Bug Check 0xF7: DRIVER_OVERRAN_STACK_BUFFER
TOC
Collapse the table of content
Expand the table of content

Bug Check 0xF7: DRIVER_OVERRAN_STACK_BUFFER

The DRIVER_OVERRAN_STACK_BUFFER bug check has a value of 0x000000F7. This indicates that a driver has overrun a stack-based buffer.

Important This topic is for programmers. If you are a customer who has received a blue screen error code while using your computer, see Troubleshoot blue screen errors.

DRIVER_OVERRAN_STACK_BUFFER Parameters

The following parameters are displayed on the blue screen.

ParameterDescription

1

The actual security check cookie from the stack

2

The expected security check cookie

3

The bit-complement of the expected security check cookie

4

0

 

Cause

A driver overran a stack-based buffer (or local variable) in a way that would have overwritten the function's return address and jumped back to an arbitrary address when the function returned.

This is the classic "buffer overrun" hacking attack. The system has been brought down to prevent a malicious user from gaining complete control of it.

Resolution

Use the kb (Display Stack Backtrace) command to get a stack trace.

The last routine on the stack before the buffer overrun handlers and bug check call is the one that overran its local variable.

 

 

Show:
© 2016 Microsoft