SafeStrings rule (wdm)
The SafeStrings rule specifies that the driver calls only those string manipulations functions that protect the system from unintentional or malicious intrusion. These safe string functions for drivers are defined in Ntstrsafe.h.
To comply with this rule, use the string functions that are considered to be safe for kernel-mode drivers. The safe string functions and the unsafe functions that they replace are listed in Using Safe String Functions. There are two sets of safe string functions. One set of safe string functions are for use in kernel-mode code (defined in the Ntstrsafe.h). The other set of safe string functions are for use in user-mode applications, and they are defined in Strsafe.h.
If a kernel-mode driver uses the user-mode safe string functions, the driver violates this rule.
Driver model: WDM
How to test
At compile time |
---|
Run Static Driver Verifier and specify the SafeStrings rule. Use the following steps to run an analysis of your code:
For more information, see Using Static Driver Verifier to Find Defects in Drivers. |