22 Jan
2006
22 Jan
'06
7:10 p.m.
What am I looking for?
I am only a single person, so code auditing will be a slow process at
the moment. I wish to check for the following vulnerabilities:
Incorrect null termination.
Buffer overflows.
Premature termination.
Lack of input validation.
Bad calculations.
Off by one / few.
Abuse of KeBugCheck(Ex). I suspect one can still find places where
KeBugCheck(Ex) is incorrectly called. E.g. when a parameter is found to be
invalid.
Casper