DirectShow filter does not connect to the downstream filter on Windows 8 and Windows 7 SP1 with KB 2670838

Article translations Article translations
Article ID: 2841589 - View products that this article applies to.
Expand all | Collapse all

Symptoms

You are using a DirectShow filter that does not connect to a downstream filter on Windows 8 and Windows 7 SP1 after installing KB 2670838.  Before installing KB 2670838 this problem did not occur on Windows 7 SP1.
  • When calling the CBasePin.ReceiveConnection function the value that is returned is VFW_E_INVALIDMEDIATYPE (0x80040200)

Cause

New checks for video media types have been added to the DirectShow base class on Windows 8.  These checks may reject incorrect or unknown media types. These checks are added to protect systems from buffer overflows and buffer overruns exploitations.

KB 2670838 for Windows 7 SP1 updates the DirectShow subsystem with same changes.

Resolution

The following are recommendations that can help ensure your code passes the new security checks:

  • Verify AM_MEDIA_TYPE structure for invalid values. This structure describes the format of a media sample.
  • When calling CMediaType.AllocFormatBuffer to allocate memory for the format block, make sure you are passing correct size required for the format block.

    Please note: this method updates the cbFormat and pbFormat members of the AM_MEDIA_TYPE structure.
  • Verify BITMAPINFOHEADER structure for invalid values
    • Make sure biSize is equal to sizeof(BITMAPINFOHEADER)
    • Verify biSizeImage for bad value (i.e. > 0x40000000)
    • Verify   biClrUsed for bad value (i.e. > 256)

More information

Steps to reproduce the problem using GraphEdit:

GraphEdit is available in the Microsoft Windows Software Development Kit (SDK) (http://go.microsoft.com/fwlink/p/?linkid=62332).

Step 1. Go to Bin folder of the Windows SDK and run graphedt.exe.

Step 2. From the Graph menu, click Insert Filters. A dialog box appears with a list of the filters on your system, organized by filter category.

Step 3. Find your filter under the appropriate category (usually found under DirectShow Filters category) and click on Insert Filter button. If your filter is not a source filter then make sure you have added required source filter for it.

Step 4. Insert the required downstream filter.

Step 5. After you have added the filters, you can connect two filters by dragging the mouse from one filter's output pin to another filter's input pin. If the pins accept the connection, GraphEdit draws an arrow connecting them. Try this for your filter with the downstream filter. You will see -
  • Input pin and output pin will connect without any error on Windows 7 SP1.
  • GraphEdit will show you error message on Windows 8 and Windows 7 SP1 with KB 2670838 installed.
Terms used in this article:

Buffer Overflow:

A buffer overflow occurs when we try to fit more data into a buffer than was allocated. A buffer overflow can be used to execute malicious code in a system.

Buffer Overruns:

A buffer overrun is essentially caused by treating unchecked, external input as trustworthy data. The act of copying this data, using operations such as CopyMemory, strcat, strcpy, or wcscpy, can create unanticipated results, which allows for system corruption.

Related Links:

CBasePin.ReceiveConnection method

http://msdn.microsoft.com/en-us/library/windows/desktop/dd368737(v=vs.85).aspx

CMediaType class
http://msdn.microsoft.com/en-us/library/windows/desktop/dd374727(v=vs.85).aspx

CMediaType.AllocFormatBuffer method
http://msdn.microsoft.com/en-us/library/windows/desktop/dd374728(v=vs.85).aspx

AM_MEDIA_TYPE structure
http://msdn.microsoft.com/en-us/library/windows/desktop/dd373477(v=vs.85).aspx

BITMAPINFOHEADER structure
http://msdn.microsoft.com/en-us/library/windows/desktop/dd183376(v=vs.85).aspx

Using GraphEdit
http://msdn.microsoft.com/en-us/library/windows/desktop/dd407274(v=vs.85).aspx

Properties

Article ID: 2841589 - Last Review: April 24, 2013 - Revision: 1.0
Applies to
  • Windows 8
  • Windows 8 Enterprise
  • Windows 8 Pro
  • Windows 7 Enterprise
  • Windows 7 Ultimate
  • Windows 7 Professional
  • Windows 7 Home Premium
  • Windows 7 Home Basic
  • Windows 7 Service Pack 1
Keywords: 
KB2841589

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com