Critical Section and Vista Compatibility

There have been a number of questions raised about why ChangeBASE currently does not analyze applications for Critical Section security issues. Referencing the Windows 3.1 Windows Logo certification program and Microsoft's developer handbook, "Critical Section" changes under Vista include the following recommendations;

"Developer Code should always;
Should always initialize critical sections.
Should not read into undocumented objects. Applications that read into the undocumented structures to assess the status of a critical section will most likely break if they are looking for uninitialized and freed critical sections.
Should prevent starvation. Applications that call Sleep while holding the critical section lock now can cause starvation for other threads that need the lock. Sleep calls should be placed after the LeaveCriticalSection call."

To analyze specific Critical Section thread synchronization references (i.e. InitializeCriticalSectionAndSpinCount or EnterCriticalSection ) you must be able to determine the process flow or the logic flow of the software under analysis. And to this, you must run the software and walk through the desired functionality. It is possible to examine file and COM object headers for these types of functions. However, this will generate a significant "over-reporting" issue without actually producing useful information on whether the identified Critical Section functions may cause a problem.

Given that, the impact of this issue is slightly reduced performance issues on multi-threaded applications and the probability of an adverse impact is extremely low, ChangeBASE is currently not including the Critical Section analysis in the Platform Integrity plugin pack.

Further Information on Critical Section code changes can be found at:
http://msdn2.microsoft.com/en-us/library/ms682530.aspx