This is written for Google/Bingle — regular readers of this blog won't care about it at all.
I recently had to diagnose a problem with SocksCAP 2.40, a Windows program described as:
Automatically enables Windows-based TCP and UDP networking client applications to traverse a SOCKS firewall. SocksCap intercepts the networking calls from WinSock applications and redirects them through the SOCKS server without modifying the original application, the operating system software or drivers.
A customer of a customer was using this in a heavily locked-down environment, where all desktops were required to run through a proxy server, to enable some line-of-business software which did not honor proxy settings on its own. SocksCAP intercepted network calls to run them through the local SOCKS proxy.
The application ran fine until it attempted an app-specific auto-update. After successfully fetching the updated files to a temporary directory, it attempted to run an updater program which would install and patch the program in place. This failed every time.
At first we were sure this was a bug in the application itself, but it turned out to be SocksCAP.
SocksCAP was intercepting the CreateProcess() call from the main app so it could automatically SOCKS-ify the subprocess (definitely a helpful/useful trick), but it was not able to handle the very long command line required by the auto-updater program.
After enabling logging in SocksCAP, its logfile showed the full, correct command line, but Process Monitor from Microsoft SysInternals showed that CreateProcess() was given the corrupted command line.
It looked to me like it was blowing up after around 256 characters, so this has all the hallmarks of a fixed-length buffer with a poorly-chosen size.
Since the updater command-line included several filenames based on %TMP%, our workaround changed %TMP% to C:\T\ instead of the long Documents-and-Settings path that's the usual. This brought the command line under the blow-up limit.
I've not been able to find the source, or even recent support, for SocksCAP, so I doubt that a real fix will ever happen, but hopefully this post will help others in my place get to the bottom of this with less pain than it took me.