I am developing a simple device driver for study. With a lot of testing, I am creating so many errors which finally leads my computer to blue screen. I am sure that the reason for this is memory crash. So now I want to check if my code can access to Kernel memory before going further.
My question is what function can check whether it is accessible or not in kernel memory. For instance, there is a pointer structure with two fields and I want to access the first field which is also a pointer but do now know whether it really has an accessible value or just trash value.
In this given context, I need to check it out to make sure that I am not getting blue screen.
Thanks in advance!
There’s no equivalent for kernel memory, it’s at the code’s responsibility to ensure the desired addresses are valid and will be valid during access. If you get a user-space address – you can and you must use
ProbeForWrite, but these are only for user-space buffer. Either of the two
ProbeForXxx functions will just raise an exception when called with kernel memory address. try-except handlers won’t help when accessing invalid kernel memory – Windows will simply bug check (crash) with
For instance, there is a pointer structure with two fields and I want
to access the first field which is also a pointer but do now know
whether it really has an accessible value or just trash value.
Where did you get this pointer from? Who filled this structure? You must not check, you must know at beginning that this pointer is valid and the context of this structure will be valid during the time you use it, otherwise your code is already wrong and buggy.
Answered By – RbMm