none
WaitHandle.Handle versus SafeWaitHandle.DangerousGetHandle() RRS feed

  • Question

  • I have a question, is it equivalent to use SafeWaitHandle.DangerousGetHandle() in place of WaitHandle.Handle ?
    Or I must write more code in the case I use SafeWaitHandle.DangerousGetHandle() ?

    I'm using obsolete WaitHandle.Handle because I need an old handle as IntPtr. 

    Thank You for Your help.

    Michal
    (I'm using VS2008 VB)
    Wednesday, August 13, 2008 12:07 PM

Answers

  • The WaitHandle.Handle property getter uses SafeWaitHandle.DangerousGetHandle() internally.  MSFT makes you deal with this nonsense because there's a potential security problem with their code that they can't fix, the handle recycle attack problem.  What exactly you are supposed to do about it when MSFT can't fix it is an open question.  Just avoid getting yourself in a situation where you are using the raw handle value in a case where the handle might have been released.  That's not hard, don't store the raw handle value.  Naming the method "TemporaryGetHandle()" would have made it a lot clearer.
    Hans Passant.
    • Marked as answer by Zhi-Xin Ye Monday, August 18, 2008 10:32 AM
    Friday, August 15, 2008 10:11 AM
    Moderator
  • DangerousGetHandle is the non-obsolete substitute for Handle.

    Be sure to read http://msdn.microsoft.com/en-us/library/system.runtime.interopservices.safehandle.dangerousgethandle.aspx before using.
    • Marked as answer by Zhi-Xin Ye Monday, August 18, 2008 10:32 AM
    Thursday, August 14, 2008 12:21 AM

All replies

  • DangerousGetHandle is the non-obsolete substitute for Handle.

    Be sure to read http://msdn.microsoft.com/en-us/library/system.runtime.interopservices.safehandle.dangerousgethandle.aspx before using.
    • Marked as answer by Zhi-Xin Ye Monday, August 18, 2008 10:32 AM
    Thursday, August 14, 2008 12:21 AM
  • The WaitHandle.Handle property getter uses SafeWaitHandle.DangerousGetHandle() internally.  MSFT makes you deal with this nonsense because there's a potential security problem with their code that they can't fix, the handle recycle attack problem.  What exactly you are supposed to do about it when MSFT can't fix it is an open question.  Just avoid getting yourself in a situation where you are using the raw handle value in a case where the handle might have been released.  That's not hard, don't store the raw handle value.  Naming the method "TemporaryGetHandle()" would have made it a lot clearer.
    Hans Passant.
    • Marked as answer by Zhi-Xin Ye Monday, August 18, 2008 10:32 AM
    Friday, August 15, 2008 10:11 AM
    Moderator