Jump to content











Photo
- - - - -

Compilation warning: newer DDK?

msbuild imdisk.cpp

  • Please log in to reply
1 reply to this topic

#1 mycall0

mycall0
  • Members
  • 1 posts
  •  
    United States

Posted 09 November 2016 - 12:08 AM

I got the following warning when compiling using Win 7.1 DDK.  Is this a security vulnerability?

 

338        if (NT_SUCCESS(status))
339        {
340            status = RtlCreateSecurityDescriptor(
341                event_security_descriptor,
342                SECURITY_DESCRIPTOR_REVISION);
343        }
344    
345        if (NT_SUCCESS(status))
346        {
347    #pragma warning(suppress: 6248)
--------------------------------------------------------------------------------
 PREfast analysis path begins  
 
 
348            status = RtlSetDaclSecurityDescriptor(  
   
         imdisk.cpp(348) : warning 6248: Setting a SECURITY_DESCRIPTOR's DACL to NULL will result in an unprotected object
Found in function 'DriverEntry'
348  
--------------------------------------------------------------------------------
 349                event_security_descriptor,
350                TRUE,
351                NULL,
352                FALSE);
353        }
354    
 
 
Also, has anyone tried recompiling to use Win10 SDK?  I started to reimport everything into a VS2015 solution/project scope.  I have most things compiling, although I'm getting an error with stdio.h
 
#error: Macro definition of vsnprintf conflicts with Standard Library function declaration.  
 
Does this mean stdio.h is broken in Windows 10 SDK?

Edited by mycall0, 09 November 2016 - 12:09 AM.


#2 Olof Lagerkvist

Olof Lagerkvist

    Gold Member

  • Developer
  • 1334 posts
  • Location:Borås, Sweden
  •  
    Sweden

Posted 09 November 2016 - 02:05 PM

Re: the warning, no. It is just a warning to let you know that the resulting DACL is NULL and will therefore not give the associated object any ACL protection. Therefore, it is important that the driver that owns the associated object performs necessary access checks by other means. In this case the empty ACL is used for an event object and it means that unprivileged processes can wait for the refresh event, which is fired when virtual disks are created or removed. That is a safe thing to allow them to do, so you can ignore the warning. The #pragma warning suppress around there should have worked, but I have seen a few cases where they are difficult to get in the right place.

 

Re: Building with WDK 10, this is a somewhat complicated matter because the underlying MSVC compiler got several breaking changes in that version. It would require some work to fix all of that and I have not yet had time to do that. You could try to build with WDK 8.1 and Visual Studio though, that should work at least better. (There could still be warnings etc, but it is a lot less complicated compared to WDK 10.) There are solution and project files in the source archive that I have at least tried a few times with WDK 8.1 and Visual Studio.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users