Clik here to view.
Documentation creates contract, which is why you need to be very careful what...
A person with a rude name asks, "Why does MS not document the system metrics used by classic/pre-uxtheme windows and common controls? This image is really useful and I wish all of this was actually...
View ArticleClik here to view.
Can I run a service executable from a network location?
A customer liaison wanted to know whether it is possible to run a service executable from a network location. The customer was doing so and running into problems, and they wanted to know whether it is...
View ArticleClik here to view.
How does Task Manager compute Up Time, and why doesn't it agree with...
Task Manager shows a piece of information called "Up time". How is this value calculated, and why doesn't it agree with the value reported by GetĀTickĀCount/GetĀTickĀCount64? Task Manager calculates...
View ArticleClik here to view.
Why don't you forward WM_GETMINMAXINFO and clamp the results?
In my illustration of how to make a window resizable in only one direction, commenter Josua asks, "Why don't you forward WM_GETĀMINĀMAXĀINFO and clamp the results?" I'm going to assume the question is...
View ArticleClik here to view.
Low-level hooks have thread affinity, so make sure you keep an eye on the thread
A customer was having a problem with their automated testing tool. We have an automation testing tool that, among other things, installs a low-level mouse hook. Sometimes, the hook takes too long to...
View ArticleClik here to view.
MapGenericMask is just a convenience function for converting generic access...
For some reason, people call the MapĀGenericĀMask function in order to calculate what access mask to pass to request access to something. That's not what MapĀGenericĀMask is for. The MapĀGenericĀMask...
View ArticleClik here to view.
Determining programmatically whether a file was built with LAA, ASLR, DEP, or...
Today's Little Program parses a module to determine whether or not it was built with the following flags: /LARGEĀADDRESSĀAWARE/DYNAMICĀBASE, also known as Address Space Layout Randomization (ASLR)...
View ArticleClik here to view.
It rather involved being on the other side of this airtight hatchway: Code...
A security vulnerability report arrived that took the following form: The QueueĀUserĀAPC function can be used to effect an elevation of privilege, as follows: Identify a process you wish to attack....
View ArticleClik here to view.
When you inadvertently become a collector of something you really aren't all...
As I was heading home at the end of the day, I ran into one of my colleagues who was also going home, and he was carrying a Star Wars-themed metal lunchbox similar to this one. For those who didn't...
View ArticleClik here to view.
If you can set enforcement for a rule, you can set up lack of enforcement
One of the things you can do with an internal tool I've been calling ProgramĀ Q is run a program any time somebody wants to add or modify a record. The program has wide latitude in what it can do. It...
View ArticleClik here to view.
So you decided to call SHFileOperation from a service, at least remember to...
I noted some time ago that it is highly inadvisable to call SHFileĀOperation from a service, and then I thought about it some more and concluded, it's flat-out wrong, at least in the case where you...
View ArticleClik here to view.
New C++ experimental feature: The tadpole operators
How often have you had to write code like this: x = (y + 1) % 10; x = (y + 1) * (z - 1); x = (double)(f(y) + 1); Since the + and - operators have such low precedence, you end up having to parenthesize...
View ArticleClik here to view.
The tadpole operators explained
Last time,Ā¹ I introduced the tadpole operators. As you have probably figured out by now, it was a joke. There are no new tadpole operators. But the sample code works. What's going on? The tadpole...
View ArticleClik here to view.
Dubious security vulnerability: Luring somebody into your lair
A security report was received that went something like this: The XYZ application does not load its DLLs securely. Create a directory, say, C:\Vulnerable, and copy XYZ.EXE and a rogue copy of ABC.DLL...
View ArticleClik here to view.
When designing your user interface, be mindful of the selection-readers
Occasionally, there will be a feature along the lines of "Whenever the user selects some text, we will pop up an X." And then I have to remind them about so-called selection readers. Selection readers...
View ArticleClik here to view.
Under what conditions can SetFocus crash? Another debugging investigation
A customer asked, "Under what conditions can SetĀFocus crash?" We have been going through our error reports and are puzzled by this one. The call stack is as follows: user32!_except_handler4...
View ArticleClik here to view.
How can I make the touch keyboard appear automatically when focus enters an...
By default, the Windows 8 touch keyboard does not appear automatically when focus is placed on an edit control in a desktop program. To change the behavior for your program, just use this one weird...
View ArticleClik here to view.
Why do events logged by the ReportEvent function show up in the wrong order...
A customer observed that when their service logs multiple events in rapid succession, they sometimes show up out of order in Event Viewer. Specifically, the order of events that all occur within the...
View ArticleClik here to view.
Adding a little marker to your comments in Microsoft Word
This is a trick I learned while participating in a document review meeting. Before the meeting each reviewer reads the document and adds comments. All the reviewers and the document author get...
View ArticleClik here to view.
What's the point of giving my unnamed object proper security attributes since...
Recall that the NULL DACL grants total access to everybody. Both parts of this sentence are important to note. Everybody: This means everybody. No authentication required. It includes Guest. It...
View Article