"George Wilkin" <g...@dontspam.com> wrote in message
news:bbhv5c$jbp$1...@nsnmpen2-gest.nuria.telefonica-data.net...
Why would you go to that much trouble for an ugly and questionably portable
hack? Unless you are hijacking someone else's DLL without their permission,
you should be able to get a static lib version of the library. Just
statically link it, no DLL required.
If you can't get a static lib, how did you get permission to use the DLL?
How did you get the interface definition?
Phil
--
Philip D. Barila
Seagate Technology, LLC
(720) 684-1842
As if I need to say it: Not speaking for Seagate.
E-mail address is pointed at a domain squatter. Use reply-to instead.
"arkadyf" <ark...@hotmail.com>
1. Store DLL (a PE file) as resource
2. Lock the resource (i.e. get pointer to PE header)
3. Allocate (using VirtualAlloc) enough memory as indicated in
NtHeader.OptionalHeader.SizeOfImage
4. Try to allocate this at location ntheader.OptionalHeader.ImageBase - if
this fails, then just allocate
anywhere in your address space.
5. Copy (from resource into newly allocated space) the DLL's PE header (+
section tables), and
each section 1-by-1 into the correct places (as described in the PE
header)
6. Fix the new PE header to indicate where the module has been loaded
7. Perform full Base-Relocations - you need to find the base-relocations
section by looking
in the data-directory of the PE header.
8. Fixup the DLL's import table, by looping through it calling
LoadLibrary/GetProcAddress as
appropriate
9. Call the DLL's entry-point with DLL_PROCESS_ATTACH - the signature
of the DLL entrypoint is BOOL __stdcall DllEntry(PVOID base, DWORD
dwReason, PVOID reserved)
10. (Optionally) add the loaded module into the linked-list of inside the
PEB. Not required.
That's all you need to do to load a DLL - you can load pretty much any
system DLL as well using this
technique. It's not too much work, but you must be familiar with the PE
format (portable executable)
in order to get it to work.
Cheers,
James
--
www.catch22.org.uk
Free Win32 Software, Source Code and Tutorials
"George Wilkin" <g...@dontspam.com> wrote in message
news:bbiihi$rm9$1...@nsnmpen2-gest.nuria.telefonica-data.net...
Steps 4 to 9 not very clear to me (I am not familiar with PE file format), I
suppose it consists of walking the image in memory and modifying values at
certain places.. may be there are some examples on the Internet, may be you
can point me on where I must search for it.. Thank you.
Another approach: as LoadLibrary() already does all this work, may be there
is a way to "deceive" LoadLibrary() function and make it read the image from
memory, instead of reading from disk (IMHO, one of the first things
LoadLibrary() does is reading entirely DLL file into memory, so maybe I can
intercept its ReadFile() call???..), and then let it work normally (because
relocations and stuff is done in memory, I suppose)
Thank you!
"James Brown" <PLEASEDONTSPA...@virgin.net>
You could write a program that can unpack files appended to the
end of the EXE. The user runs the exe with the cargo files,
the program unpacks the cargo files and then executes the
main program.
This is what I do for an update utilty used to upgrade our
customer's software.
--
Best regards,
Barry S. Kyker
It has served me well. I also cleanup any files I extract from myself when
my program closes.
Pertinax
"George Wilkin" <g...@dontspam.com> wrote in message
news:bbj64a$hbf$1...@nsnmpen2-gest.nuria.telefonica-data.net...