No rest for the wicked

NOTE TO SELF: You wanted to to be a Lord of the Ring Zero. You deserve the misery and pain.

Yes I wanna bitch. But I only have myself to blame. I wanted to get into low level driver development, basically writing to the bare metal, because very few people were doing it, and it was the only place to really make a difference for security on the Windows platform. I'm ok with the steep learning curve, actually enjoying the challenge.

But I NEVER thought I would have to write my own primitive functions. What do I mean? Well here is a tip for anyone wanting to get into Windows kernel development. You can't use ANY of the Windows API during code development. Winsock is right out. Win32 is right out. As is all the nice helper functions for the API etc. You MUST find a DDK equivelant, or write your own.

This morning I was forced to write my own inet_ntoa function. Decided to do it first with gcc to test it before I would put it in my driver. Worked great. Even did nice safe string functions to make life sweet. Then I decided to port it to the kernel. *UGH*

Here is one line to show you what I mean:

//

// Use safe string handling functions. Replace _snprintf with

// DDK equiv.(RtlStringCbPrinfA)

//

// Use ANSI style instead of UNICODE. Use RtlStringCbPrintfW 

// if you want UNICODE. Need to watch size then to prevent 

// buffer overflow

//

status = RtlStringCbPrintfA( 

     addr,			// Buffer to hold IP addr as string 

     (sizeof(UCHAR) * 16)-1,   	// Buffer size. NOT using UNICODE 

     "%u.%u.%u.%u",            	// Format pattern string

     (address >> 24 ) & 0x00FF,	// Shift to get first octet

     (address >> 16 ) & 0x00FF,	// Shift to get second octet

     (address >> 8  ) & 0x00FF,	// Shift to get third octet

     address & 0x00FF		// Mask to get last octet

);

See what I mean. Notice the comment? Yes, even basic primitives like _snprintf doesn't exist.. forcing me to use this ugly beast. *sigh* It works though, and that is all that matters.