DLL Injection
s0beit
s0beit at myg0t.com
Sat Dec 1 10:34:32 PST 2012
On Saturday, 1 December 2012 at 12:29:51 UTC, js.mdnq wrote:
> On Saturday, 1 December 2012 at 11:24:51 UTC, s0beit wrote:
>> Alright, at the end of my long search I have finally concluded
>> that this is some sort of threading problem.
>>
>> Any D module loaded in a new thread, from a C/++ application
>> will crash. The solution, I believe, in this case might be to
>> hijack the program's "main" thread and execute your
>> LoadLibrary call there.
>>
>> When you call LoadLibrary on a D module from a C++
>> application's "main" function, everything is fine. When you
>> call it with a newly created thread (CreateThread or
>> CreateRemoteThread) it will crash universally. I have not
>> found a remedy to this issue, but the method to inject your
>> module by hijacking the thread might work. It's an older
>> method of injection since before CreateThread APIs came along,
>> but the basic idea is that you get the handle to the program's
>> primary thread, get the context and force the Eip to your
>> destination which calls LoadLibrary. Then you JMP back to the
>> old Eip.
>>
>> I'll post here if I have any success with it, I am currently
>> too busy to test my theory.
>
> Would it be possible for you to write wrapper in C that hooks
> into the process then that wrapper loads up your D code? Since
> you are saying you can do this in C, and C should be able to
> interface well with D, it seems like it should work.
You can probably make something in D to do that, but I must be
clear that it will only work if you're injecting in the main
thread. Anything outside of the main thread will crash.
If you, say, hook a function that is called by the primary
application thread and call your LoadLibrary there it might work
fine.
I think my method of injection (Context hijack on a main thread)
is probably the best to use for D, I'll post some injector code
if/when I get that far.
More information about the Digitalmars-d-learn
mailing list