[ros-dev] Strategy for invalid parameters
M Bealby
mbealby at gmail.com
Mon Jan 9 20:00:16 CET 2006
I was just taking a look at some ReactOS code this evening and it got
me thinking about what our general strategy for handling invalid
parameters is.
For example, in kernel32.dll there is a function DebugBreakProcess.
This function takes one parameter, a process handle.
This parameter is passed through the following list of functions
unchecked by any of them, until the final one will return a failure...
DebugBreakProcess
DbgUiIssueRemoteBreakIn
RtlCreateUserThread
RtlpCreateUserStack
ZwAllocateVirtualMemory
ObReferenceObjectByHandle
Now I know this isn't a security vulnerability, which is what I was
originally looking for, but it did make me think of the question of
where should bounds checking be added?
In this example, the process handle must be a value greater than zero.
Should this simple check be added to DebugBreakProcess, or all of the
above? Is there some sort of standard that everyone should work to?
e.g. should all functions check their own parameters. Sure it might
make it a little slower due to multiple checks but it would make
ReactOS very robust.
Any thoughts on this?
Martin
PS: Lack of activity recently had been due to uni. exams.
More information about the Ros-dev
mailing list