Starting with VS2005(VC8) it was not possible to handle all exceptions in process. I have discussed this in “SetUnhandledExceptionFilter” and VC8 and in Unhandled exceptions in VC8 and above… for x86 and x64.

It seemms that the code I posted had been used in many Projects to handle all exceptions and to write a minidump in that case. Also someone has used it in a VB6 application and for this he needed to implement this function in a separate “CrashHandler.dll”. But now he got errors during the shutdown of the VB6 application. It seems that VB6 unloads the DLL before other DLLs and it seems that some other DLL is calling “SetUnhandledExceptionFilter” during shutown. This now leads to trouble, because the DLL is already unloaded.

Now I created a better and cleaner implementation for the “PreventSetUnhandledExceptionFilter” function, which also works in any situation, even if the DLL was unloaded

static BOOL PreventSetUnhandledExceptionFilter()
{
  HMODULE hKernel32 = LoadLibrary(_T("kernel32.dll"));
  if (hKernel32 == NULL) return FALSE;
  void *pOrgEntry = GetProcAddress(hKernel32, "SetUnhandledExceptionFilter");
  if (pOrgEntry == NULL) return FALSE;

#ifdef _M_IX86
  // Code for x86:
  // 33 C0                xor         eax,eax  
  // C2 04 00             ret         4 
  unsigned char szExecute[] = { 0x33, 0xC0, 0xC2, 0x04, 0x00 };
#elif _M_X64
  // 33 C0                xor         eax,eax 
  // C3                   ret  
  unsigned char szExecute[] = { 0x33, 0xC0, 0xC3 };
#else
#error "The following code only works for x86 and x64!"
#endif

  SIZE_T bytesWritten = 0;
  BOOL bRet = WriteProcessMemory(GetCurrentProcess(),
    pOrgEntry, szExecute, sizeof(szExecute), &bytesWritten);
  return bRet;
}

If you convert a project from VC5/6/2002/2003/2005/2008 to VC2010, you will sometimes get an warning during the conversion (UpgradeLog.XML) and during the link phase os your build. This warning might look like:

1>...Microsoft.CppBuild.targets(990,5): warning MSB8012: 
  TargetPath(...LeakFinder_VC9.exe) does not match the Linker's OutputFile property value (...LeakFinder.exe). 
  This may cause your project to build incorrectly. To correct this, please make sure that $(OutDir), $(TargetName) and $(TargetExt) property values match the value specified in %(Link.OutputFile).

or

1>...Microsoft.CppBuild.targets(992,5): warning MSB8012: 
  TargetName(LeakFinder_VC9) does not match the Linker's OutputFile property value (LeakFinder). 
  This may cause your project to build incorrectly. To correct this, please make sure that $(OutDir), $(TargetName) and $(TargetExt) property values match the value specified in %(Link.OutputFile).

The problem is, that the following two settings are not identical (Target Name, Target Extension):

and (Output File):

If you match those two, the warning will be gone

For example, if you have named your EXE in Debug-Builds: “MyAppd.exe” and in Release-Builds “MyApp.exe”, I suggest that your only change the “Target Name” in the General-Page to “MyAppd” (for Debug) and “MyApp” (Release) or ($(ProjectName) if it is the same name as the project).
Then you must also change the “Linker | General | Output File” to the default setting: “” or “$(OutDir)$(TargetName)$(TargetExt)”. This setting is always suggested!

If you want to change the output directory, you should the the “General | Output Directory” setting.

More info about this conversion problem can be found here:
Visual Studio 2010 – $(TargetName) macro
Visual Studio 2010 C++ Project Upgrade Guide

If you have installed VS2008 and/or VS2010 (full), you will notice that OleView is not installed!
The product team decided to remove this utility from the tools-folder.

But you the source-code is still available! You can find it under

C:\\Program Files (x86)\\Microsoft Visual Studio 10.0\\Samples\\1033\\VC2010Samples.zip

Extract the files and build (the release version of)

C++\\MFC\\ole\\oleview\\oleview.sln

Then you have the two files: oleview.exe and iviewers.dll

Also, the same problem is with the OLE-Test Container (tstcon). This application can also be found in the samples.
See also: ActiveX Test Container Application is Still Available

Here is now the offical statement for the supported runtime OS:

• Windows XP with SP2 and later
• Windows Server 2003 with SP1 and later
• Windows Vista RTM an later
• Windows Server 2008 RTM and later
• Windows 7 and later

This restrictions comes from a security desicion to have a hard dependency on EncodePointer, which is only available in the above OSes.

For more info see: Visual Studio 2010: Windows Platforms (CRT)

If you want to give feedback for VC++ for the next version of VS (after VS2010), you can fill out the VC++ product team survey:
http://blogs.msdn.com/vcblog/archive/2010/03/22/vc-developer-survey.aspx

Yesterday a new release of “Debugging Tools For Windows” was released. Until now, it was possible to download the package as a single download of about 17 MB in size.

Starting with the new release, it seems that the Debugging Tools For Windows is now integrated in the WDK which means to download a 620 MB file.

Also it seems so, that the WDK does not install the Debugging Tools For Windows, it just installs a link to the setup…
So the question is: Why not provide the setup as a separate download as in previous version?

Here is a quote from the Debugging Tools For Windows download page:

This current version of Debugging Tools for Windows is available as part of the Windows Driver Kit (WDK). To download the WDK and install Debugging Tools for Windows:
1. Download and install the WDK.
2. Find the debugging tools link for Windows x86 version on the screen that appears and click to install the debuggers to a location of your choice.
3. After the installation is complete, you can find the debugger shortcuts by clicking Start, pointing to All Programs, and then pointing to Debugging Tools for Windows.

Conclusion: We will never understand marketing…

The Shim database is a mystic area inside windows… For example it will display an UAC (admin) prompt if your application-name contains the word “*instal*”.
You can display all available shims with the Application Compatibility Administrator by using the /x command line switch.
Also there is a tool from Heath Steward which dumps the database into an XML file.
Of course, he failed to prvide the source-code of his sample project.
Also, Alex Ionescu wrote a small dump tool, but also has never published it…

So I decided to dig into this almost not documented world and write a small Shim-Dumper and Exe-matching tool (whitch source code ).

Shim Database Tool (sdb) v1.0
Copyright (C) 2010 Jochen Kalmbach

Usage:  sdb.exe [-noids] [-match] [PathToShimDatabse] [PathToFileName]
 -noids  Will prevent the output of the TagIds
 -match  Will match the provided file with the installed databases
         and displays the activated shims
         In this case 'PathToFileName' is required

NOTE: If no shim database path is provided,
      the default database will be used.

You can use it either for dumping the shimdatabase like:

sdb.exe >ShimDatabase.xml

This will redirect the output to an xml-file and will look something like:

  
   setup32.exe
   WordPerfect Office 2000
   Corel
   
   
   
   
    *
    Corel Corporation
    Corel Setup Wizard
   
   
    programs\wpwin9.exe
    Corel Corporation Limited
    WordPerfect® 9
   
   
    appman\tools\cset90.exe
   
   
    WinXPSP1VersionLie
    0x284e0
    
     
     $
    
    
     *
    
   
  

(be aware: the current Win7 database is about 17 MB!)

You also can use this tool to find out, if an application has a shim applied:

C:>sdb -match MyInstaller.exe
Shim found for file: MyInstaller.exe
Flags: 0x0:
Exe-Shim: 0x35472, Flags: 0x0:
Layer-Flags: 0x0:
Shim-Database: 11111111-1111-1111-1111111111111111

Currently it just displays the TagId of the Shim. You can use this to search the xml-file for the corresponding id.

Have fun, using this tool

The project (VS2008) can be found here:
http://blog.kalmbachnet.de/files/sdb_v1.zip
It will compile for x86 and x64.

If you upgrade from VC6 to VC2008, then your project will automatically converted to the new format.
As a side-effect, it will also default to the new exception handling which breaks compatibilty to VC6.

Therefor this post

In VC6, by default the “/EHa” exception model ist activ.
In VC200x and later, by default, the “/EHsc” exception model is active. This means that if you did not explicit specify the “/EHa” model, you will now automatically use the “/EHsc” model, which only catches C++ exceptions!

For example, the following code will work as expected and will crash in VS2008:

#include 
#include 

int _tmain()
{
  try
  {
    printf("Now doing an AV...\n");
    char *c = NULL;
    strcpy(c, "Hello");
    printf(c);
  }
  catch(...)
  {
    printf("Catched....");
  }
}

So be aware, that if you rely on asynchonus exceptions, you need to switch the expetion model in the C/C++ project settings under “Code generation | Enabled C++ Exceptions: Yes with SEH Exceptions (/EHa)“

If you start an custom install program which is not digital signed, then Vista and later (at least Win7RC1) warns you, that your installer is not digital signed and “do you really wnt to do that”…

This feature is implemented with an shim (in a separate article I will explain shims later).
In short it works like: if an application is started, it checks the shim-database (in general %SYSTEMROOT%\AppPath\sysmain.sdb) if this application matches specific conditions.

For “Installer detection”, there are several conditons. Here is a list, what is checked (Vista and Win7RC1):

• Productname contains “*instal*” or “*setup*” or “*update*”
• Companyname contains “*instal*” or “*setup*” or “*update*”
• Internalname contains “*instal*” and app is not named “TrustedInstaller.exe”
• Originalfilename contains “*instal*” and app is not named “TrustedInstaller.exe”
• Filedescription contains “*instal*” and app is not named “TrustedInstaller.exe”
• Filename contains “*instal*” and is not named “TrustedInstaller.exe”
• Exportname contains “setup.exe” or “install.exe” or “stub32″ or “stub32.exe” or “signstub.exe”
• Filename contains “*patch*” or “*setup*” or “*uninst*” or “*update*” or “lhaca*.exe”
• Filedescription contains “*instal*” or “*setup*” or “*update*” or “*uninst*”
• Originalfilename contains “*setup*” or “*update*”
• Originalfilename contains “*setup*” or “*update*”

What is the conclusion: If you want to prevent the message box, just name your installer “TrustedInstaller.exe”

You can simple test this by renaming any EXE to “abcinstaldef.exe” and try to execute it and the rename it to “TrustedInstaller.exe”

On the other hand: Never name your app anything of the above!