Microsoft Acquires Anti-Spyware Leader GIANT Company

Hot from the newsroom:

Comments (3)
  1. css says:

    Buying a spyware company probably wouldn’t be necessary if people could easily (and by default) run as a non admin user in Windows and if IE exploits were patched in a timely manner. Perhaps Longhorn will fix some of these issues.

  2. ac says:

    I hope you don’t mind me hijacking your blog to report a minor bug, but reporting bugs is not exactly made easy over at MSDN.

    Both StringGetsExWorkerW and StringGetsExWorkerA (starting at line 6014 in strsafe.h) handle EOF incorrectly.

    <br>wchar_t ch;
    <br>pszDestEnd = pszDest;
    <br>cchRemaining = cchDest;
    <br>while ((cchRemaining &gt; 1) &amp;&amp; 
    <br>        (ch = (wchar_t)getwc(stdin)) != L'n')
    <br>    if (ch == EOF)
    <br>    {
    <br>        // BUG: We will never get here...
    <br>        ...

    As a result StringCchGetsW will never return STRSAFE_E_END_OF_FILE and a loop waiting for StringCchGetsW to return failure will loop indefinitely.

    The following changes need to be made in StringGetsExWorkerW:

    – ch should be declared as wint_t.

    – wchar_t cast should be removed.

    – ch should be compared against WEOF rather than EOF.

    Similar issues exist in StringGetsExWorkerA. It will work with the default signed character, but is not correct, and will fail with the unsigned char option or with compilers that use an unsigned char by default.

    The following changes need to be made in StringGetsExWorkerA:

    – ch should be declared as int.

    – char cast should be removed.

    A couple of things stand out about this bug.

    – Even with /W4, VC will not give a warning while Dev-C++ (based on GCC) gives "strsafe.h:6201: warning: comparison is always false due to limited range of data type".

    – The programmer has used casts to silence compiler warnings without being aware of the consequences.

    While very few people use StringCchGets* and this is not a major bug, it is disappointing to see such basic errors in security related code.

Comments are closed.

Skip to main content