Application crash reported as security vulnerability, but you never crossed...
A security vulnerability report came in that said roughly this: There is a use-after-free vulnerability in the XYZ component which can be triggered as follows: Run the XYZ application. From the X...
View ArticleFiltering the Browse for Folder dialog so it shows only drive letters
Today, we're going to customize the Browse for Folder dialog so it shows only drive letters. Start with our previous Browse for Folder customization program, and make these changes: // Lazy global...
View ArticleHow do I kill a program that hung with an always-on-top fullscreen window?
Has this ever happened to you? You're hard at work blasting zombies being super-productive with a program that has an always-on-top fullscreen window. And then the program hangs. How can you get to...
View ArticleWhy are there two incompatible ways of specifying a serial port baud rate?
One of my colleagues tracked down a bug in their code that communicates over a serial port. (Remember serial ports?) The DCB structure specifies the baud rate as an integer. To request 2400 baud, you...
View ArticleStatic hooking through predefinition
A customer had a program that incorporated source code from two different third parties, let's call them Contoso and LitWare. These libraries were originally written for Linux, and they are trying to...
View ArticleWhy does the compiler generate memory operations on the full variable even...
Some time ago, I was helping out with code generation in a just-in-time compiler, and one thing I noticed was that when the compiler needed to, say, set the top bit in a four-byte variable, it did...
View ArticleWhy doesn’t SHGetFileInfo give me customized folder icons?
A customer reported that they were unable to obtain cutomized folder icons. Whenever they asked for the icon for a folder, they always got a plain folder icon, Even if they asked for folders like My...
View ArticleThose blue boxes all over the place, I always wondered what they were for
I was at the post office waiting my turn at the kiosk. The group in front of me consisted of three teenage girls. After purchasing their postage and affixing it to their letter, they looked around,...
View ArticleMicrospeak: Work-back
A work-back schedule is a schedule created by taking a final deadline and "working backwards" in order to determine intermediate deadlines. For example, suppose we want our feature to go out in the...
View ArticleWhy don’t I get thumbnails for files that are marked offline?
A customer deployed a data archival system that migrates files to network-attached storage after a period of inactivity. The customer reported that when a file is archived, they are no longer able to...
View ArticleThe interaction between AppBars and Windows 10 virtual desktops
A customer had a question about the interaction between Application Desktop Toolbars (commonly known as AppBars) and Windows 10 virtual desktops. "When we create our AppBar, it is shown on all virtual...
View ArticleRemember that in a stack trace, the addresses are return addresses, not call...
You may be faced with a stack trace like this: 00000000`001ebff0 00000000`ff6e2a94 ABC!CUIController::UpdateDisplay+0x156 [c:\src\abc\uicontroller.cpp @ 152] 00000000`001ec060 00000000`ff6e2f70...
View ArticleCouldn’t we fix the lackey catastrophe by using #pragma init_seg(user)?
The lackey catastrophe is the nickname I gave to a problem where the lackey hired by the C runtime to destruct global objects runs too late. Specifically, it may run after other DLLs have already shut...
View ArticleThe early Windows phone devices were liquid-cooled, sort of
Jim Lyon shares this story about early Windows phone devices: I remember during early development of Windows phones, our solution to the overheating problems. You would get two cans of soda from the...
View ArticleRevised notes on the reliability of FlushFileBuffers
Some time ago, I wrote on the hard drives that lie about flushing file buffers (and the drivers who love them). Here's a check-in on what's happened over the past few years. As things stand today, you...
View ArticleHow to calculate the resulting security descriptor of a child object without...
The CreatePrivateObjectSecurity function is part of a family of functions intended for programs that implement security descriptors for their own custom objects. Normally, you would let the kernel...
View ArticleA question about avoiding page faults the first time newly-allocated memory...
A customer had a question about memory allocation. When allocating memory with malloc and new, the memory is not loaded into the physical memory immediately. Instead, the memory is placed in RAM only...
View ArticleAt least it wasn’t on a Web page with the warning “Beware of the leopard”
In my discussion of the effect of ASLR on DLL rebasing, I wondered how vtables and other function pointers were handled in position-independent code. Commenter kantos replied, "It appears from a...
View ArticleThere’s a group policy for Action Center, and another one for Action Center
A customer wanted to know how to disable the Action Center, the control panel that lets you access settings for the firewall, SmartScreen, that sort of thing. The reason is that the customer is...
View ArticleWhy do my PDF file associations get reset every time I restart?
A customer reported that each time they restart their Windows 10 PC, the file association for PDF documents keeps getting reset to the default, which is Microsoft Edge. They use the "Set Default...
View Article