Re: CredUIPromptForCredentials and Stack Overflow under Debugger???
Found it (Release would have probably broken, but in an intermittent
manner). szUsername and szPassword is an In/Out parameter. So the
following change was made. I should have paid better attention to
Howard and LeBlac.
WCHAR szUsername[CREDUI_MAX_USERNAME_LENGTH+1];
WCHAR szPassword[CREDUI_MAX_PASSWORD_LENGTH+1];
// In/Out parameters
ZeroMemory( szUsername, sizeof(szUsername));
ZeroMemory( szPassword, sizeof(szPassword));
On Jun 21, 12:40 am, Jeffrey Walton <noloa...@gmail.com> wrote:
Hi All,
XP Pro fully patched, Visual Studio 2005, 6.1 SDK, MFC Dialog
application
CredUIPromptForCredentials is giving me troubles. It appears to happen
only under the debugger (release is OK). Unfortunately, I still need
the debugger. I seem to have a recursive call with the following co-
conspirators:
* _AfxActivationWndProc
* _CallWindowProc
* _InternalCallWinProc
* CreduiPasswordDialog::CmdLineMessageHandler
* CreduiPasswordDialog::CmdLineMessageHandlerCallback
* _SendMessageWorker
* _DefWindowProc
* _RealWindowProc
* _UserCallWindowProcCheck
* _InternalCallWinProc
**** Repeat ****
I've got to admit that I *do not* understand why a command line
function is called. Is this by design?
The code that follows is nearly identical to Howard and LeBlac's
Writing Secure Code. I've also tried setting credinfo.hwndParent to
CWnd::GetSafeHwnd().
Jeff
CREDUI_INFO credinfo;
ZeroMemory( &credinfo, sizeof(credinfo) );
credinfo.cbSize = sizeof(credinfo);
credinfo.hwndParent = NULL;
credinfo.pszCaptionText = L"Alternate Credentials";
credinfo.pszMessageText = L"Please enter the alternate credentials";
WCHAR szUsername[CREDUI_MAX_USERNAME_LENGTH+1];
WCHAR szPassword[CREDUI_MAX_PASSWORD_LENGTH+1];
__try {
PCWSTR pszTarget = L"Server";
DWORD dwReason = 0;
BOOL bSave = FALSE;
DWORD dwFlags = CREDUI_FLAGS_ALWAYS_SHOW_UI |
CREDUI_FLAGS_GENERIC_CREDENTIALS;
DWORD dwReturn = CredUIPromptForCredentials(
&credinfo, pszTarget, NULL,
dwReason,
szUsername, _countof(szUsername),
szPassword, _countof(szPassword),
&bSave, dwFlags );
if( ERROR_SUCCESS != dwReturn ) {
MessageBox( L"Failed to acquire alternate=
user
credentials",
NULL, MB_ICONERROR );
return;
}
// Use username and password
...}
__finally {
SecureZeroMemory( szUsername, sizeof(szUsername));
SecureZeroMemory( szPassword, sizeof(szPassword));
}