Why is Windows Compressed Folders (Zip folders) support stuck at the turn of...
Every so often, a customer will ask whether Windows Compressed Folders (Zip folders) supports something fancy like AES encryption, and we have to shake our head and apologize. "Sorry, no." Why this...
View ArticleStupid C++ namespace tricks
These tricks may be obvious, but at least I'm going to write them down. It is common to import an entire namespace into the global namespace. I'm not saying it's a good idea, but it is common. The...
View ArticleHow do I create a SAL annotation for a structure with a variable-length array?
Some Windows structures end with an array of size 1. If you try to access any members of that array beyond the first, you may get a static analysis error. typedef struct THINGGROUP { DWORD...
View ArticleMisdirected security vulnerability: Malformed file results in memory corruption
A security vulnerability report arrived that went something like this: Subject: An Exploitable Vunerability in dwrite.dll (stack hash 0x6b6f6f4c.0x4654d7441) The file dwrite.dll allows an attacker to...
View ArticleMaintaining Notepad is not a full-time job, but it’s not an empty job either
When I mentioned that one of my now-retired colleagues was responsible for maintaining Notepad, commenter Neil noted, "I can't imagine theres much actual maintenance." You'd be surprised. For one...
View ArticleWhy does the install date and size of a program change roughly two days after...
A customer observed that when they install a particular company's product, and then go to the Programs and Features control panel, the program shows up with the correct installation date. But wait a...
View ArticleIf you say that your buffer can hold 200 characters, then it had better hold...
A security vulnerability report claimed that there was a vulnerability in the GetDoodadName function (not the actual function name): There is a buffer overflow bug in the GetDoodadName function....
View ArticleHow do I create a disabled checkbox for a listview item?
A customer was using the LVS_EX_CHECKBOXES extended listview style to get checkboxes for the listview items. However, they also wanted some items to have a disabled checkbox, which is not a feature...
View ArticleMy namespace importing trick imported the same three namespaces into each...
A little while ago, I noted a technique formally known as namespace composition. There was one section that appeared to confuse some people: namespace ABI { using...
View ArticleHow are BitBlt raster opcodes calculated?
Commenter R P asks what the low-order 16 bits of the BitBlt raster opcodes mean. The documentation explains that the high-order 16 bits of the raster opcode are the zero-extended 8-bit value that...
View ArticleHow do I get file version information from the command line?
The great thing about Windows file versions is that there are so many to choose from! For each file, you have Numeric product version Numeric file version String product version String file version...
View ArticleThe alphabet, in alphabetical order, in various languages
The alphabet, in alphabetical order English aitch are ay bee cue dee double-you ee eff ell em en ess ex eye gee jay kay oh pee see tea vee why you zee/zed Deutsch ah beh ceh deh eff eh ehr ell em en...
View ArticleWhen you call OpenThreadToken while impersonating, you have to say who is...
A customer reported that OpenThreadToken was failing with the error ACCESS_DENIED and wanted help understanding why. They shared a code fragment which operates on an account name test with no...
View ArticleHow can I obtain the heap from which a heap block was allocated?
Suppose profiling reveals that heap contention is a bottleneck in your program. Furthermore, suppose that your program's heap usage pattern is that most heap blocks are allocated and freed by the same...
View ArticleHow can I write a program that monitors another window for a title change?
A customer was writing a monitoring application and wanted to be notified if a window's title changes. Sure, we can use accessibility to do that. #define UNICODE #define _UNICODE #define STRICT...
View ArticleAdventures in application compatibility: Following a detour off a cliff
The application compatibility team reported that a program was crashing in its installer. Debugging the installer revealed that it actually triggered three exceptions. The first exception was due to...
View ArticleStupid cmd.exe tricks: Changing directories with forward slashes instead of...
I observed one of my colleagues perform this trick with cmd.exe: You can pass a path with forward slashes (instead of backslashes) to the cd command, provided the first character is not a slash. cd...
View ArticleThe unhandled exception filter is the responsibility of the process; don’t...
A customer developed an Office add-in and wanted to intercept all unhandled exceptions so that they could collect crash dumps, capture stack traces, and so on. To do this, they used the...
View ArticleWhat is this weird constructory syntax C::C()?
The Microsoft Visual C++ compiler supports this weird thing: // assume a class C has been defined C* p = (C*)malloc(sizeof(C)); p->C::C(); // huh? This weird syntax is how people in olden times...
View ArticleWhy does GetServiceDisplayNameA report a larger required buffer size than...
If you call the GetServiceDisplayNameA function (the ANSI version), it reports a buffer size far larger than what appears to be necessary. For example, if the service display name is awesome, you...
View Article