The strangest way of detecting Windows NT
A colleague of mine nominated this code for Function of the Year.
(This is the same person who was the
first to report that a Windows beta used a suspect URL.)
I have to admit that this code is pretty impressive. Of all the ways
to check the operating system, you have to agree that sniffing
at an undocumented implementation detail of memory-mapped files
is certainly creative!
// following the typographical convention that code
// in italics is wrong
HANDLE hFile, hFileMapping;
BYTE *pbFile, *pbFile2;
hFile = CreateFile(szFile, GENERIC_READ | GENERIC_WRITE, 0,
NULL, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
hFileMapping = CreateFileMapping(hFile, NULL, PAGE_READWRITE,
0, 0, NULL);
pbFile = (PBYTE) MapViewOfFile(hFileMapping, FILE_MAP_WRITE,
0, 0, 0);
pbFile2 = (PBYTE) MapViewOfFile(hFileMapping, FILE_MAP_WRITE,
0, 65536, 0);
if (pbFile + 65536 != pbFile2)
Nevermind that the function also leaves a file locked and leaks
two handles and two views each time you call it!
What’s more, this function may erroneously report
on a Windows NT machine if by an amazing coincidence the
memory manager happens to assign the second file view to the very
next 64K block of memory (which it is permitted to do since
address space granularity is 64K).
It can also erroneously report
on a Windows 95 machine if the
MAIN.CPL file happens to be
smaller than 64K, or if you don’t have write permission on the file.
(Notice that the program requests read-write access
This particular function is from a library
that is used by many popular multimedia titles.
The quickest way to detect whether you are running on a
Windows 95-series system or a
Windows NT-series system
is to use the hopefully-obviously-named function
return (GetVersion() & 0x80000000) == 0;
[Raymond is currently on vacation; this message was pre-recorded.]