Fixing problems with FindActCtxSectionString in MFC security updates

EDIT – June 18th, 2011 – the below blog entry is out of date – click here for up to date information.

In this blog entry I attempt to fix 3 of the problems associated with FindActCtxSectionString in a statically linked application (2005 and 2008). What I’m going to do is override the appcore.cpp that gets included in every static app with one that we’ll include in our app (again, like the last blog, no editing of the included file is necessary, which is a good thing because if there any updates you’ll get them by rebuilding)

1) Open up your stdafx.cpp file in your project (a statically linked MFC project)
2) Paste the following code after the include:

#undef FindActCtxSectionString
#define FindActCtxSectionString MyFindActCtxSectionString

#ifdef _UNICODE
#define _FINDACTCTXSECTIONSTRING "FindActCtxSectionStringW"
#else
#define _FINDACTCTXSECTIONSTRING "FindActCtxSectionStringA"
#endif

typedef BOOL (WINAPI * PFN_FINDAC)(DWORD dwFlags, const GUID *lpExtensionGuid,ULONG ulSectionId,LPCTSTR lpStringToFind,PACTCTX_SECTION_KEYED_DATA ReturnedData);

BOOL WINAPI MyFindActCtxSectionString(
     DWORD dwFlags,
     const GUID *lpExtensionGuid,
     ULONG ulSectionId,
     LPCTSTR lpStringToFind,
     PACTCTX_SECTION_KEYED_DATA ReturnedData)
{
	// Bug #1 - Windows 2000 
	PFN_FINDAC pfnFindActCtxSectionString =NULL;
	{
		HINSTANCE hKernel32 = GetModuleHandle(_T("kernel32.dll"));
		if (hKernel32 == NULL) 
		{
			return FALSE;
		}

		pfnFindActCtxSectionString = (PFN_FINDAC) GetProcAddress(hKernel32, _FINDACTCTXSECTIONSTRING);

		if (pfnFindActCtxSectionString == NULL) 
		{
			/* pre-fusion OS, so no more checking.*/
			return FALSE;
		}
	}
	
	ReturnedData->cbSize = sizeof(ACTCTX_SECTION_KEYED_DATA); // Bug #2 - missing cbSize initializer 
	return pfnFindActCtxSectionString(/* dwFlags */ 0,  // Bug #3 memory leak - pass in zero as return handle not freed
		lpExtensionGuid, ulSectionId, lpStringToFind, ReturnedData);
}

#include "..\src\mfc\appcore.cpp"

3) rebuild your app

Now, you get the following benefits
1) Successful running under Windows 2000
2) Properly initialized cbSize (see previous blog discussion)
3) Memory leak fix (passing in first parameter leaks a context handle)

About these ads

About tedwvc
On this blog you'll find some tips and tricks for dealing with Visual C++ issues.

10 Responses to Fixing problems with FindActCtxSectionString in MFC security updates

  1. Guy says:

    Tried your solution, but could not compile appcore.cpp due to includes in the file: it uses a Vista WINVER, and several other issues that prevented it from compiling.

    Finally, I copied the whole file without the three #include into my source, and then added the minimal includes necessary for it to compile. That fixed the issue for me.

    • tedwvc says:

      Hi Guy, thanks for the feedback. I should have mentioned, under 2005, there are warnings with WINVER and _WIN32_WINNT but they don’t prevent the compilation (unless you have warnings as errors turned on). But your solution is a valid one as well.

      • Guy says:

        Oh, I forgot to mention I used Visual Studio 2010 with v90 (that is, compiling with the 2008 toolset). This is probably why I had to use a different method.

        I also forgot to thank you – without your post, it would have been much harder to find a fix for this issue; it seems that Microsoft is really set against compiling any new software for Windows 2000…

      • Guy says:

        In case someone else needs the fix for 2008/2010, here’s what we did:
        1. Copy the contents of appcore.cpp into stdafx.cpp
        2. Remove the 3 #includes from the top
        3. Use the following definitions before adding the fix in the post:

        #ifndef HRAWINPUT
        DECLARE_HANDLE(HRAWINPUT);
        #endif

        #include
        #include

        #ifndef ACTIVATION_CONTEXT_SECTION_DLL_REDIRECTION
        #define ACTIVATION_CONTEXT_SECTION_DLL_REDIRECTION (2)
        #endif

      • tedwvc says:

        Hi Guy thanks for the clarification, just let me know the missing 2 includes that didn’t come in through your comment, and i’ll re-edit the response. Also with VC2008SP1 (not VC2010+v90) it seems to work in the original way I described, so thanks for testing your particular combination as well.

  2. Andrew Rossmann says:

    Is there any way to get an existing program that you cannot compile to work after this update? Even uninstalling the fix doesn’t seem to help.

  3. Andrew Rossmann says:

    I think I have found the workaround. Even uninstalling the Microsoft patch doesn’t restore the old MFC files. Another link I found shows where the old files are stored in WINSXS and you can restore them into SYSTEM32. I think that has fixed the problem I was having with a Win2K computer and a version of the Sonicwall client.

  4. Pingback: MS11-025 の影響? « Iwao Alles

  5. bclz says:

    这个方法工作良好,谢谢!
    This method works well, thank you!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: