Edit

Share via

DDI usage rule set (WDM)

  • Article

Use these rules to verify that your driver correctly uses WDM DDIs correctly.

In this section

Topic Description

DebugBreakUsage

The DebugBreakUsage rule specifies that the driver must not call DbgBreakPoint or DbgBreakPointWithStatus. This rule only applies when you are building a non-debug version of the driver.

DoubleFetch

The DoubleFetch rule checks for double fetch from user mode memory pointers. Double kernel mode accesses of user mode memory can lead to a race condition security issue. When accessing user mode data, kernel mode code needs to make a copy of the user mode data locally and avoid accessing the user mode data multiple times. Failing to do so results in a type of problem known as a “double fetch”, where the data may change after it was first accessed.

NullCheck

The NullCheck rule verifies that a NULL value inside the driver code is not dereferenced later in the driver. This rule reports a defect if either of these conditions is true:

  • There is an assignment of NULL that is dereferenced later.
  • There is a global/parameter to a procedure in a driver that may be NULL that is dereferenced later, and there is an explicit check in the driver that suggests that the initial value of the pointer may be NULL.

With NullCheck rule violations, the most relevant code statements are highlighted in the trace tree pane. For more information about working with report output, see Static Driver Verifier Report and Understanding the Trace Viewer.

SafeStrings

The SafeStrings rule specifies that the driver calls only those string manipulations functions that protect the system from unintentional or malicious intrusion. These safe string functions for drivers are defined in Ntstrsafe.h.

ObsoleteDDIs

The ObsoleteDDIs rule specifies that drivers should not call FsRtlPrivateLock. This function is obsolete. Use FsRtlFastLock instead.

To select the DDI usage rule set

  1. Select your driver project (.vcxProj) in Microsoft Visual Studio. From the Driver menu, click Launch Static Driver Verifier….

  2. Click the Rules tab. Under Rule Sets, select DDIUsage.

    To select the default rule set from a Visual Studio developer command prompt window, specify DDIUsage.sdv with the /check option. For example:

    msbuild /t:sdv /p:Inputs="/check:DDIUsage.sdv" mydriver.VcxProj /p:Configuration="Win8 Release" /p:Platform=Win32

    For more information, see Using Static Driver Verifier to Find Defects in Drivers and Static Driver Verifier commands (MSBuild).