我正在尝试加载.dll文件,并在加载时显示一个消息框.根据我的理解,一旦加载.dll,它就会调用dllmain()并切换到DLL_PROCESS_ATTACH选项.我已经编写了.dll和.exe的代码来加载它. .exe可以正确加载它并打印出加载了DLL的地址,但是我没有看到正在显示的消息框.我在Microsoft.com上的某处读到,dll在加载时进入“锁定”,以防止出于安全目的而执行某些功能或代码.此功能是否阻止显示消息框?是否存在诸如提升权限,系统等的工作……?我不确定DEP是否有任何影响,我将其设置为仅保护关键的Windows进程.
调用过程:
#include <iostream> #include <windows.h> int main() { HMODULE hDll = LoadLibraryA("dll.dll"); if (hDll == NULL) std::cerr << "Unable to load dll"; else std::cout << "Dll loaded @ " << hDll; FreeLibrary(hDll); }
dll文件:
#include <windows.h> BOOL WINAPI DllMain(HINSTANCE hinstDLL,DWORD fdwReason,LPVOID lpvReserved) { switch (fdwReason) { case DLL_PROCESS_ATTACH: MessageBox(NULL,"Dll has been loaded.","Loaded",MB_OK); break; } return TRUE; }
我认为如果我有办法通过调试器运行.dll并查看MessageBox()返回的内容,这可能对我有所帮助,但我不知道该怎么做.谢谢!
Raymond Chen在他的博客文章
Some reasons not to do anything scary in your DllMain中有话要说:
And absolutely under no circumstances should you be doing anything as crazy as creating a window inside your DLL_PROCESS_ATTACH. In addition to the thread affinity issues,there’s the problem of global hooks. Hooks running inside the loader lock are a recipe for disaster. Don’t be surprised if your machine deadlocks.