Copying string to buffer provided by WM_GETTEXT RRS feed

  • Question

  • Hello,

    I'm trying to write my own "secure" text box control. So I've inherited from TextBox and am overriding WndProc(), so that on WM_GETTEXT I return the content of the control, or random data in case that it is in "secure" mode. This message won't be passed to the base class. The other alternative is to figure out how to determine if another process is sending the WM_GETTEXT and to return random data, similar to what I've seen on the net on how Windows NT does this for password protection.

    To do this, I have my own private variable for the string. I can't seem to figure out how to efficiently copy the content of the string into m.LParam which doesn't exceed length m.WParam. In C I'd do a strncpy and set the last byte to zero to prevent overflow. But the managed world is more complicated than that. Ideally I'd hope for a function that can copy direct to the buffer provided without intermediate buffers.

    I assume I need to use Marshal.StringToHGlobalAuto(m_Text);, but I'm not sure how to copy to m.LParam and set the last byte to 0x0000 (or 0x00 if Ansi), and take into account the differences for Ansi/Unicode. And this also creates temporary buffers inbetween that I don't believe is really necessary.


    Saturday, February 26, 2011 6:17 PM

All replies

  • Maybe I'm misunderstanding you but in secure mode, why don't you just return 0 and not copy any data to the buffer?


    Saturday, February 26, 2011 7:48 PM
  • That is the goal indeed. However, it should be programmable (like the password mode). When secure mode is disabled, I'll need to copy the data into the buffer provided. There are about 6 different WM_* messages I'll need to deal with.

    This is more of an Interop question - how do I copy a string to a user provided buffer given by m.LParam, so that it doesn't exceed m.WParam bytes, and that is NUL terminated?


    Sunday, February 27, 2011 8:41 AM
  • Since the buffer is allocated by the caller I'm not sure how to do it efficiently without using an unsafe code block.  Marshal.StringToHGlobalAuto won't help...it allocates a new buffer.  I'd be interested to see if someone else posts a solution which doesn't require unsafe code...

    Sorry I could not be of more help.


    Sunday, February 27, 2011 7:45 PM
  • Since you are deriving from Textbox, which already handles this, if the secure mode is disabled, allow the original window procedure to handle the message.  As simple as that.
    Sunday, February 27, 2011 9:07 PM
  • I should have included that tidbit in my first reply...I just assumed he knew that :)

    So yes, in non-secure mode returning DefWindowProc(hwnd, uMsg, wParam, lParam) will ensure that the TextBox goes back to its normal behavior.


    Sunday, February 27, 2011 10:07 PM
  • Hmm, I reread my other requirements, and thought I needed to do the same for WM_CUT, by sending WM_SETTEXT without actually allowing anything to be copied on the clipboard. But that isn't true. So yes, I could let the message pass to the base class and this would be the most efficient method (as is already done before I start).

    Some implementations however give back random text in secure mode, and I'd still like to hear from the community if there is an efficient way with interop to write in a user supplied buffer a NUL terminated string without exceeding its length. This is something that I've commonly done with C, but I can't find a good solution in C#. I'd like not to revert to writing a separate C DLL just to do this.

    Thanks for the feedback so far,

    Tuesday, March 1, 2011 8:27 AM