How to write C++ code to call into VBE7.dll to mimic VBA code?
I found that VBA's Left$ and Split etc. are all implemented in a file call VBE7.dll, I used Dependency Walker (Depends.exe) to establish this. I asked SO if there was a header file that could call into this file.
Hans Passant replies
It is not documented. Not like you can't figure it out by trial and error, but you have little guarantee that your hard work is going to survive for long. And you have a nasty dependency that you can't distribute yourself. If the function is simple to reverse-engineer then it is also simple to re-implement it, and make it a lot better using the power of C++.
So Hans is saying essentially "Bad idea, don't be silly!"
What does “tag” prefix stand for [c++] in tagVARIANT and tagSAFEARRAY?
Hans Passant replies
It comes from the C language, the language that inspired IDL syntax. Lots of google hits, this is one.
Yeah, so this is easy to Google for once you have the right search words "Structure Tags C", see top hit.
How to close VirtualAlloc loophole? Use different account credentials?
During my travels, I've seen examples of code injecting DLLs into another process. On reflection, this is a massive loophole. In fact, it is quite shocking.
How best to close VirtualAlloc loophole? Does configuring the exe to run under a different account (username/password) prevent (at the OpenProcess call)?
This got downvoted, it seems the SO is less bothered about this loophole. Here is an exchange of comments before I deleted question.
There is no "loophole". If it is a process you created, you have access to it. If it's someone else's process, you need "Administrator" privileges. – Ðаn 2 hours ago
@Dan: If I am software house and I write an application, and I am liable for screw-ups on customer's machine then it is very important to defend against code injection. – S Meaden 2 hours ago
It rather involved being on the other side of this airtight hatchway "Not every code injection bug is a security hole. Yes, a code injection bug is a serious one indeed. But it doesn't become a security hole until it actually allows someone to do something they normally wouldn't be able to." – Ðаn 1 hour ago
On any sane OS the programmer can't "defend" against an admin, and this is good IMHO. But I have the impression this is slowly changing... – alain 1 hour ago
No comments:
Post a Comment