ZwRegistryOpen rule (wdm)
The ZwRegistryOpen rule specifies that after calling ZwOpenKey, the driver calls the following registry functions only while holding an open handle to a registry key (that is, before calling ZwClose or ZwDeleteKey):
This rule also specifies that the driver must not call ZwOpenKey if it is already holding an open handle to that registry key.
Finally, this rule specifies that the driver must not return from the dispatch routine or cancel routine while holding an open handle to a registry key.
How to test
|At compile time|
Run Static Driver Verifier and specify the ZwRegistryOpen rule.Use the following steps to run an analysis of your code:
For more information, see Using Static Driver Verifier to Find Defects in Drivers.