Use safe DLL loading (avoid current directory)

[oldnewthing]

This avoids DLL planting issues during the fallback search for a base trust server. It uses the LOAD_LIBRARY_SEARCH_DEFAULT_DIRS flag, which searches the usual places, including the application directory, but excludes the current directory. The flag is supported on Win8 onward, as well as on Win7 if you have KB2533623 installed (which you really should). If you need to support versions of Win7 that haven't been patched since 2011, then stick with whatever version of C++/WinRT you are currently using.

[jlaanstra]

Do we want to allow customization of the default, maybe via a #define?

[sylveon]

I'm not sure it's worth the expense of adding a customization switch to support operating systems that haven't been patched since 2011

[kennykerr]

Right, the switch is to use a different version of cppwinrt.

[jonthysell]

For RNW we're going to do this:

#ifdef CPPWINRT_USE_LOADLIBRARYEXW
#define WINRT_IMPL_LoadLibraryW(name) \
  WINRT_IMPL_LoadLibraryExW(name, nullptr, 0x00001000 /* LOAD_LIBRARY_SEARCH_DEFAULT_DIRS */)
#endif

where CPPWINRT_USE_LOADLIBRARYEXW is defined via a MSBUILD version check:

  <ItemDefinitionGroup Label="CppWinRT">
    <ClCompile>
      <PreprocessorDefinitions Condition="$([MSBuild]::VersionGreaterThanOrEquals('$(CppWinRTVersion)', '2.0.230524.3'))">
        CPPWINRT_USE_LOADLIBRARYEXW;
        %(PreprocessorDefinitions)
      </PreprocessorDefinitions>
    </ClCompile>
  </ItemDefinitionGroup>

because of the lack of convenient version macros to do it strictly in code: #668.

[oldnewthing]

@jonthysell Note that all WINRT_IMPL_* names are reserved for internal use by C++/WinRT and are considered off-limits to apps.

In all namespaces, names beginning with WINRTIMPL are reserved for C++/WinRT, and you shouldn't use them in your application.

If you want to call LoadLibrary, you can define your own RNW_LoadLibraryW function.