Skip to content

Commit

Permalink
Fea, 提供自定义DLL加载能力(__pfnYY_Thunks_CustomLoadLibrary)
Browse files Browse the repository at this point in the history
  • Loading branch information
mingkuang-Chuyu committed Oct 19, 2024
1 parent 187a8fb commit 35d3658
Show file tree
Hide file tree
Showing 4 changed files with 35 additions and 8 deletions.
2 changes: 1 addition & 1 deletion src/Build.cmd
Original file line number Diff line number Diff line change
Expand Up @@ -140,7 +140,7 @@ goto:eof

:: FixObj "XXX\YY_Thunks_for_Vista.obj" 1.def+2.def
:FixObj
LibMaker.exe FixObj %1 /WeakExternFix:__security_cookie=%PointType% /WeakExternFix:__acrt_atexit_table=%PointType% /WeakExternFix:__pfnDllMainCRTStartupForYY_Thunks=%PointType% /WeakExternFix:__YY_Thunks_Disable_Rreload_Dlls=4
LibMaker.exe FixObj %1 /WeakExternFix:__security_cookie=%PointType% /WeakExternFix:__acrt_atexit_table=%PointType% /WeakExternFix:__pfnDllMainCRTStartupForYY_Thunks=%PointType% /WeakExternFix:__YY_Thunks_Disable_Rreload_Dlls=4 /WeakExternFix:__pfnYY_Thunks_CustomLoadLibrary=%PointType%
if %ErrorLevel% NEQ 0 exit /b %ErrorLevel%
if "%2"=="" goto:eof
set DEF_FILES=%2
Expand Down
14 changes: 13 additions & 1 deletion src/Thunks/YY_Thunks.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -1159,7 +1159,19 @@ static HMODULE __fastcall try_get_module(volatile HMODULE* pModule, const wchar_
// this fails, cache the sentinel handle value INVALID_HANDLE_VALUE so that
// we don't attempt to load the module again:
HMODULE new_handle = NULL;
if (Flags & USING_GET_MODULE_HANDLE)

if (__pfnYY_Thunks_CustomLoadLibrary)
{
new_handle = __pfnYY_Thunks_CustomLoadLibrary(module_name, Flags);
}

if (new_handle)
{
// 使用 CustomLoadLibrary的结果
if (new_handle == INVALID_HANDLE_VALUE)
new_handle = nullptr;
}
else if (Flags & USING_GET_MODULE_HANDLE)
{
new_handle = GetModuleHandleW(module_name);
}
Expand Down
25 changes: 19 additions & 6 deletions src/Thunks/YY_Thunks.h
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,25 @@ EXTERN_C const BOOL __YY_Thunks_Disable_Rreload_Dlls = TRUE;
*/
EXTERN_C extern BOOL __YY_Thunks_Disable_Rreload_Dlls /* = FALSE*/;


// 直接通过GetModuleHandleW获取,改选项非常危险,如果dll尚未加载会将不会加载!!!
#define USING_GET_MODULE_HANDLE 0x00000001
// 以 LOAD_LIBRARY_AS_DATAFILE 标记作为资源加载。
#define LOAD_AS_DATA_FILE 0x00000002
// 直接使用LoadLibrary,该加载模式存在劫持风险,使用前请确认该DLL处于KnownDll。
#define USING_UNSAFE_LOAD 0x00000004
/// <summary>
/// 如果对YY-Thunks的内置的LoadLibrary加载方式不满意,则通过设置__pfnYY_Thunks_CustomLoadLibrary以实现自定义DLL加载。
/// </summary>
/// <param name="_szModuleName">需要加载的模块名称,比如`ntdll.dll`。</param>
/// <param name="_fFlags">请参考 USING_GET_MODULE_HANDLE 等宏。</param>
/// <returns>
/// 返回 nullptr:继续执行YY_Thunk默认DLL加载流程。
/// 返回 -1 :加载失败,并阻止执行YY_Thunks默认加载流程。
/// 其他:CustomLoadLibrary加载成功,必须返回有效的 HMODULE。
/// </returns>
EXTERN_C extern HMODULE (__fastcall * const __pfnYY_Thunks_CustomLoadLibrary)(const wchar_t* _szModuleName, DWORD _fFlags);

// 从DllMain缓存RtlDllShutdownInProgress状态,规避退出时调用RtlDllShutdownInProgress。
// 0:缓存无效
// 1:模块正常卸载
Expand Down Expand Up @@ -315,12 +334,6 @@ static __forceinline T* __fastcall __crt_interlocked_read_pointer(T* const volat
return __crt_interlocked_compare_exchange_pointer(target, nullptr, nullptr);
}

// 改选项非常危险,只调用GetModuleHandleW!!!
#define USING_GET_MODULE_HANDLE 0x00000001
#define LOAD_AS_DATA_FILE 0x00000002
// 该加载模式存在劫持风险,使用前请确认。
#define USING_UNSAFE_LOAD 0x00000004

static HMODULE __fastcall try_get_module(volatile HMODULE* pModule, const wchar_t* module_name, int Flags) noexcept;

#define _APPLY(_MODULE, _NAME, _FLAGS) \
Expand Down
2 changes: 2 additions & 0 deletions src/YY-Thunks.UnitTest/weak.c
Original file line number Diff line number Diff line change
Expand Up @@ -4,3 +4,5 @@ const void* __acrt_atexit_table;
const void* __pfnDllMainCRTStartupForYY_Thunks;

const void* __YY_Thunks_Disable_Rreload_Dlls;

const void* __pfnYY_Thunks_CustomLoadLibrary;

0 comments on commit 35d3658

Please sign in to comment.