Re: Which process posts this window message ?
"Joseph M. Newcomer" <newcomer@flounder.com> wrote in message
news:1lt1i5hlg4g43dut7fk69hgkmeapv41koe@4ax.com...
I can imagine some very complicated, fragile, and potentially very
dangerous mechanisms
for detecting this, but they would involve DLL injection which would then
"hook" (but not
in the legitimage SetWindowsHookEx) all SendMessage/PostMessage/etc. calls
and if one of
them was targeted to a function in a forbidden app, doing something to
return immediately
to the caller. The real risk here is if there were any change whatsoever
to the
mechanisms you were running roughshod over (say, a drive-by update), then
every program on
the system would cease working. Not A Place You Want To Be.
I wouldn't deploy it, but API hooking is a great way of debugging who the
heck posted the unwanted message. I've done this and saved the client many
hours of billable time in addition to a large portion of my hair! ;)
Windows apps should be architected so they can withstand windows messages
from anyone. If it is important to validate the sender, a private mechanism
must be used between the sender and the app. For example, if you don't want
another app to post WM_CLOSE to your window so that your app terminates,
don't terminate when WM_CLOSE (or any other Windows message you can't
defend) is received.
For example, one of my apps only terminates when a second instance is
launched with a "/kill" command-line switch specified, the second instance
then knows how to kill the first instance.
-- David