sinbeard's Trove of Disassembly and Tinkering

Knowing is not enough; we must apply. Willing is not enough; we must do.

22 January 2021

windows system programming week 2

by canderson

More systems programming!

Modules and Handles

32-bit vs 64-bit

Can change project properties to treat 64/32 bit warnings as errors:

Working with Strings

The classic C functions for manipulating strings are considered unsafe.

Safer versions exist:

strcpy(dest, src) --> strcpy_s(dest, _countof(dest), src)

Can also use strsafe.h for some other safe string functions.

Structures

Windows Numeric Versions

All over the place. Windows 10 finally matches the internal Windows version –> 10.0. Though it’s reported as 6.2. Check documentation for GetProductInfo

Side note:

A manifest file with compatibility information can (should?) be used in C++ programs. The best way to accomplish that is to swipe a manifest file from a C# application (just create a new one and steal the text to get the guids and associated info) and paste it into a new xml file in the C++ app. Then go to project properties to the Manifest –> Input and Output section, and add the new manifest to the Additional Manifest Files section.

KSHARED_USER_DATA

This is a reliable way to get the Windows version regardless of manifest. It uses the KSHARED_USER_DATA (semi-documented) structure that is mapped to the same address (0x7ffe0000) in every process.

BYTE* sharedUserData = (BYTE *) 0x7ffe0000;
printf("Version: %d.%d.%d\n",
            *(ULONG*)(sharedUserData + 0x26c), // major version offset
            *(ULONG*)(sharedUserData + 0x270), // minor version offset
            *(ULONG*)(sharedUserData + 0x260)); // build number offset (Windows 10)

System Information

tags: