关于滥用 Windows 窗口类额外字节的兼容性说明A compatibility note on the abuse of Windows window class extra bytes
Windows 开发中存在一种滥用窗口类额外字节的非正规技术,开发者借此寻找隐秘的数据存储位置。这种做法虽然在某些场景下看似巧妙,但会引发严重的系统兼容性问题。微软官方从底层机制出发,解释了这种“奇技淫巧”为何会在系统更新或不同版本中导致不可预期的崩溃。文章详细阐述了正确的数据存储替代方案,以确保应用程序在未来的 Windows 版本中保持健壮性。
Raymond Chen
June 30th, 2026
1 reaction
During my discussion of the evolution of system-windows window and class extra bytes, I noted that even though IDs are typically small integers, people liked to stash pointers there, so we had to expand the ID field to a pointer-sized integer.
One thing I’ve learned is that anywhere it’s possible to hide a pointer, people will hide a pointer there. This is true even for small integers.
As I was digging up the history of the extra bytes, I saw a special note in the 16-bit code for SetClassWord: It says that there’s an app that expects to be able to modify the value of GWW_CBCLSEXTRA.
Now, modifying this value has no practical effect because the memory for the class was allocated when you called RegisterClass. You can’t go back in time and change the allocation size.
But one program realized that it could use this value as a place to store some private data, so they did. Sure, that’s not the purpose of the GWW_CBCLSEXTRA, but that never stopped them.
For compatibility, Windows lets 16-bit programs modify GWW_CBCLSEXTRA. But at least it blocks it for 32-bit and 64-bit programs. One loophole closed. Countless more to go.
Author
Raymond has been involved in the evolution of Windows for more than 30 years. In 2003, he began a Web site known as The Old New Thing which has grown in popularity far beyond his wildest imagination, a development which still gives him the heebie-jeebies. The Web site spawned a book, coincidentally also titled The Old New Thing (Addison Wesley 2007). He occasionally appears on the Windows Dev Docs Twitter account to tell stories which convey no useful information.
Stay informed
Get notified when new posts are published.
Follow this blog
需要完整排版与评论请前往来源站点阅读。