Miscellaneous APIs

Miscellaneous APIs

This section is a catchall for APIs that cannot be pigeonholed into another category.

IsBadReadPtr, IsBadWritePtr, IsBadCodePtr, IsBadStringPtr, IsBadHugeReadPtr, and IsBadHugeWritePtr

The main reason for not using the IsBadXXXPtr functions is they encourage developers to be sloppy and use unchecked pointers. These functions are a legacy from 16-bit Windows, and their use is discouraged in new code. In most cases, it's sufficient to check for a NULL pointer. For other scenarios, you should wrap the pointer code in a structured exception handler (SEH). Be aware that this is still a dangerous proposition if the exception handler is corrupted because of a buffer overrun while copying untrusted data. Do not catch all exceptions in your exception handler; only handle the exceptions you know about, such as STATUS_ACCESS_VIOLATION.

Of course, if you catch an exception in your code, you have a bug that needs fixing!

These functions do not guarantee that the memory pointed to is valid or safe to use. Consider calling IsBadWritePtr on a stack-based buffer. The function will indicate it is safe to use the memory, but we all know it probably is not. Because of the multitasking nature of Windows, nothing is preventing another thread from changing the memory protection between your code testing the page and the application using the page.

IMPORTANT
You should never manipulate a pointer not under the direct control of your application.

Finally IsBadWritePtr is not thread-safe!

CopyFile and MoveFile

These two functions have ACL implications. Files copied using CopyFile inherit the default directory ACL, and files moved using MoveFile maintain their ACLs. Double-check that the object is used only locally; do not use CLSCTX_REMOTE_SERVER.