The Old New Thing

It rather involved being on the other side of this airtight hatchway: Writing to the application directory

December 7, 2012 Dec 7, 2012 12/7/12
Raymond Chen
We received a security vulnerability report that went roughly like this: There is a security vulnerability in the X component. It loads from the current directory, thereby making it vulnerable to a current directory attack. Here is a sample program that illustrates the problem. Copy a rogue into the current directory and run the ...

Replaying input is not the same as reprocessing it

December 6, 2012 Dec 6, 2012 12/6/12
Raymond Chen
Once upon a time, there was an application that received some input and said, "Okay, this input cancels my temporary state. I want to exit my temporary state, but I also want the input that took me out of the temporary state to go to whatever control would have received the input if I hadn't been in the temporary state in the first place." (...

The QuickCD PowerToy, a brief look back

December 4, 2012 Dec 4, 2012 12/4/12
Raymond Chen
One of the original Windows 95 PowerToys was a tool called QuickCD. Though that wasn't its original name. The original name of the QuickCD PowerToy was FlexiCD. You'd think that it was short for "Flexible CD Player", but you'd be wrong. FlexiCD was actually named after its author, whose name is Felix, but who uses the "Flexi" anagram as ...

The debugger lied to you because the CPU was still juggling data in the air

November 30, 2012 Nov 30, 2012 11/30/12
Raymond Chen
A colleague was studying a very strange failure, which I've simplified for expository purpose. The component in question has the following basic shape, ignoring error checking: There are two parts of the object. One part that is essential to the object's task, and another part that is needed only when updating. The parts related to ...

Various ways of performing an operation asynchronously after a delay

November 29, 2012 Nov 29, 2012 11/29/12
Raymond Chen
Okay, if you have a UI thread that pumps messages, then the easiest way to perform an operation after a delay is to set a timer. But let's say you don't have a UI thread that you can count on. One method is to burn a thread: Less expensive is to borrow a thread from the thread pool: But both of these methods hold a thread hostage for ...

Why are there both FIND and FINDSTR programs, with unrelated feature sets?

November 28, 2012 Nov 28, 2012 11/28/12
Raymond Chen
Jonathan wonders why we have both and , and furthermore, why the two programs have unrelated features. The program supports UTF-16, which doesn't; on the other hand, the program supports regular expressions, which does not. The reason why their feature sets are unrelated is that the two programs are unrelated. The program came first. ...

Security vulnerability reports as a way to establish your l33t kr3|)z

November 27, 2012 Nov 27, 2012 11/27/12
Raymond Chen
There is an entire subculture of l33t l4x0rs who occasionally pop into our world, and as such have to adapt their communication style to match their audience. Sometimes the adaptation is incomplete. You may have trouble finding the exploit buried in that perl script, because the perl script consists almost entirely of graffiti and ...