Is it possible to pass a raw NT handle (eg, to an event object) via a DCOM call - on the local machine, of course. If so, how would one go about doing so?
See this SO answer : DuplicateHandle(), use in first or second process? and the comment and thus I suggest that DuplicateHandle is what you need.
IntPtr (which I think is spelled INT_PTR in COM).
Related
Is it required for COM to be initialized to use SysAllocString, SysFreeString and other BSTR handling functions?
The MSDN says
You need to initialize the COM library on a thread before you call any of the library functions except CoGetMalloc
It appears to me that BSTR allocation functions use IMalloc and therefore COM init is not required?
I cannot find official documentation that says you can call these functions without initializing COM but I can take you on a trip down memory lane for some cute observations.
Because Windows 95 ran on machines with 4 MB of RAM, Explorer tries really hard not to load ole32.dll. So hard in fact that the shell team wrote their own mini version of COM and people writing shell extensions were supposed to only call SH* functions, not Co* functions to avoid loading the real COM/OLE stuff if possible.
This blog post says that mini-COM is 100% gone in Windows XP and later but I'm not sure how far back it is theoretically possible for the shell to be in mini-COM mode.
Things get interesting when you realize that Windows 2000 has a shell interface called IShellFolder2 and one of its methods (GetDetailsEx) returns a VARIANT. And VARIANTs can contain a BSTR! IColumnProvider::GetItemData also returns a VARIANT.
With this information you could infer that Windows 2000 could allocate a BSTR without you having to call CoInitialize, just call SHGetDesktopFolder to get a IShellFolder and ask for a property that is returned as a string.
There are however two unknowns here:
Is it possible for Windows 2000 to use mini-COM?
Will the IShellFolder2 implementation in shell32.dll initialize real COM if it has to return a string?
I know that IShellFolder2 and IColumnProvider are involved when a Explorer window is in details mode (or if it needs a tooltip?) so it seems unlikely that the shell would be willing to load real COM for this.
Even if I could confirm all of this it would not really help you because I assume your main target is not Windows 2000.
I am looking for a way to schedule a callback function at a regular frequency (say 1hz) within the NT kernel. Is there any framework support for that? I read in one of the posts that a timer object can be used for that, but I did not find any example or any documentation for this use case. Any help would be appreciated.
You are looking for the SetTimer function in the Windows API. It allows you to pass a callback function pointer.
Note that you must have a working Windows message pump for this function to work - the callback occurs as part of the message processing. The OS doesn't just interrupt your program and jump to the callback function.
A very simple question, if i create a HANDLE in app1.exe and it gets value 0x01 is that value globally unique ?
Or is it possible that when some other process creates a HANDLE that also has value 0x01.
If they are not unique what other construct can i use to get a unique id compatible with handles (such that it will be impossible or highly unlikely that a HANDLE with that id is created anywhere else).
The important thing to understand is that handles are not objects. Handles are pointers (or indexes) to per-process object table. To answer your question, HANDLES are not globally unique, but they are scoped to only make sense inside a particular process.
For any kernel object to be able to be accessible from other process, you have to DuplicateHandle.
Another way to share objects across processes is to call CreateProcess with bInheritHandles set to true.
They are not unique. HANDLE values are local to the current process. Same value may be invalid handle or refer to a different object in another process. An exception to this rule are handles inherited from parent process.
The only way to have unique id without a centralized registry is to use GUID. But they are not compatible with HANDLE, they are 128-bit while handles are 32 or 64-bit.
Use DuplicateHandle to pass handles between processes.
How can I find the address of a WndProc (of a window of another process). Even if I inject a DLL and try to find it with either GetClassInfoEx() or GetWindowLong() or GetWindowLongPtr() I always get values like 0xffff08ed, which is definitely not an executable address. It is according to MSDN: "... the address of the window procedure, or a handle representing the address of the window procedure."
Unfortunately that is not good enough for me I need the actual address. Spy++ does the job right most of the time (but even that sometimes fails). So it should be be possible. Thanx.
[EDIT:] Kudos to Chris Becke for providing a super fast, and correct solution to my little problem!
Perhaps you are being stymied because you are asking for the wrong version of the windowproc.
Window Procs, like applications, occur in two flavors: ansi and unicode. Windows cannot return a raw pointer to a ansi window to a unicode application, or visa versa, as they will attempt to call it with the wrong string type.
So, there is no GetWindowLongPtr function. Its a macro that resolves to two 'real' functions the windows api provides: GetWindowLongPtrA and GetWindowLongPtrW. If the window is a unicode window, and GetWindowLongPtrA is called windows will return a handle instead of the raw pointer, so that it can intercept calls (made via CallWindowProc) and marshal the string's from ansi to unicode. The opposite conversion holds the other way.
Even if you call the correct function, you still might get a handle back - its completely possible that ansi code has subclassed a unicode window. so the windowproc has been completely replaced by one of the callWindowProc handles.
In that case - tough luck I guess.
To extend Chris Becke's answer (which solved my problem, thanks!):
So, there is no GetWindowLongPtr function. Its a macro that resolves to two 'real' functions the windows api provides: GetWindowLongPtrA and GetWindowLongPtrW. If the window is a unicode window, and GetWindowLongPtrA is called windows will return a handle instead of the raw pointer, so that it can intercept calls (made via CallWindowProc) and marshal the string's from ansi to unicode. The opposite conversion holds the other way.
You can check whether the window in question is an unicode or ANSI window by calling the IsWindowUnicode function. Using this information you can determine which GetWindowLongPtr function needs to be called (at runtime),
I am looking for a simple way to read/write a file asynchronously using Win API. What I had is mind is something like the asynchronous winsock API (WSAxxx) completion routines. However the file API doesn't seem to have those. Are they hidden somewhere?
Waiting on the overlapped events in a seperate thread adds thread management overhead, not to mention there either needs to be a thread-per-file, or the 64 objects problem needs to be faced. Completion ports is an overkill. Reading the file synchronously on a seperate thread is irrelevant.
Any suggestions?
CreateFile and ReadFile/WriteFile functions support so-called 'overlapped' mode which is what you need. There' also ReadFileEx/WriteFileEx that work in async mode only.
In short, you need to open file with FILE_FLAG_OVERLAPPED flag and pass OVERLAPPED structure (and callback in case of xxxEx operations) to file access functions.
Here's a sample class for using it.
I know that in .net it's possible. What I don't know is to which win32 functions it maps
As soon as you step into the async territory you should forget the word "easiest"
Seriously, the easiest would be to use .NET's System.IO.FileStream with isAsync=true in constructor and BeginRead/EndRead methods.