Steven Edwards wrote:
--- Alex Ionescu ionucu@videotron.ca wrote:
require a real-world application. Of COURSE there is one...or else why would the API be exported? Sure, there might be only three applications
A real world application that is not part of Windows. If you can find a real world application that is not part of Windows or made by Microsoft and NOT called a OS COMPONATE and makes use of advapi32.SystemFunction* or setupapi.stringtable* then I will agree.
Flawed reasoning. Here are some reasons:
Even if only an Windows DLL uses the function, it implies that the Windows DLL needs that functionality. It's also highly likely that DLL has exported functions used by applications, implying in turn that WINE has a FOSS version of that DLL. Now, it's not a far stretch that if this DLL needs to import an undocumented API from another DLL, it actually *needs* that functionality, and so will WINE. So let's say that crypt32.dll needs advapi32!SystemFunctionImSuperUndocumented007 to generate an RC5 hash, then WINE also probably needs a way to get an RC5 hash. What are the solutions?
1) Implement a home-made RC5 hash and call it CryptpRc5Hash, and stick it as an internal static function inside crypt32.dll 2) Above, but stuck into a winelib.dll 3) Above, but stuck into advapi32!SystemFunctionImSuperUndocumented007, with minor changes to make sure it corresponds to the same parameters.
What harm does #3 do? It gives the same result as #1/2, but has the added avantage that if, somehow, somewhere, an external app needs an RC5 hash and figured out that function, it will work. This goes back to what I said, undocumented functions are not exported just for the fun of it. Even if they are only used by other DLLs, those DLLs need that functionality and so will the WINE dlls.
It's not like WINE developers were forced or had to spend time to write these functions, one of our developers did (and he submited patches to WINE). What possible -harm- can it do?
By the way, IE and WMP are OS Components. According to what you said, these also don't count: "made by Microsoft and NOT called a OS COMPONATE".
I certaintly hope they don't start using undocumented functions! (But trust me, their calls do end up in those SystemFunctionXXX advapi calls through other DLLs). Almost any crypto/security call does.
Thanks Steven
Best Regards, Alex Ionescu