October, 2008

Larry Osterman's WebLog

Confessions of an Old Fogey
  • Larry Osterman's WebLog

    What’s wrong with this code part 24 (From an MSDN article)?

    • 23 Comments

    I ran into this bug earlier today and realized that it’d make an awesome “What’s wrong with this code”.

    I started pulling together a test app when I realized that this MSDN magazine article contains sample code that perfectly exhibits the bug:

    CRect rectangle;
    VERIFY(m_splitButton.GetWindowRect(
        &rectangle));
    
    TPMPARAMS params = { sizeof(TPMPARAMS) };
    params.rcExclude = rectangle;
    
    CMenuHandle menu = m_menu.GetSubMenu(0);
    
    VERIFY(menu.TrackPopupMenuEx(TPM_LEFTBUTTON,
        rectangle.left, rectangle.bottom,
        m_hWnd, &params));

    There’s not much to the code – it’s from the handler for the BCN_DROPDOWN notification message.  And it’s got a very nasty subtle bug in it.

    So what’s the bug?

     

    Edit: s/nasty/subtle/

     

  • Larry Osterman's WebLog

    I get spam :)

    • 18 Comments

    I just received this spam message the other day:

    From: Microsoft [mailto:customerservice@microsoft.com]

    Sent: Saturday, October 11, 2008 11:13 PM

    To: Larry Osterman

    Subject: Security Update for OS Microsoft Windows

    Dear Microsoft Customer,

    Please notice that Microsoft company has recently issued a Security Update for OS Microsoft Windows. The update applies to the following OS versions: Microsoft Windows 98, Microsoft Windows 2000, Microsoft Windows Millenium, Microsoft Windows XP, Microsoft Windows Vista.

    Please notice, that present update applies to high-priority updates category. In order to help protect your computer against security threats and performance problems, we strongly recommend you to install this update.

    Since public distribution of this Update through the official website http://www.microsoft.com would have result in efficient creation of a malicious software, we made a decision to issue an experimental private version of an update for all Microsoft Windows OS users.

    As your computer is set to receive notifications when new updates are available, you have received this notice.

    In order to start the update, please follow the step-by-step instruction:

    1. Run the file, that you have received along with this message.

    2. Carefully follow all the instructions you see on the screen.

    If nothing changes after you have run the file, probably in the settings of your OS you have an indication to run all the updates at a background routine. In that case, at this point the upgrade of your OS will be finished.

    We apologize for any inconvenience this back order may be causing you.

    Thank you,

    Steve Lipner

    Director of Security Assurance

    Microsoft Corp.

    -----BEGIN PGP SIGNATURE-----

    Version: PGP 7.1

    AN86DCS206WKI6IK8LIFD5S1VODA48SHXDCG6KT8V4C50MO21RUHP8O84T6P73YGX

    EO755U27OA5JVX3U51QF8N2E97FQQDOC6IRHH7T3TSQJRFYYPR3434M634A375LAO

    49ICIMQZ680BR307KVS857K6U9UYSBHE20RNI16HUB45SMTDF0DDMQZ4YIR2QIHLD

    UVPMVD54LRY8HNLDA020KWMIFYYD9B1A07AM1VWIA0YO8QZO2WLY27KAPXBFDN6DT

    48VYUVW7M7JZ5P2NIU7FGDRIGCM819WMKJ2==

    -----END PGP SIGNATURE-----

    Attached to the message was an attachment named “KB266311.exe”.

    I’ve heard that these before but I’ve never received one.  Apparently the email was sent from “koln-5d8184e2.pool.einsundeins.de (93.129.132.226)”, which I suspect is a trojaned machine in Germany.   In this case I’m pretty impressed with the email – it’s in plain text with the name of a real Microsoft employee, it has a PGP signature (which tends to give credence to the email).  On the other hand it has some grammatical errors (“Please notice that Microsoft company has…”, “We apologize for any inconvenience this back order may be causing you”) that give the scam away.  I also don’t know what trojan was inside KB266311 because it was filtered by our email servers before it got to me.

     

     

    For those that are wondering how I knew it came from koln-5d8184e2.pool.einsundeins.de, here’s what I did:

    I started with the raw email headers (some servers and IP addresses obscured):

    Received: from XXX.microsoft.com (n.n.n.n) by
    YYY.microsoft.com (m.m.m.m) with Microsoft SMTP
    Server (TLS) id 8.2.83.0; Sat, 11 Oct 2008 23:13:52 -0700
    Received: from koln-5d8184e2.pool.einsundeins.de (93.129.132.226) by
    ZZZ.microsoft.com (o.o.o.o) with Microsoft SMTP Server id
    8.1.291.1; Sat, 11 Oct 2008 23:13:41 -0700
    Received: from [93.129.132.226] by QQQ.hotmail.com; Sun, 12 Oct 2008 07:13:17
    +0100
    From: Microsoft <customerservice@microsoft.com>
    To: <<Larry’s Email Address>>
    Subject: Security Update for OS Microsoft Windows
    Date: Sun, 12 Oct 2008 07:13:17 +0100
    MIME-Version: 1.0
    Content-Type: multipart/mixed;
        boundary="----=_NextPart_000_000E_01C92C39.FF9CE480"
    X-Mailer: Microsoft Office Outlook, Build 11.0.5510
    Thread-Index: Aca6Q862Q89QD80AN22RHXR0U7WZ61==
    X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700
    Message-ID: <01c92c39$ff9ce480$e284815d@60GC7Q>
    Return-Path: 60GC7Q@hotmail.com
    X-MS-Exchange-Organization-PRD: microsoft.com
    Received-SPF: TempError (XXX.microsoft.com: error in
    processing during lookup of customerservice@microsoft.com: DNS timeout)
    X-MS-Exchange-Organization-PCL: 2
    X-MS-Exchange-Organization-Antispam-Report: DV:3.3.7011.600;SV:3.3.7011.1437;SID:SenderIDStatus
    TempError;OrigIP:93.129.132.226
    X-MS-Exchange-Organization-SCL: 0
    X-MS-Exchange-Organization-SenderIdResult: TEMPERROR

    RFC 2821 says that SMTP servers should prepend a Received: header to an email message whenever they process the email message.  In this case the last email server was XXX.microsoft.com.  XXX.microsoft.com received the message from YYY.microsoft.com which in turn received the message from koln-5d8184e2.pool.einsundeins.de (einsundeins.de appears to be a german ISP).   The next bit of trace is confusing.  The machine at 93.129.132.226 says that it received the message from QQQ.hotmail.com. 

    It’s possible that this spam email originated from hotmail, but I don’t think so.  First off, as far as I know, you can’t relay through the hotmail SMTP servers and the sender of the email is “customerservice@microsoft.com” (the sender is included in the Received-SPF header which indicates that the “MAIL FROM” header in the SMTP exchange was “customerservice@microsoft.com”.  Secondly the hotmail servers don’t set the X-Mailer header, but this header indicates that it was sent from Outlook 2003.  Instead, I think that the bottom Received: header was forged to throw off people trying to figure out where the email came from.

     

     

    Needless to say, Microsoft will never EVER send a security update to customers by mail, and customers should immediately delete any emails that claim to have security fixes from Microsoft.

  • Larry Osterman's WebLog

    Chrome is fixing the file download bug…

    • 13 Comments

    I just noticed that Ryan Naraine has written that Google’s fixed the file download bug in Chrome.  This is awesome, but there’s one aspect of the fix that concerns me.

    According to the changelog:

    This CL adds prompting for dangerous types of files (executable) when they are automatically downloaded.

    When I read this, my first thought was: “I wonder how they determine if a file is ‘dangerous’?”

    One of the things that we’ve learned over time is that there are relatively few files that aren’t “dangerous”.  Sure there are the obvious files (.exe, .dll, .com, .bat, etc) but there are lots of other file types that can contain executable content.  For instance most word processors and spreadsheets support some form of scripting language, that means that most documents downloaded can contain executable content.

    Even if you ignore the files that contain things that are clearly identifiable as “code”, you’ve still got problems.  After all, just about every single file format out there has had readers who have had bugs that would have allowed remote code execution.

    It’s unfortunate, but given the history of the past couple of years, I can’t see how ANY content that was downloaded from the internet could be considered “safe”.

    IMHO Google’s change is a good start, but I’m worried that that it doesn’t go far enough. 

  • Larry Osterman's WebLog

    PDC 2008, Day Two

    • 13 Comments

    Wow, it’s midnight on day two.  What a day.

    I started the day at the Win7 keynote.  It was amazing how the product was received by our customers – I’m really gratified that people seemed to like what they saw.  You know you’re in a group of geeks when the biggest applause line of the demo was “you can boot off of a VHD”.

    I was in the way back of the auditorium (speakers were asked to hang out in the back to let the guests have the best seats) so I ended up taking pictures of the monitors – sorry about the crappy quality:

    Steven and Julie

    Steven and Julie discuss 7.

    And Windows 7 with the new taskbar:

    Windows 7

    After the keynote I ran into Crispin Cowan and we ended up chatting through lunch all the way to his talk.  I sat through most of his talk and then wandered off (he overflowed his room, which is cool).

    I ended up in the speakers lounge to run over my slides and commentary again.   While I was up there I realized I had a great view of the conference floor:

    The view from the speakers lounge

    I also took a picture of the breakfast area – it brings a new level of perspective on just how large this place really is:

    Lunch seating for 3500

    It was a few minutes after I took this picture that I realized that my cell phone needed to be charged.  So I pulled out my USB cable and prepared to download the drivers for the phone (even though the phone has a USB-B jack for charging, it needs to have a Windows driver installed before it will charge from a PC).  After downloading the driver, I started the install and experienced a sinking feeling in the pit of my stomach.

    The driver refused to install on Windows 7.  I don’t know why, I’m running Windows 7 on my main machine at work and the driver works just fine (that’s why I didn’t worry about the whole charging thing).  So here I was with a cell phone that’s just about out of juice.

    And my demo depends on the fact that I can make cell phone calls during the talk.  If the phone’s out of juice on Tuesday, I’ve got a real problem.

    Fortunately there was a Verizon store about 10 miles away that had a charger for my phone, so after an hour or so to drive the 10 miles to the store (and back) I got a charger.  I’ve got to say that I was pretty terrified for a while there…

    After the excitement of the afternoon I went back to the hotel and showered and changed from my show duds to the PDC party at Universal Studios.  That was a total blast, they’d done up the place with all sorts of scary stuff:

    Universal Studios done up for Halloween

    I love taking night photos – even though I only had a micro-tripod, the view of downtown LA was so neat that I wanted to try to get a picture.  It’s ok (the tripod was balanced on a garbage can on a elevated walkway which was shuddering a bit, but I still like it):

    Los Angeles at night from Universal Studios

    One last nighttime photo, this time from the Jurassic Park ride:

    Jurassic Park the ride

    The mist at the bottom of the photo is actually the ride splashing down – this is a four and a half second exposure, so all you see is the remnants of the boat’s passing. 

    While I was at Universal I chatted with a whole lot of folks, including Scott Guthrie, Scott Hanselman, Scott’s boss Simon, Dave Snipp (ex MSFT) and several other people.  It was pretty fun.

    I then came back to my room, uploaded these (and a few other) photos and wrote this.  And now it’s bedtime :).

     

    Edit: s/Stephen/Steven/ - sorry about that :).

     

  • Larry Osterman's WebLog

    PDC 2008, Day 3

    • 9 Comments

    I got finished late yesterday, so sorry this post is coming so late.

    Yesterday was yet another blast.  I got up, had a “real” breakfast in the hotel buffet (I’m not sure it was actually better than the breakfast at the PDC though :().  Then I headed over to the conference center. 

    I spent most of the morning hanging out in the speakers lounge catching up on email, then I headed down to the floor to talk to attendees in the Win7 Lounge.  It was a great deal of fun, I was astonished at the interest in the sensor platform – the sensor guys were giving out development kits and one guy literally spent the entire 3 hours I was there running back and forth between the sensor booth and their storage closet getting more kits.

     

    I was also really surprised at the excitement around the touch machines.  I honestly didn’t think that touch was that big a deal, but it was clear that there’s a real excitement about the platform.

     

    I also got a chance to chat with Raymond Chen while we were hanging out, which was fun.  I then tried to see his talk, but his first room overflowed and then the overflow room overflowed.  So I left to let a paying customer use my chair.

     

    I ended up spending most of my afternoon wandering around chatting with people and generally keeping busy and then came the “Ask The Experts”.

     

    “Ask The Experts” is the part of the conference where attendees can come in and ask the Microsoft developers any questions they want.

    The attendees arrive:

    Ask The Experts

    The Desktop team answers questions:

    The Desktop Experience Team answers questions

    I was at a table with Frank Biger of the Windows Telemetry team, Crispin Cowan of the UAC team, a couple of folks from the internationalization team.  We fielded a couple of great questions and then the director of development for WEX stopped by and hung out with us for a while.  I’m not sure that the people asking questions realized that the guy answering their questions was the guy who ran the entire development organization in WEX :).

     

    After the A-T-E, I went back to my hotel room, called my cousin Stacy (we’re getting together this afternoon) and chatted with Valorie.

    I then did the final rehearsal of my PDC talk and went to bed.

     

    This morning, I had my tech check (at 7:40 AM :() and now I’m in the speakers lounge chilling until about 11:30 when I’m going to go set up for my 12:00PM talk.

  • Larry Osterman's WebLog

    Engineering 7: A view from the bottom

    • 8 Comments

    About 2 months ago, Steven Sinofsky and Jon DeVaan started the “Engineering Windows 7” blog.  The instant I saw the blog, I wanted to contribute to the blog (because I love writing :)).

    I spent a fair amount of time thinking about what to write about and realized that one thing that wasn’t likely to be discussed was how the actual software engineering process of Windows 7 worked – not the data behind particular features, but how the hard core engineering work was managed.  So I wrote it and submitted it to Steven and Jon.

     

    My article (it’s too long to be considered a “post”) went live on the Engineering 7 blog sometime last night.

     

    Enjoy!

  • Larry Osterman's WebLog

    The common control library sometimes sends an NMCUSTOMDRAW message for the NM_CUSTOMDRAW notification.

    • 7 Comments

    I just fixed a bug in our UI that was caused by a misunderstanding of the API contract for the NM_CUSTOMDRAW handler for some of the common controls.

    On of October 3rd, 2008 The common control documentation for the NM_CUSTOMDRAW message says:

    lpNMCustomDraw
    A pointer to a custom draw-related structure that contains information about the drawing operation. The following list specifies the controls and their associated structures.
    List view
    NMLVCUSTOMDRAW
    ToolTip
    NMTTCUSTOMDRAW
    Tree view
    NMTVCUSTOMDRAW
    Toolbar
    NMTBCUSTOMDRAW
    All other supported controls
    NMCUSTOMDRAW

    While this is correct in general it is NOT true for the CDDS_PREPAINT draw stage.  It turns out that some of the common controls only provide an NMCUSTOMDRAW structure when the drawing logic is in the CDDS_PREPAINT stage. 

    If you look VERY carefully at MSDN, you can find this page which mentions that the first NM_CUSTOMDRAW notification receives an NMCUSTOMDRAW structure and not an NMLVCUSTOMDRAW handler but that’s the only page I was able to find to indicate this.

     

    I’ve notified the relevant documentation folks about this and hopefully the documents will be updated in the future.  You can consider this blog post as a pre-update to the SDK documentation.

  • Larry Osterman's WebLog

    What really happens when you shutdown Windows?

    • 7 Comments

    About a year or so ago, I wrote a post that talked about the Windows shutdown experience.

     

    A couple of the people reading the post asked for more details, and it turns out that the performance folks have just issued this paper which describes (in great detail) what happens during system boot and shutdown.

     

    I skimmed over it before posting and thought it was pretty cool.

  • Larry Osterman's WebLog

    What’s wrong with this code, part 24 – the answer

    • 6 Comments

    In my last post, I included a snippet from an MSDN article written by Kenny Kerr. 

    The snippet was pretty straightforward, but had a subtle bug in it:

    CRect rectangle;
    VERIFY(m_splitButton.GetWindowRect(
        &rectangle));
    
    TPMPARAMS params = { sizeof(TPMPARAMS) };
    params.rcExclude = rectangle;
    
    CMenuHandle menu = m_menu.GetSubMenu(0);
    
    VERIFY(menu.TrackPopupMenuEx(TPM_LEFTBUTTON,
        rectangle.left, rectangle.bottom,
        m_hWnd, &params));

     

    The problem was that on Bidi localized systems the popup menu is located in the wrong location.  The TrackPopupMenuEx API takes screen coordinates for the popup menu and on a LTR system creates the popup window with the top left corner of the window at that screen coordinate.  The problem here is that on an RTL system the top right of the menu is located at the screen coordinates.  The good news is that the fix is relatively simple:

    CRect rectangle;
    VERIFY(m_splitButton.GetWindowRect(
        &rectangle));
    
    TPMPARAMS params = { sizeof(TPMPARAMS) };
    params.rcExclude = rectangle;
    
    CMenuHandle menu = m_menu.GetSubMenu(0);
    
    VERIFY(menu.TrackPopupMenuEx(TPM_LEFTBUTTON,
        ((GetWindowLong(m_hWnd, GWL_EXSTYLE) & WS_EX_LAYOUTRTL) != 0 ? rectangle.right :  rectangle.left), rectangle.bottom,
        m_hWnd, &params));

    Before I posted this blog post, I asked the author (who also commented on the previous post) about it.  His response was:

    As I tried to trim the sample to the bare minimum I didn’t bother with this. You can use GetSystemMetrics to get the proper alignment, but I’m not sure this constitutes a “nasty bug” so you may be after something else.

    IMHO Kenny’s right – code samples are intended to be the bare minimums, there are tons of differences between what you do in a code sample and what you do in production code – support for RTL languages is one of those taxes that get left behind when writing samples.

    The reason I wrote the post wasn’t to pick on Kenny or MSDN magazine.  Instead it was to point out the fact that popup menus tied to UI elements don’t work the way you expect on mirrored builds, leading to subtle display issues.

     

     

    Kudos and mea culpas:

    First off, my phrasing was incorrect – the bug wasn’t “nasty” it was subtle and not at all obvious.

    Kenny’s comment was the first to mention the RTL issue, but to be fair, he and I had exchanged emails last week about this issue so I don’t feel good in giving him the kudos.  Instead I’m going to give it to Ryan who correctly pointed out that the snippet assumes LTR order.

     

    There are some other interesting potential issues like Maciej Rutkowski pointing out that the UI might misbehave at the bottom of the screen (a good point).

  • Larry Osterman's WebLog

    I'm in LA!

    • 3 Comments

    I just got into LA and checked into my hotel for the PDC.  The flight was uneventful, while I was flying down, there was a most amazing sunset (I was in an isle seat so the picture’s kinda blurry – I didn’t have anything to stabilize the shot and it’s a somewhat long exposure):

    PDC 2008 013 Once I got here, I found it was too late to register, that means that I’m going to have to brave the lines tomorrow morning – yech. 

    I’m in the Bonaventure hotel which is quite nice, however the hotel room is annoyingly short of plugs – there are only 2 plugs available in the bedroom, and I’m using both of them for my laptops (I brought two down, one for day-to-day use and the other for the demo during my presentation – my day-to-day laptop acts as a backup  for the demo laptop if it fails) – my camera battery is currently charging in the bathroom.

     

    I’m going to do daily posts of my overall PDC experiences, preferably with pictures as well.

  • Larry Osterman's WebLog

    PDC 2008, Day 1

    • 1 Comments

    Wow, today’s been a long day.  For whatever reason, I woke up at 4 AM and wasn’t able to get back to sleep :(.  On the other hand, I did get this cool picture from outside my window:

    The View From My Window - 6AM at the Westin Bonaventure

    When I got to the convention center I discovered that they were right – this place is absolutely immense.  You really can’t see it from this picture, but this is just one of the eating areas – there’s another on the opposite side of the “big room” that’s equally large:

    The breakfast nook - cozy eating for 3000

    I know I’m going to get my exercise just walking to and from the keynotes :). 

    The other thing I didn’t realize was the amount of ancillary manpower associated with the conference – there was a veritable army of waiters there to clean up after all 6500 of us.  There are also staff people in front of just about every door in the convention center (and that’s a lot of doors) to help direct people.  

    I’m also really impressed with the logistics – the wireless network works flawlessly throughout the convention center and bandwidth appears to be quite reasonable.  My hat’s off to the organizers they’ve done a great job so far.

    Since there was nothing specifically related to Win7 going on today (the Win7 hoopla starts tomorrow), I mostly hung out at the various lounges and worked on my talk a bit – there was a typo in one of my slides I needed to fix, and I wanted to get some of the colors cleaned up in one of my images.  Fortunately the PDC organizers had a crack team of graphic designers who were able to fix up my slides and dramatically improve the look of the offending slide (the rest of the deck looked fine because the graphic designers had already gone over the deck once). 

    Realistically the day was pretty boring.  I stopped in and watched most of the Windows Azure keynote, I’ve got to say that it looks pretty good – I like what Dave Cutler’s done, it looks like a very impressive piece of work.

    Most of my day was spent chatting with attendees (and other Microsoft people).  I finally met Brandon Paddock, who I’ve known for a while on email and we chatted for a bit.  I also ran into the Channel 9 folks and again we chatted.  I also tried (unsuccessfully) to catch up with my email.

    At about 6:30 I finally gave up and headed back to the hotel.  At the hotel, I ran into some folks from DevDiv who were having drinks with Anders, so I kibitzed on their conversation a bit.

    Then I cam back to my hotel room to rehearse my talk and wait for Valorie’s nightly call. I’m really looking forward to tomorrow – I can’t wait for the Win7 keynote :). 

    One final picture – this one’s for Daniel (who loves taking pictures of architectural elements):

    Architectural elements inside the convention center

    PS: I’ve put these and a number of other photos up on Flickr with the pdc2008 tag.

    ETA: One unexpected side bonus of being at the PDC is running into people I've not seen for years.  I ran into a bunch of co-workers I've not seen for a really long time including Dave Snipp (who worked on NT 3.1), David Treadwell and Dave D'Souza.  That was just cool - kinda like old times.

     

Page 1 of 1 (11 items)