Is this registry key length or what else is this?

Question

1.00/5 (2 votes)

See more:

Actually while using ProcessMonitor i came across an entry with the operation "RegQueryKey" which resulted in: "Buffer Overflow" and Detail as : "Query: Full, Length :176"
Now i want to know what exactly is that length? Length of what? Is it the length of the key or something else, if something else - what is it? This question is troubling me a lot.
Thank you!

Posted 18-Jun-13 2:47am

mohit7

Add a Solution

Comments

Sergey Alexandrovich Kryukov 18-Jun-13 8:51am

Not clear. Can you reproduce it on a really short but complete code sample?
—SA

mohit7 18-Jun-13 9:12am

Thanks Sergey for taking time to read my question!
Ok, i'll try my best to explain.
ProcessMonitor (by Microsoft - Sysinternals) is an application used to monitor changes made to your computer. While monitoring, i came across an entry which had "RegQueryKey" in the Operation column and in the "Detail" column it had - "Query: Full, Length: 176".
All i want to know is what is that length of? Is it some character count or what? I don't have much knowledge about this and since this was some general question i was confused on how and where to ask this. This is certainly not the length of value in the key i guess. What length is it then?
Actually name of that particular key is randomly generated and if am able to associate this "Length: 176" (this remains constant always) to this particular key - it'll help me a lot as it'll get easier for me to hunt for this particular key programmatically.

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Dave Kreskowiak · Accepted Answer · 2013-06-18T03:49:00

Solution 1

It's probably the length of a string that would be returned. In Win32, it's common to call certain functions and pass in a buffer or length of 0 for the function to fill. Usually, this causes the called function to return a value that tells the caller how big a buffer needs to be to hold the data being queried for.

Posted 18-Jun-13 3:49am

Dave Kreskowiak

Comments

mohit7 18-Jun-13 9:56am

thanks a lot for the help Dave. Suppose i have access to this key and am coding in vb.net, exactly what operation should i perform on this particular key so that it returns me that length - 176, exactly?

Dave Kreskowiak 18-Jun-13 11:09am

You cannot use that value as a "key" to determine the correct key to find. There is absolutely nothing to stop another key from returning the same length.

mohit7 18-Jun-13 11:41am

that is perfectly ok - i mean i have some other clues as well which will definitely help me in isolating this particular one from the others - i just want to know what operation on this same key - will return 176 as length if am coding in vb.net?

Dave Kreskowiak 18-Jun-13 13:33pm

That depends on what exact function or operation was being performed. There is no Win32 function called "RegQueryKey". That's a moniker used in ProcMon to denote some kind of query operation that was performed on the path specified. This could be getting the information on the key, enumerating the key for values, querying the state of reflection on the key, security information, ...