Secure Copy for Windows Embedded CE 6.0 Driver Migration

1/6/2010

Performing a secure copy of input parameters is one of the best practices for developing a device driver for Windows Embedded CE. It is not necessarily safe for a driver to access the buffer of a caller. It is possible that the caller may be malicious, or even written poorly. The solution to these data integrity problems is to perform a secure copy. If a driver must access the buffer of a caller asynchronously, it must call the CeAllocAsynchronousBuffer and CeFreeAsynchronousBuffer functions. This eliminates the need to perform an additional parameter copy. If a driver is accessing parameters synchronously, you should use the CeAllocDuplicateBuffer and CeFreeDuplicateBuffer secure copy helper functions to copy the buffer of the caller.

If you are handling embedded pointers and calling the CeOpenCallerBuffer function for access checking, set the ForceDuplicate parameter to TRUE to obtain a local copy of the buffer of the caller. This allows you to avoid an additional function call to CeAllocDuplicateBuffer. The local buffer is then freed upon calling CeCloseCallerBuffer.

See Also

Other Resources

Migrating a Windows Embedded CE Driver to Windows Embedded CE 6.0