Work bit…

My current assignment at work is to code review a component of Office.

code review – To read through every line of source code and examine it for potential security risks.

This is even more boring than it sounds, but everyone has to do this around me as well, so it’s shared misery. Not halved, mind you, but shared.

So I’m currently reviewing a particular ActiveX control, and am looking at it’s WndProc — for the unitiated, it’s the generic Windows function that handles, well, almost everything — it’s the way Windows communicates with components, by passing messages. For more information, cf. Programming Windows 5th Edition by Charles Petzold.

So this particular control goes through and performs a series of checks to determine its current operating condition. It then does absolutely nothing with these checks and always calls the same function.

I’m sure it made sense at some point…

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>