Application Security Testing: An Integral Part of DevOps
This article describes a simple technique to share data across multiple processes running on the same machine using the Running Object Table (ROT from here on).
You must have come across scenarios where you need to share data across multiple applications quite often. Various approaches are available to share data:
- Using memory mapped files.
- DDE and so on.
To avoid this headache, I have come upon a pretty simple approach to sharing data. Basically, what this entails is that each process, when launched, creates a single instance of a common component, ICommHelper, and adds this interface with the ROT using a Server Name prefixed with a filter (a hard coded string). I prompt the user for a server name; you would probably need to come up with an algorithmto generate the Server Name based on the application name, instance handle, process ID, server that the user has logged in to (if it is a client/server app), as a moniker. The ICommHelper interface provides methods to add and remove itself from the ROT.
The AppViewer process can enumerate the ICommHelper interfaces present in the ROT using the prefixed filter, and from this can get the Server name of the SampleServer process. So, the user can enumerate the SampleServer instances running on the machine. If the user wants to send data from the AppViewer (to any SampleServer) process, the AppViewer process queries the ROT to retrieve the ICommHelper interface pointer registered by the selected SampleServer application.
Once the ICommHelper interface is retrieved, the AppViewer can invoke the SendData method to transfer data to the selected SampleServer process. (The action to be performed by the SampleServer application, which will need to be modified as per your requirements, of course. This can be done synchronously or asynchronously.)
And voilà—your data has been transferred!
And, whenever the target application shuts down, the IRProcComm interface will need to be removed from the ROT.
Source Code Layout
- IPCHelper—DLL that hosts the COM Component IProcComm.
- TargetApp—MFC Dialog application that creates an instance of IProcComm and registers it with the ROT.
- SourceApp—MFC Dialog application that retrieves the IProcComm interface from the ROT and invokes the SendData method.