How to Disable Driver Verifier For a Problem With Particular Api   

Hi All,

I was wondering if it is possible to disable Driver Verifier for the
bugcheck it is causing for particular api
( ObReferenceObjectByHandle ).


I am getting bugcheck 0xC4 and further it is complaining about
invalid
handle being passed to this API.


I know that the handle I am passing it may not be right since my
driver is doing some handle analysis for all the handles  for this
process
and in that case I am expecting it to return NULL. But due to this
reason I cannot enable verifier on my driver.


Please let me know about any possible solution.

Thanks,
Rajesh

date: 24 Feb 2007 20:30:38 -0800   author:   Raj

Re: How to Disable Driver Verifier For a Problem With Particular Api   

On Feb 24, 8:30 pm, "Raj"  wrote:
> Hi All,
>
> I was wondering if it is possible to disable Driver Verifier for the
> bugcheck it is causing for particular api
> ( ObReferenceObjectByHandle ).
>
> I am getting bugcheck 0xC4 and further it is complaining about
> invalid
> handle being passed to this API.
>
> I know that the handle I am passing it may not be right since my
> driver is doing some handle analysis for all the handles  for this
> process
> and in that case I am expecting it to return NULL. But due to this
> reason I cannot enable verifier on my driver.
>
> Please let me know about any possible solution.
>
> Thanks,
> Rajesh

I have found my own answer and will publish it for some one who might
be interested.

One can use MmGetSystemRoutineAddress to get the address of the api
and then call the api by this function address to fool the verifier.

But remain cautioned that you know what you are doing and be very
certain that you donot want verifier to verify this particular api
call.

date: 26 Feb 2007 10:53:47 -0800   author:   Raj

Re: How to Disable Driver Verifier For a Problem With Particular Api   

Hi Raj,

It sounds like your driver calls ObReferenceObjectByHandle (KernelMode) for 
an in valid user handle. I recommend searching for OBJ_KERNEL_HANDLE on 
http://search.microsoft.com and reading carefully about the risks of such 
coding pattern. For example, 
http://www.microsoft.com/whdc/Driver/tips/SafeHandle.mspx has some useful 
information, to start with. As a rule of thumb, your driver should *always* 
use UserMode when trying to reference a user handle (i.e. a handle that an 
application can close).

Please note that the MmGetSystemRoutineAddress trick you mentioned won't 
work anymore on newer OS versions (e.g. on Windows Vista).

Dan

-- 
This posting is provided "AS IS" with no warranties, and confers no rights.


"Raj"  wrote in message 
news:1172516027.080274.131580@h3g2000cwc.googlegroups.com...
> On Feb 24, 8:30 pm, "Raj"  wrote:
>> Hi All,
>>
>> I was wondering if it is possible to disable Driver Verifier for the
>> bugcheck it is causing for particular api
>> ( ObReferenceObjectByHandle ).
>>
>> I am getting bugcheck 0xC4 and further it is complaining about
>> invalid
>> handle being passed to this API.
>>
>> I know that the handle I am passing it may not be right since my
>> driver is doing some handle analysis for all the handles  for this
>> process
>> and in that case I am expecting it to return NULL. But due to this
>> reason I cannot enable verifier on my driver.
>>
>> Please let me know about any possible solution.
>>
>> Thanks,
>> Rajesh
>
> I have found my own answer and will publish it for some one who might
> be interested.
>
> One can use MmGetSystemRoutineAddress to get the address of the api
> and then call the api by this function address to fool the verifier.
>
> But remain cautioned that you know what you are doing and be very
> certain that you donot want verifier to verify this particular api
> call.
>

date: Mon, 26 Feb 2007 11:15:12 -0800   author:   Dan Mihai [MSFT]