|
|
S-350: Vulnerabilities in Microsoft Office Filters
|
|
COM_GET_ACTIVE_OBJECT(3) 1 COM_GET_ACTIVE_OBJECT(3) com_get_active_object - Returns a handle to an already running instance of a COM object SYNOPSIS
variant com_get_active_object (string $progid, [int $code_page]) DESCRIPTION
com_get_active_object(3) is similar to creating a new instance of a "COM" object, except that it will only return an object to your script if the object is already running. OLE applications use something known as the " Running Object Table" to allow well-known applications to be launched only once; this function exposes the COM library function GetActiveObject() to get a handle on a running instance. PARAMETERS
o $progid -$progid must be either the ProgID or CLSID for the object that you want to access (for example Word.Application). o $code_page - Acts in precisely the same way that it does for the "COM" class. RETURN VALUES
If the requested object is running, it will be returned to your script just like any other COM object. ERRORS
/EXCEPTIONS There are a variety of reasons why this function might fail, the most common being that the object is not already running. In that situa- tion, the exception error code will be MK_E_UNAVAILABLE; you can use the getCode method of the exception object to check the exception code. NOTES
Warning Using com_get_active_object(3) in a web server context is not always a smart idea. Most COM/OLE applications are not designed to handle more than one client concurrently, even (or especially!) Microsoft Office. You should read Considerations for Server-Side Au- tomation of Office for more information on the general issues involved. PHP Documentation Group COM_GET_ACTIVE_OBJECT(3)
