16 Jul
2015
16 Jul
'15
6:23 p.m.
* The only interface to property (de)serialization provided by ole32.dll, the StgConvertVariantToProperty()/ StgConvertPropertyToVariant() functions, are poorly documented, hard to implement (HRESULTs need to be converted to NTSTATUS exceptions) and even more unpleasant to use (because one would need to catch the NTSTATUS exception and convert it back to a HRESULT). This is rather crazy and cumbersome.
I remember being concerned that StgConvertPropertyToVariant does not accept a size for the serialized value. This is not good when we don't trust the data we're reading.
So, at least for deserialization I don't think we should use the public API.