch routine
(application process context) The buffer pointer is given to the driver by
a Ioctl METHOD_NEITHER.
How did you end up with METHOD_NEITHER? There are very, very, very few good
use cases for that.
What is the right way to validate the pointer and the memory before start
reading ?
Is ProbForRead() enough or I have to lock the buffer down completely with
MDL and ProbeAndLockPage ?
If you’re only working in the process context in the ioctl call, then
ProbeForRead in an exception handler is enough. If you need to use the
memory later, then you need to lock and make an MDL.
https://msdn.microsoft.com/en-us/library/windows/hardware/ff565432.aspx
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.
NTDEV is sponsored by OSR
Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev
OSR is HIRING!! See http://www.osr.com/careers
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
Thanks Tim and Don for the advise.
I know what I should do now.
Also remember when dealing with shared buffers, you need to explicitly copy any parameters that require validation before you validate them. You cannot trust any value stored in a user-mode buffer to remain constant.
-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@hotmail.com
Sent: Friday, January 23, 2015 2:03 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Read the user buffer from the driver
Thanks Tim and Don for the advise.
I know what I should do now.
NTDEV is sponsored by OSR
Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev
OSR is HIRING!! See http://www.osr.com/careers
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer