MemoryModule icon indicating copy to clipboard operation
MemoryModule copied to clipboard

Published 20 hours ago verified publisher icon fancycode

Could NOT load MFC regular DLL!

Open tommy8421 opened this issue 8 years ago • 4 comments

in MemoryLoadLibraryEx: successfull = (*DllEntry)((HINSTANCE)code, DLL_PROCESS_ATTACH, 0); will raise exception. it's caused by below lines in MFC file appinit.cpp of function 'void CWinApp::SetCurrentHandles()': TCHAR szBuff[_MAX_PATH]; VERIFY(::GetModuleFileName(m_hInstance, szBuff, _MAX_PATH)); --> return false LPTSTR lpszExt = _tcsrchr(szBuff, '.'); ASSERT(lpszExt != NULL); ASSERT(*lpszExt == '.'); *lpszExt = 0; // no suffix ---> lpszExt will be a null pointer

it seems that the 'code' variables in successfull = (*DllEntry)((HINSTANCE)code, DLL_PROCESS_ATTACH, 0); is not a valid HMODULE or HINSTANCE value.

any one can give me some advices? thanks!

tommy8421 avatar Nov 22 '16 03:11 tommy8421

just hook GetModuleFileName to get this work.

lynnux avatar Dec 10 '18 07:12 lynnux

Hooked GetModuleFileName, and see that an empty string is being returned for my MFC dll loaded by MemoryLoadFile, but I don't see what to do in my hooking function. I also suspect additional problems with this Unicode MFC dll due to Unicode. Anybody tried that?

mw7536 avatar Jan 30 '19 15:01 mw7536

@tommy8421 @mw7536 I have been successfully load MFC dll library just like lynnux pointed. Basically you just hook GetModuleFileNameA or GetModuleFileNameW for the Unicode one to use main module path instead. Here's my example:

static HMODULE kernelHModule = 0;

static DWORD WINAPI HookGetModuleFileNameA(HMODULE hModule, LPSTR lpFilename, DWORD nSize) {
	DWORD result = GetModuleFileNameA(hModule, lpFilename, nSize);
	if (result == 0)
		result = GetModuleFileNameA(0, lpFilename, nSize);
	return result;
}

static FARPROC CustomGetProcAddress(HCUSTOMMODULE module, LPCSTR name, void *userdata) {
	UNREFERENCED_PARAMETER(userdata);
	FARPROC proc;
	if ((module == kernelHModule) && ((DWORD)name > 0xffff) && (strcmp(name, "GetModuleFileNameA") == 0)) {
		proc = (FARPROC)HookGetModuleFileNameA;
	}
	else {
		proc = (FARPROC)GetProcAddress((HMODULE)module, name);
	}
	return proc;
}

This one if your MFC dll is Ansi, for Unicode, you can replace GetModuleFileNameA with GetModuleFileNameW and LPSTR lpFilename with LPWSTR lpFilename. Then you just load with MemoryLoadLibraryEx with custom CustomGetProcAddress like this:

kernelHModule = GetModuleHandle("kernel32.dll");
hinstDll = MemoryLoadLibraryEx(dllData, dllSize, MemoryDefaultAlloc, MemoryDefaultFree, MemoryDefaultLoadLibrary, CustomGetProcAddress, MemoryDefaultFreeLibrary, NULL);

thiekus avatar Mar 29 '20 03:03 thiekus

May be your code solves the problem. But it is a drity workaround. It is wrong to return the path to the EXE file when the caller wants the path to the DLL. There will be cases where this does not work.

Elmue avatar Jun 22 '20 20:06 Elmue