Browse by Tags

All Tags » researches (RSS)

Norton’s quality of code in drivers

Life of every driver developer is complicated by the fact that the code you write should be stable (read: bugs free) and compatible with any other third party drivers. It is very important for any driver to be bugs free, as any error in kernel leads ...
Posted by V. S.

SMB traffic not captured in TDI filter driver

Recently I met a problem in one of my TDI filters when filtering SMB traffic. The filter driver was able to see outgoing TDI_CONNECT requests to 137 and 445 ports, but during the heavy file upload there was no TDI_SEND requests issued. Please read the...
Posted by V. S.

A case of mysterious BSOD at tcpip!TcpIndicateData+22b

1. The causes Recently I was observing strange BSODs on my Vista machine quite periodically when dealing with network applications: [...] Please, read the rest of this post at http://www.shcherbyna.com/?p=117
Posted by V. S.
Filed under: ,

Bug in MSDN: TDI_EVENT_RECEIVE_DATAGRAM & it's handler

If you ever wanted to handle TDI_EVENT_RECEIVE_DATAGRAM ( http://msdn2.microsoft.com/en-us/library/ms801156.aspx ) event handler in TDI, you would notice that it's declaration is a bit strange( http://msdn2.microsoft.com/en-us/library/ms801622.aspx...
Posted by V. S. | 1 comment(s)

DRIVER_VERIFIER_IOMANAGER_VIOLATION in Windows Server 2003 SP2 with latest updates ON

Recently, I've received following error when trying to test my TDI filter driver on Server 2003 SP2 with latest updates ON: DRIVER_VERIFIER_IOMANAGER_VIOLATION (c9) Arguments: Arg1: 00000208, (Fatal error) This IRP is about to run out of stack locations...
Posted by V. S.

The case of Task Manager that does not kill

Quite long time ago, my friend Vadym Stetsiak described a bug of Task Manager , which allows to disallow (!) the killing of a process, if it's name is lsass.exe. In order to test this bug, you can rename any executable file into lsass.exe, run it...