diff options
| author | José Fonseca <jfonseca@vmware.com> | 2015-02-19 20:55:28 +0000 |
|---|---|---|
| committer | José Fonseca <jfonseca@vmware.com> | 2015-02-19 20:55:28 +0000 |
| commit | a1ddea3133e0807350326cee5dcf0d06fad00c08 (patch) | |
| tree | dcebf051b71a8eb8c197090f213c80d71c44fe81 /inject | |
| parent | 289c21300dc9766c21c2da87e676a94baa15c538 (diff) | |
inject: Adjust LoadLibraryEx flags.
Diffstat (limited to 'inject')
| -rw-r--r-- | inject/injectee.cpp | 46 |
1 files changed, 44 insertions, 2 deletions
diff --git a/inject/injectee.cpp b/inject/injectee.cpp index 37a32cd0..3f7a60d3 100644 --- a/inject/injectee.cpp +++ b/inject/injectee.cpp @@ -727,10 +727,52 @@ MyLoadLibraryW(LPCWSTR lpLibFileName) return hModule; } +#ifndef LOAD_LIBRARY_SEARCH_DLL_LOAD_DIR +#define LOAD_LIBRARY_SEARCH_DLL_LOAD_DIR 0x00000100 +#endif +#ifndef LOAD_LIBRARY_SEARCH_APPLICATION_DIR +#define LOAD_LIBRARY_SEARCH_APPLICATION_DIR 0x00000200 +#endif +#ifndef LOAD_LIBRARY_SEARCH_USER_DIRS +#define LOAD_LIBRARY_SEARCH_USER_DIRS 0x00000400 +#endif +#ifndef LOAD_LIBRARY_SEARCH_SYSTEM32 +#define LOAD_LIBRARY_SEARCH_SYSTEM32 0x00000800 +#endif +#ifndef LOAD_LIBRARY_SEARCH_DEFAULT_DIRS +#define LOAD_LIBRARY_SEARCH_DEFAULT_DIRS 0x00001000 +#endif + +static inline DWORD +adjustFlags(DWORD dwFlags) +{ + /* + * XXX: LoadLibraryEx seems to interpret "application directory" in respect + * to the module that's calling it. So when the application restricts the + * search path to application directory via + * LOAD_LIBRARY_SEARCH_APPLICATION_DIR or LOAD_LIBRARY_SEARCH_DEFAULT_DIRS + * flags, kernel32.dll ends up searching on the directory of the inject.dll + * module. + * + * XXX: What about SetDefaultDllDirectories? + * + */ + if (dwFlags & (LOAD_LIBRARY_SEARCH_APPLICATION_DIR | + LOAD_LIBRARY_SEARCH_DEFAULT_DIRS)) { + dwFlags &= ~(LOAD_LIBRARY_SEARCH_DLL_LOAD_DIR | + LOAD_LIBRARY_SEARCH_APPLICATION_DIR | + LOAD_LIBRARY_SEARCH_USER_DIRS | + LOAD_LIBRARY_SEARCH_SYSTEM32 | + LOAD_LIBRARY_SEARCH_DEFAULT_DIRS); + } + + return dwFlags; +} + static HMODULE WINAPI MyLoadLibraryExA(LPCSTR lpLibFileName, HANDLE hFile, DWORD dwFlags) { - HMODULE hModule = LoadLibraryExA(lpLibFileName, hFile, dwFlags); + HMODULE hModule = LoadLibraryExA(lpLibFileName, hFile, adjustFlags(dwFlags)); if (VERBOSITY >= 2) { debugPrintf("inject: intercepting %s(\"%s\", 0x%p, 0x%lx) = 0x%p\n", @@ -746,7 +788,7 @@ MyLoadLibraryExA(LPCSTR lpLibFileName, HANDLE hFile, DWORD dwFlags) static HMODULE WINAPI MyLoadLibraryExW(LPCWSTR lpLibFileName, HANDLE hFile, DWORD dwFlags) { - HMODULE hModule = LoadLibraryExW(lpLibFileName, hFile, dwFlags); + HMODULE hModule = LoadLibraryExW(lpLibFileName, hFile, adjustFlags(dwFlags)); if (VERBOSITY >= 2) { debugPrintf("inject: intercepting %s(L\"%S\", 0x%p, 0x%lx) = 0x%p\n", |