Hey Joakim, JS> services f.ex. want to handle a crash or termination nicely by handling and JS> emptying JS> all log data for example.. this could be done using the same techniques as JS> in unix environments.. JS> refering to signal(SIGTERM, sh) function and the handler.. I don't think JS> it's possible JS> to get SIGTERM messages or SIGABRT messages as window messages.. abnormal JS> termination messages etc.. My "guess" is that many services (w3svc, sql JS> server etc..) are JS> using exactly the same way of handling (un-expected program terminations JS> etc..) as unix is? JS> Am I right? Or is there another way of doing this in win32? Hrmm...services do register indivdual handlers for certain control messages that can be sent to the service: http://msdn.microsoft.com/library/psdk/winbase/services_3smw.htm Now the main point with a possible exploitation here is that AFAIK most (if not all) Win32 API functions are more or less multi-threading safe. A situation like Michael described where you can get two path's of execution racing to a malloc should not lead to any problems under NT as the RtlAllocateHeap() functions are designed to be reentrant and multithreading-safe. Nonetheless it would be interesting to see if a double execution of the same handler can be achieved by rapidly sending two control requests to a service... Cheers, dullienat_private
This archive was generated by hypermail 2b30 : Thu May 31 2001 - 11:25:58 PDT