Click here to Skip to main content
15,917,176 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
:-D Hi all:
I have a problem here, giving code fragment:

typedef unsigned long HPINDEX; /* Used as a handle */

__ShowWindow(IN HPINDEX hWin)
     * Handle loopup service, converting a handle to
     * a pointer in which we are interested.
     * but all mechnisms exploited here are in user
     * address space, meaning there's a planty of chances
     * for something to go wrong, any better suggestions?
    WND* pWin = (void*)HpGetSlotByIndex(g_hWinSlotMgr, hWin);

     * Note that the app simply terminates if pWin is non-null
     * but fabricated by the user.
    if (pWin == 0) {
         * Invalid hWin.
        return (false);

     * At this phrase, I confused... :(
     * Assume the pWin is valid, and synchronization is
     * provided.
     * Do I have to check data integrity for the entire
     * WND structure, if a dozen of fields are within,
     * too fancy to comprehend.
     * Letting the native API do the hard part of the
     * work I think is the better way, so we check the
     * result of ShowWindow().
     * What if a malicious intention is made managing
     * to find out the structure and fill it with
     * garbage?

      * We have to check for validity of hwnd field in
      * the very first call which uses it.
    if (!ShowWindow(pWin->hwnd)) {
         * Report the user about the data corruption. :(
         * Oh man...
         * Is there any way to detect this error at the
         * beginning of __ShowWindow() WITHOUT calling
         * the native API to do that? thus avoid checking
         * the result of the API?
     * If Checking the result of ShowWindow() is unavoidable,
     * assuming sync is provided by the user, can I take a
     * breath if we survived it, and blindly think that hwnd
     * will always be valid in any subsquent native invocations?

;P Apologize for my pool comments,
what potential risks should be considered by us.
any suggestions are welcome:)

Updated 26-Apr-10 20:29pm

Well, what are you trying to accomplish? In the code you've posted, as long as pwnd isn't null, you should be good to go. What else are you concerned about?
Share this answer
I'd normally validate the window by calling ::IsValidWindow(pWin->hwnd);
Share this answer

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900