WinDbg internal release with CLR support

Posted on December 11, 2008. Filed under: Debugging, Tools | Tags: |

As explained by Volker von Einem here, WinDbg 6.70.05.0 is special in the sense it has CLR debugging support. Microsoft erred and released this version which is actually internal release. It is not available for download anymore and those who have kept copies are lucky. Worst still, MS never intends to release this CLR support in the foreseeable future.

Just in case if you are that unlucky one and have not got 6.70.05.0 version with you, I digged out a link which seems to work:

hxxp://cert.sjtu.edu.cn/download/mdt/dbg_x86_6.7.05.0.exe

I need to get MD5 hash from Volker since he has original one from MS. I’ll then update this post just to make sure Chinese website has not modified it in anyway.

Read Full Post | Make a Comment ( 11 so far )

WinDbg New Release 6.10.3.233

Posted on November 23, 2008. Filed under: Debugging | Tags: |

WHDC site announced new WinDbg release 6.10.3.233

http://msdl.microsoft.com/download/symbols/debuggers/dbg_x86_6.10.3.233.msi

Read Full Post | Make a Comment ( 4 so far )

IGroupPolicyObject::New will fail if thread is impersonating or identity or delegation

Posted on November 18, 2008. Filed under: Debugging, Woes | Tags: , |

I had the chance to debug into CGroupPolicyObject::New method in GPEdit.dll since the call is failing.

My finding is that if a thread’s Security Impersonation Level is anything other than Anonymous, the call will fail.

SecurityAnonymous, SecurityIdentification,
  SecurityImpersonation,
  SecurityDelegation

The reason is that the code in this method is as follows ( this is my code guessed from disassembly):

HTOKEN hToken = NULL;

OpenThreadToken(GetCurrentThread(),TOKEN_DUPLICATE,TRUE,&hToken);

CGroupPolicyObject::EnableSecurityPriv();

SetThreadToken(0,hToken);

You see, they are opening the token without TOKEN_IMPERSONATE flag and SetThreadToken will throw error if this flas is not used in the access token. Reason why it works for anonymous level is OpenThreadToken fails and sets hToken to NULL. And the resulting call is SetThreadToken(0,NULL) which will succeed. See SetThreadToken() in MSDN.

Tool used: WinDbg

Read Full Post | Make a Comment ( 5 so far )

Liked it here?
Why not try sites on the blogroll...