IEInternals

A look at Internet Explorer from the inside out. @EricLaw left Microsoft in 2012, but was named an IE MVP in '13 & an IE userAgent (http://useragents.ie) in '14

IE9 Compatibility–HttpOpenRequest and lplpszAcceptTypes

IE9 Compatibility–HttpOpenRequest and lplpszAcceptTypes

  • Comments 2

The WinINET API allows the caller to specify the accepted MIME types for a given HTTP request by passing a null-terminated array of null-terminated strings using the lplpszAcceptTypes parameter. When calling the HttpOpenRequest API, applications must take care to either pass NULL, or a pointer to a properly-formed array of MIME-type strings.

// Null-terminated array of null-terminated strings
const char* lplpszAcceptTypes[] = {"text/xml", "application/xml", NULL};

HINTERNET  hHttpFile = HttpOpenRequestA(hConnect, "GET", "/test.xml", NULL, NULL, lplpszAcceptTypes, 0, NULL);

Unfortunately, this isn’t a common parameter-passing convention, and it turns out that many applications, including a popular car racing game and VoIP software, incorrectly call the API with a pointer to a plain string.

Prior to IE9 beta, WinINET would process the array using APIs that are now banned by the Security Development Lifecycle. The result is that, rather than crashing, the error might have gone unnoticed when earlier versions of IE were installed. Now that the version of WinINET installed with Internet Explorer 9 uses string-handling code that does not result in accommodating illegal input, the applications will crash when they attempt to make HTTP requests.

The IE Team is working on outreach to vendors of affected applications.

-Eric

  • Here's a similar post from a few years back, the last time that WinINET removed some banned APIs: http://blogs.msdn.com/b/wndp/archive/2005/08/18/453124.aspx

  • Update: IE9 RTW introduced a mitigation to attempt to detect the bad calling pattern. If detected, then the application will not crash, but the ACCEPT header will not be sent.

Page 1 of 1 (2 items)
Leave a Comment
  • Please add 4 and 2 and type the answer here:
  • Post