Application Security Testing: An Integral Part of DevOps
OverviewFrom my experimence, it's always a pain to implement sink interface with MFC wizard. But ATL is much more straightforward and easy to do the same job. Thanks to the new VC++ 6.0 wizard, we can add ATL to MFC project now. So we can implement the sink interface using ATL way. I would like to share my experimence a little tricky thing I figure out with you. Don't use the wizard class wrapper generated class, bypassing it and hook up with server by yourself, you can pass a HDC, HWND or other window handle to the ATL server. If you used MFC wizard class wrapper, normally it gernerates an error message in its automatically generated header file: not emitted because of invalid return type or parameter type.
Here are my procedures:
- Create a ActiveX with ATL(Clicker) which expose the connection interface
_IClickItEvents and three event functions: OnCtrlMouseMove(long x, long y),
OnCtrlMouseClick(long x, long y), OnCtrlError(BSTR errorMsg).
An incoming interface was created as well. Which expose functions: SetMode(int 0),
- Create a MFC dialog based application(ClickerClient) project. Right click the
project name in the class view window and choose "new ATL object", then
choose "Add ATL support". There will be an error message box show up, just
ignore it. Draw an Clicker activeX on the dialog in the resource file.
- Include the Clicker.h and Clicker_i.c to you dialog cpp file. Don't use the Wizard
generated class CClickIt, use following code find the IUnknow and IClicker of your
IClickIt* spclicker; IUnknown* pUnk = GetDlgItem(IDC_CLICKIT)->GetControlUnknown(); pUnk->QueryInterface(IID_IClickIt, (void**) &spclicker));
- Create a ATL message event handler class like you did in the ATL client project.
- Create an instance of message event handler in the InitDialog() and Advise the
server connection point there.
- Unadvise the server connection point and delete the message handler object in
- Try pass a HDC to the server interface function PaintOverlay(HDC* pHDC). Server will paint a rectangle on you DC.