Application Security Testing: An Integral Part of DevOps
The main purpose of this project is to minimise the amount of memory and handles a program uses during its lifetime, thus giving the operating system an easy time.
In order to do this a process must be created which will watch for the thread handles becoming redundant and then calling CloseHandle upon them. This means that the DLL will actually create a separate thread which will perform some work and at some time in the future will exit and not close its handle. This can be catered for in two ways, 1) Do nothing and let the OS tidy up this one stray, or 2) expose a function to the owner of the Dll which will allow the thread to be closed gracefully and close the handle, thus releasing all memory and handles used by this extra thread. Either of the above methods can be used, but the more exceptable is the later.
Pseudo CodeCareTaker functionality
When the object is created :- Initialise the AddEvent to manual mode, and, Set the KeepGoing flag to true. The Mutex is created with the version string. When checking for the validity of the CareTaker object check for :- If the object pointer is NULL, and, If the Object has a valid sized address space allocated. To Add a Thread handle to the CareTakers list :- Create a new handle definition object, and, Create a thread access lock, place on the end of a list, Release the locking mechanism, Pulse the event to check its status of the other handles. When checking for Closure of a thread handle :- Create a thread access locking mechanism For each Handle definition in the CareTakers list, Check the Exit code status for a valid closure code, If the Code is not still active then, Remove the Handle object from the list Call CloseHandle on the Thread handle, Delete the memory allocated to the Thread Handle definition object. Unlock the thread access lock. The CareTaker Process :- The first thing the process for the CareTaker does is to lower the priority of the thread that it owns to perform the tidying up. It then creates the actual CareTaker object to perform the list holding. While the flag to KeepRunning is true the AddEvent is pulsed every 500 MilliSecs to CloseThreadHandles.Thread Manager Class
To create a ThreadManager Pass the start address of routine that begins execution of new thread, [ this would have been declared as UINT APIPRIVATE A_Thread_Function( PVOID pvThreadData ), and a LPVOID pParam ( cannot be NULL) ] Create a CareTaker if it is not valid. Create a the processing thread for the function passed in a suspended state, and, add the thread handle to this new ThreadManager object for external use Add the new Thread handle to the CareTaker. It things failed for t he CareTaker then throw an assert. How to start the ThreadManager Call ::ResumeThread to make the thread for the function passed perform some work.
Functional FlowThis will be done from the viewpoint of a test program to demonstrate the functionality of the code.
Download project 46K
Posted : March 12, 98