Does This Scare You?
eryk sun
eryksun at gmail.com
Thu Sep 8 10:07:02 EDT 2016
On Thu, Sep 8, 2016 at 1:30 AM, Lawrence D’Oliveiro
<lawrencedo99 at gmail.com> wrote:
> On Monday, August 22, 2016 at 4:18:39 PM UTC+12, eryk sun wrote:
>> It would help to consult a reverse-engineered implementation of
>> RtlGetFullPathName_Ustr and RtlIsDosDeviceName_Ustr. I'll check the
>> ReactOS source code.
>
> <https://googleprojectzero.blogspot.co.nz/2016/02/the-definitive-guide-on-win32-to-nt.html>
> might also be useful (found from
> <http://www.theregister.co.uk/2016/03/01/windows_path_hacks/>).
I posted a comment there about a month and a half ago with a couple of
corrections. But at the time I wasn't concerned about the section on
legacy DOS device names. The author only tested on 8.1 and 10, so the
description of DOS device behavior is incomplete -- especially
concerning the way Windows Vista/7 handle CON, CONIN$, and CONOUT$.
For example, "CONOUT$" gets redirected to the console, but not
"C:\Temp\CONOUT$" or "\\.\CONOUT$" even though the last two path
strings start with "C" and "\", which satisfies the speed hack used by
BaseIsThisAConsoleName. The difference is that, prior to Windows 8,
RtlIsDosDeviceName_U doesn't look for "CONIN$" or "CONOUT$", yet
BaseIsThisAConsoleName relies on RtlIsDosDeviceName_U to find the
offset to the device name. Thus it can only redirect an exact match
for "CONIN$" and "CONOUT$".
More information about the Python-list
mailing list