The Old New Thing
Practical development throughout the evolution of Windows.
Latest posts
Taking advantage of the fact that the handle returned when you create a kernel synchronization object has full access regardless of the actual ACL
A customer wanted some help deciding what security attributes to place on an event object intended to be used by multiple security contexts. We have two processes, call them A and B, running in different security contexts. I have an event that process A creates and shares with process B. The only thing process A does with the event is signal it, and the only thing process B does with the event is wait on it. Our question is what ACLs you recommend for the event. For now, we're using O:BAD:(A;;GR;;;WD)(A;;GA;;;LS)(A;;GA;;;BA). (In case it matters, process A is usually running as a service with Local System priv...
Where does the Installed Updates control panel get the install date from?
A corporate customer wanted to know where the Installed Updates control panel gets the Installed On information from, because they found that the values were always set to the current date regardless of when the update was actually installed. The algorithm goes roughly like this: First, ask MSI what date the update was installed by calling and asking for the . If that doesn't work, then go to the registry key under and look for a value called (surprise) . (Note that 32-bit updates on 64-bit machines will be redirected into a key.) If that still doesn't work, then it's time to guess: Windows XP uses th...
It's time we face reality, my friends: We're not rocket scientists
During the development of Windows 95, it was common for team members to pay visits to other teams to touch base and let them know what's been happening on the Windows 95 side of the project. It was during one of these informal visits that the one of my colleagues reported that he saw that one of the members of the partner team had a Gary Larson cartoon from The Far Side depicting a group of scientists studying a multi-stage rocket ship they just assembled, but the stages are connected all crooked. One of the scientists says, "It's time we face reality, my friends. … We're not exactly rocket s...
How do I read the "Double-click to open an item (single-click to select)" setting in Folder Options?
Today's Little Program reports whether the Double-click to open an item (single-click to select) option is selected in the Folder Options dialog. A customer wanted to know how to do this, presumably so that their program would respect the setting and adjust its user interface to match. The flag and member name is kind of weird. The ability to single-click to open an item was introduced as part of the Windows Desktop Update which came with Internet Explorer 4. This update made Explorer more Web-like, with single-click to activate and underlines appearing on hover. (This was back in the day when making eve...
Dispelling the myths, rumors, and innuendo surrounding the QueryPerformanceCounter function
The function has been the subject of much rumor and innuendo. In response to all the confusion, the kernel folks put together a page which tries to settle the controversy once and for all. It discusses the history of QPC over the ages, the problems it had on earlier versions of Windows or older firmware (which is probably where a lot of the myths started), its interaction with hypervisors, offers guidance on how to use it and its alternatives, and includes a very nice Q&A.
Why does the OpenThread function behave differently when the target thread belongs to another process?
A customer discovered strange behavior in the function and wondered whether it was expected. We use the function to obtain a thread handle with , passing in a valid thread ID. We later pass this handle to to get the thread exit code. We have found that the function succeeds if the thread in question belongs to another process, provided the thread is still running (has not yet exited). On the other hand, if the thread belongs to our own process, then the call always succeeds regardless of whether the thread is running or not. Is this expected behavior? And can we assume that if fails with , then it means that...
Some reasons not to do anything scary in your DllMain, part 3
In the same week, the shell team was asked to investigate two failures. The first one was a deadlock in Explorer. The participating threads look like this: The shell extension caused this problem because it ignored the rule against calling shell and COM functions from the entry point, as specifically called out in the documentation as examples of functions that should not be called. The authors of this shell extension may never have caught this problem in their internal testing (or if they did they didn't understand what it meant) because hitting this deadlock requires that a race window be hit: The shell ...
If you're looking for the code that displays a particular dialog box, the most directly way to find it is to look for the dialog box
Suppose you are working in a large or unfamiliar code base and you want to know where the code is that displays a particular dialog box or message box or something. Probably the most direct way of figuring this out is to look for the strings. Say there is a message box that asks for user confirmation. "Are you sure you want to frobulate the flux capacitor?" Search for that string in your source code. It will probably be in a resource file. Great, now you have the string ID for that message. You can perform a second search for that ID. If the thing you are searching for is a dialog box or menu item, then ...
My friend and his buddy invented the online shopping cart back in 1994
Back in 1994 or so, my friend helped out his buddy who worked as the IT department for a local Seattle company known as Sub Pop Records. Here's what their Web site looked like back then. Oh, and in case you were wondering, when I said that his buddy worked as the IT department, I mean that the IT department consisted of one guy, namely him. And this wasn't even his real job. His main job was as their payroll guy; he just did their IT because he happened to know a little bit about computers. (If you asked him, he'd say that his main job was as a band member in Earth.) The mission was to make it possible for fan...