search

fancycode / MemoryModule

Library to load a DLL from memory.
http://www.joachim-bauch.de/tutorials/loading-a-dll-from-memory/
Mozilla Public License 2.0
2.74k stars 748 forks source link

Could NOT load MFC regular DLL! #57

Open tommy8421 opened 7 years ago

tommy8421 commented 7 years ago

in MemoryLoadLibraryEx: successfull = (DllEntry)((HINSTANCE)code, DLL_PROCESS_ATTACH, 0); will raise exception. it's caused by below lines in MFC file appinit.cpp of function 'void CWinApp::SetCurrentHandles()': TCHAR szBuff[_MAX_PATH]; VERIFY(::GetModuleFileName(m_hInstance, szBuff, _MAX_PATH)); --> return false LPTSTR lpszExt = _tcsrchr(szBuff, '.'); ASSERT(lpszExt != NULL); ASSERT(lpszExt == '.'); *lpszExt = 0; // no suffix ---> lpszExt will be a null pointer

it seems that the 'code' variables in successfull = (*DllEntry)((HINSTANCE)code, DLL_PROCESS_ATTACH, 0); is not a valid HMODULE or HINSTANCE value.

any one can give me some advices? thanks!

lynnux commented 5 years ago

just hook GetModuleFileName to get this work.

mw7536 commented 5 years ago

Hooked GetModuleFileName, and see that an empty string is being returned for my MFC dll loaded by MemoryLoadFile, but I don't see what to do in my hooking function. I also suspect additional problems with this Unicode MFC dll due to Unicode. Anybody tried that?

thiekus commented 4 years ago

@tommy8421 @mw7536 I have been successfully load MFC dll library just like lynnux pointed. Basically you just hook GetModuleFileNameA or GetModuleFileNameW for the Unicode one to use main module path instead. Here's my example:

static HMODULE kernelHModule = 0;

static DWORD WINAPI HookGetModuleFileNameA(HMODULE hModule, LPSTR lpFilename, DWORD nSize) {
    DWORD result = GetModuleFileNameA(hModule, lpFilename, nSize);
    if (result == 0)
        result = GetModuleFileNameA(0, lpFilename, nSize);
    return result;
}

static FARPROC CustomGetProcAddress(HCUSTOMMODULE module, LPCSTR name, void *userdata) {
    UNREFERENCED_PARAMETER(userdata);
    FARPROC proc;
    if ((module == kernelHModule) && ((DWORD)name > 0xffff) && (strcmp(name, "GetModuleFileNameA") == 0)) {
        proc = (FARPROC)HookGetModuleFileNameA;
    }
    else {
        proc = (FARPROC)GetProcAddress((HMODULE)module, name);
    }
    return proc;
}

This one if your MFC dll is Ansi, for Unicode, you can replace GetModuleFileNameA with GetModuleFileNameW and LPSTR lpFilename with LPWSTR lpFilename. Then you just load with MemoryLoadLibraryEx with custom CustomGetProcAddress like this:

kernelHModule = GetModuleHandle("kernel32.dll");
hinstDll = MemoryLoadLibraryEx(dllData, dllSize, MemoryDefaultAlloc, MemoryDefaultFree, MemoryDefaultLoadLibrary, CustomGetProcAddress, MemoryDefaultFreeLibrary, NULL);
Elmue commented 4 years ago

May be your code solves the problem. But it is a drity workaround. It is wrong to return the path to the EXE file when the caller wants the path to the DLL. There will be cases where this does not work.