From e7bad3d66bb878de901dcbf281f99ed3addc6ec4 Mon Sep 17 00:00:00 2001 From: mingkuang Date: Sat, 19 Oct 2024 16:48:41 +0800 Subject: [PATCH] =?UTF-8?q?Fea,=20=E6=8F=90=E4=BE=9B=E8=87=AA=E5=AE=9A?= =?UTF-8?q?=E4=B9=89DLL=E5=8A=A0=E8=BD=BD=E8=83=BD=E5=8A=9B=EF=BC=88=5F=5F?= =?UTF-8?q?pfnYY=5FThunks=5FCustomLoadLibrary=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/Build.cmd | 2 +- src/Thunks/YY_Thunks.cpp | 14 +++++++++++++- src/Thunks/YY_Thunks.h | 25 +++++++++++++++++++------ src/YY-Thunks.UnitTest/weak.c | 2 ++ 4 files changed, 35 insertions(+), 8 deletions(-) diff --git a/src/Build.cmd b/src/Build.cmd index 392ba08..fd2eb9c 100644 --- a/src/Build.cmd +++ b/src/Build.cmd @@ -140,7 +140,7 @@ goto:eof :: FixObj "XXX\YY_Thunks_for_Vista.obj" 1.def+2.def :FixObj -LibMaker.exe FixObj %1 /WeakExternFix:__security_cookie=%PointType% /WeakExternFix:__acrt_atexit_table=%PointType% /WeakExternFix:__pfnDllMainCRTStartupForYY_Thunks=%PointType% /WeakExternFix:__YY_Thunks_Disable_Rreload_Dlls=4 +LibMaker.exe FixObj %1 /WeakExternFix:__security_cookie=%PointType% /WeakExternFix:__acrt_atexit_table=%PointType% /WeakExternFix:__pfnDllMainCRTStartupForYY_Thunks=%PointType% /WeakExternFix:__YY_Thunks_Disable_Rreload_Dlls=4 /WeakExternFix:__pfnYY_Thunks_CustomLoadLibrary=%PointType% if %ErrorLevel% NEQ 0 exit /b %ErrorLevel% if "%2"=="" goto:eof set DEF_FILES=%2 diff --git a/src/Thunks/YY_Thunks.cpp b/src/Thunks/YY_Thunks.cpp index 1eedbad..82a8461 100644 --- a/src/Thunks/YY_Thunks.cpp +++ b/src/Thunks/YY_Thunks.cpp @@ -1159,7 +1159,19 @@ static HMODULE __fastcall try_get_module(volatile HMODULE* pModule, const wchar_ // this fails, cache the sentinel handle value INVALID_HANDLE_VALUE so that // we don't attempt to load the module again: HMODULE new_handle = NULL; - if (Flags & USING_GET_MODULE_HANDLE) + + if (__pfnYY_Thunks_CustomLoadLibrary) + { + new_handle = __pfnYY_Thunks_CustomLoadLibrary(module_name, Flags); + } + + if (new_handle) + { + // 使用 CustomLoadLibrary的结果 + if (new_handle == INVALID_HANDLE_VALUE) + new_handle = nullptr; + } + else if (Flags & USING_GET_MODULE_HANDLE) { new_handle = GetModuleHandleW(module_name); } diff --git a/src/Thunks/YY_Thunks.h b/src/Thunks/YY_Thunks.h index 1060eca..5a121a3 100644 --- a/src/Thunks/YY_Thunks.h +++ b/src/Thunks/YY_Thunks.h @@ -115,6 +115,25 @@ EXTERN_C const BOOL __YY_Thunks_Disable_Rreload_Dlls = TRUE; */ EXTERN_C extern BOOL __YY_Thunks_Disable_Rreload_Dlls /* = FALSE*/; + +// 直接通过GetModuleHandleW获取,改选项非常危险,如果dll尚未加载会将不会加载!!! +#define USING_GET_MODULE_HANDLE 0x00000001 +// 以 LOAD_LIBRARY_AS_DATAFILE 标记作为资源加载。 +#define LOAD_AS_DATA_FILE 0x00000002 +// 直接使用LoadLibrary,该加载模式存在劫持风险,使用前请确认该DLL处于KnownDll。 +#define USING_UNSAFE_LOAD 0x00000004 +/// +/// 如果对YY-Thunks的内置的LoadLibrary加载方式不满意,则通过设置__pfnYY_Thunks_CustomLoadLibrary以实现自定义DLL加载。 +/// +/// 需要加载的模块名称,比如`ntdll.dll`。 +/// 请参考 USING_GET_MODULE_HANDLE 等宏。 +/// +/// 返回 nullptr:继续执行YY_Thunk默认DLL加载流程。 +/// 返回 -1 :加载失败,并阻止执行YY_Thunks默认加载流程。 +/// 其他:CustomLoadLibrary加载成功,必须返回有效的 HMODULE。 +/// +EXTERN_C extern HMODULE (__fastcall * const __pfnYY_Thunks_CustomLoadLibrary)(const wchar_t* _szModuleName, DWORD _fFlags); + // 从DllMain缓存RtlDllShutdownInProgress状态,规避退出时调用RtlDllShutdownInProgress。 // 0:缓存无效 // 1:模块正常卸载 @@ -315,12 +334,6 @@ static __forceinline T* __fastcall __crt_interlocked_read_pointer(T* const volat return __crt_interlocked_compare_exchange_pointer(target, nullptr, nullptr); } -// 改选项非常危险,只调用GetModuleHandleW!!! -#define USING_GET_MODULE_HANDLE 0x00000001 -#define LOAD_AS_DATA_FILE 0x00000002 -// 该加载模式存在劫持风险,使用前请确认。 -#define USING_UNSAFE_LOAD 0x00000004 - static HMODULE __fastcall try_get_module(volatile HMODULE* pModule, const wchar_t* module_name, int Flags) noexcept; #define _APPLY(_MODULE, _NAME, _FLAGS) \ diff --git a/src/YY-Thunks.UnitTest/weak.c b/src/YY-Thunks.UnitTest/weak.c index d46c421..91fd3df 100644 --- a/src/YY-Thunks.UnitTest/weak.c +++ b/src/YY-Thunks.UnitTest/weak.c @@ -4,3 +4,5 @@ const void* __acrt_atexit_table; const void* __pfnDllMainCRTStartupForYY_Thunks; const void* __YY_Thunks_Disable_Rreload_Dlls; + +const void* __pfnYY_Thunks_CustomLoadLibrary;