Security Issues for Network Drivers (NDIS 5.1)
Note NDIS 5. x has been deprecated and is superseded by NDIS 6. x. For new NDIS driver development, see Network Drivers Starting with Windows Vista. For information about porting NDIS 5. x drivers to NDIS 6. x, see Porting NDIS 5.x Drivers to NDIS 6.0.
For a general discussion on writing secure drivers, see Creating Reliable and Secure Drivers.
In particular, network drivers should do the following to enhance security:
All drivers should validate values that they read from the registry. Specifically, the caller of NdisReadConfiguration or NdisReadNetworkAddress must not make any assumptions about values read from the registry and must validate each registry value that it reads. If the caller of NdisReadConfiguration determines that a value is out of bounds, it should use a default value instead. If the caller of NdisReadNetworkAddress determines that a value is out of bounds, it should use the permanent medium access control (MAC) address or a default address instead.
A miniport driver, in its MiniportSetInformation or MiniportCoRequest functions, should validate any object identifier (OID) value that the driver is requested to set. If the driver determines that the value to be set is out of bounds, it should fail the set request. For more information about object identifiers, see Obtaining and Setting Miniport Driver Information and NDIS Support for WMI.
If an intermediate driver's MiniportSetInformation function does not pass a set operation to an underlying miniport driver, the function should validate the OID value. For more information, see Intermediate Driver Query and Set Operations.