none
Vista Blue Screen w/ CBT hook. BUG!

    General discussion

  • Just came across this while developing something on vista 32bit rtm(6000) Using SetWindowHookExW to create a hook w/ the WH_CBT type.

    Then in the hook callback,  when the nCode is HCBT_CREATEWND, cast the lParam to a LPCBT_CREATEWNDW.  Set the hwndInsertAfter of the member  of the LPCBT_CREATEWNDW to HWND_TOPMOST,  and return.  The system will crash,  a blue screen w/ no info is displayed.  You get a critical shutdown message next time you reboot.

    ode is something like this..

    g_hHook = SetWindowsHookExW(WH_CBT, CbtFilterHookW, NULL, GetCurrentThreadId());

     

    LRESULT CALLBACK CbtFilterHookW( int nCode, WPARAM wParam, LPARAM lParam )

    {

    if (nCode == HCBT_CREATEWND)

    {

    LPCBT_CREATEWNDW pCbt = ((LPCBT_CREATEWNDW)lParam);

    pCbt->hwndInsertAfter = HWND_TOPMOST;

    }

    return CallNextHookEx(g_hHook, nCode, wParam, lParam);

    }

    .......

     

    It seems that hwndInsterAfter is not validated.

    Wednesday, January 17, 2007 6:31 PM