May 5th, 2008

If you pass invalid parameters, then all bets are off

Alun Williams pointed out that if you pass invalid parameters to DeferWindowPos, it does not destroy the HDWP. Well, yeah, because if you pass invalid parameters, then all bets are off.

Different functions perform different degrees of parameter validation; the degree to which this is done is typically guided by security concerns. Information that crosses security boundaries must be fully-validated, whereas a call to an in-process function has very little in the way of security obligations with respect to invalid parameters, since a bad caller could just mess with the in-process function directly; no need to try to “trick” it with invalid parameters.

In practice, most functions that perform parameter validation go something like this:

SomeFunction(...)
{
 if (any parameter is invalid) {
   signal invalid parameter error in an appropriate manner
 } else {
   actually do something
 }
}

(In some cases, the validation code is not even written by a human being. Instead, there’s a script that parses the header files and autogenerates the validation code.)

If there is an invalid parameter, the entire operation is typically abandoned. Because, after all, how can you expect a function even to get off the ground when it doesn’t have all its parameters? I mean, how can the DeferWindowPos destroy the HDWP when it fails to validate its parameters, if the invalid parameter might be the HDWP?

Regardless of the degree to which parameter validation occurs, if you pass invalid parameters, then (generally speaking) there are no guarantees. Passing valid parameters is part of the basic ground rules for programming. If you break your end of the deal, then the function is under no obligation to hold up its end.

Topics
Code

Author

Raymond has been involved in the evolution of Windows for more than 30 years. In 2003, he began a Web site known as The Old New Thing which has grown in popularity far beyond his wildest imagination, a development which still gives him the heebie-jeebies. The Web site spawned a book, coincidentally also titled The Old New Thing (Addison Wesley 2007). He occasionally appears on the Windows Dev Docs Twitter account to tell stories which convey no useful information.

0 comments

Discussion are closed.