What process is calling LoadLibrary - dll

I'm developing a dll and I need to know some information of the process where it will be attached to, to take desitions whether I hook calls to some functions or not. For instance, if process is explorer.exe I don't want to do anything of that, just when the process is firefox.exe. To set up global hooks I use the "AppInit_DLLs infrastructure" so the Operating System is who calls LoadLibrary, not the process explicitely. The hook process take place in DllMain, so there is where I need the information.
Thank in advance.

To get the file of the process which is loading your DLL you can use GetModuleFileName:
char szExeFileName[MAX_PATH];
GetModuleFileName(NULL, szExeFileName, MAX_PATH);

Related

How to get the name of the calling program in an asynchronous background task?

How to get the name of the calling program from within an asynchronous remote function call (aRFC) ?
CALL FUNCTION 'BAPI_MATERIAL_SAVEREPLICA' STARTING NEW TASK lv_taskname
DESTINATION IN GROUP DEFAULT
The called BAPI triggers a user exit that I need to disable for this particular calling program. However, the local part of the stack is lost after the RFC and the name of the calling program on the local system is unknown.
The closest solution I could think of was disabling the user exit when the calling program is SAPMSSY1 (RFC calls), but that it not as accurate.
Maybe the parameter CALLER_PROGRAM of the function module RFC_GET_ATTRIBUTES. I'm not sure it works in all kinds of RFC calls.

Is it possible to use regfree COM from registered COM?

I've been trying to implement following scenario:
Application [C++] uses CoCreateInstance on registered COM class (CReg/Reg.dll)
CReg class uses CoCreateInstance on regfree/SxS COM class (CFree/Free.dll).
CoCreateInstance returns REGDB_E_CLASSNOTREG.
Problem doesn't seem to be with manifests, because if I try to instantiate CFree directly via application, object is created with no problem.
I have checked and scenario above triggers Activation Context of CReg (I have checked with sxstrace) and even manifest of the CFree is loaded successfully (!) which should effect in correct regfree COM. If I change manifest of the CFree then Activation Contexts fails (which I believe is proof for me that it was correctly triggered and loaded before the change).
Is scenario with using registered COM [CReg] not possible to access CFree object? If it is possible, are there some special work in order to load it properly?
EDIT
With Joe's help, we worked out that the problem is where Free.dll is located.
Main application is (for example) in C:\Proj\App, both Reg.dll and Free.dll are in C:\Proj\Libs. Is there possibility to load regfree Free.dll which is in different location than application? Problem is that I can't place it in application directory or in application child directory (it has to be in external location).
I have tried to use ISOLATION_AWARE_ENABLED preprocessor definition on Reg.dll project, to trigger Activation context from Reg.dll directory. Manifest from Free.dll is loaded properly (sxstrace logs that) but CoCreateInstance call is still returning REGDB_E_CLASSNOTREG. This blog article points that it may be possible with this definition (but is not giving definite answer on this matter).
Anyone can help me solve this problem or at least point to the documentation that may give me an answer, whether it is possible or not, to load regfree dll from an external location?

Can We initilize Winsock in DLL_DETACH ? actulay i want to send some data when a process get terminated(DLL_DETACH)

Can We initialize Win sock in DLL_DETACH ? actulay i want to send some data when a process get terminated(DLL_DETACH)
DLL_DETACH is actually DLL_PROCESS_DETACH.
It is possible (i don't think that's any mechanism to prevent it) but it's not recommended.
WSAStartup lies in ws2_32.dll. Here's a fragment from DllMain official doc (Remarks section):
Calling functions that require DLLs other than Kernel32.dll may result in problems that are difficult to diagnose. For example, calling User, Shell, and COM functions can cause access violation errors, because some functions load other system components. Conversely, calling functions such as these during termination can cause access violation errors because the corresponding component may already have been unloaded or uninitialized.
Also, from WSAStartup official doc (same Remarks section):
The WSAStartup function typically leads to protocol-specific helper DLLs being loaded. As a result, the WSAStartup function should not be called from the DllMain function in a application DLL. This can potentially cause deadlocks. For more information, please see the DLL Main Function.
As an alternative sending the data (including the overhead of initializing the socket engine, creating the connection, and uninitializing the socket engine) could be achieved at the end of main (WinMain).
Calling WSAStartup() in DllMain() will result in a deadlock due to the loader lock. WSAStartup() can result in DLLs being loaded.
A better solution would be to install a service that can do the sending for. Talk to the service from DllMain() using your preferred interprocess comms method (shared memory, named pipes, etc).

How to load resource from exe rather than dll

I am loading a satellite dll which holds language resources. However I only want to store strings in the dll and not the dialog resources. I load the dll as below:
hInst = LoadLibrary( _T("MyAppFRA.dll") );
if (hInst!= NULL)
AfxSetResourceHandle( hInst );
The problem is if I bring a CTestDlg now as below, it never comes up.
CTestDlg dlg;
dlg.DoModal()
It is because the dialog resource IDD_DIALOG1 is there in the exe but not in the dll so DoModal() can't seem to find it (as a result of AfxSetResourceHandle() call.) This is intentional, I thought if it didn't find the resource in dll, it will automatically look in exe but that doesn't seem to be the case.
Can I load the dialog from exe resource when rest of my resources are in a dll?
We have a huge application with resources all over the place. You can use AfxSetResourceHandle() whenever you want to change the context of where MFC looks for resources. We have a stack based object that allows us to set the resource handle and then restore it. AfxGetResourceHandle() is the function that gets the current value.
You can load the dialog template from the .exe resources yourself, then call InitModalIndirect to tie it to the dialog object. DoModal will use this resource rather than trying to load one from the current resource handle.

Pausing a DLL export until triggered by an EXE

Does anyone have any ideas of how a DLL function can be made to wait for “input”, and how to call a specific instance of a DLL export?
I’m trying to convert a Windows service to a DLL. It contains a function that logs some boot-up information and then waits until told to quit. The logging functionality is worked out, but I need to figure out two issues.
After it performs its main functions, the export needs to sit there and wait (like the classic Press any key to continue…, but minus the interface)
I need a way of having an executable subsequently tell the paused instance that it’s time to exit
For the first problem, I considered going into a loop and waiting on some sort of trigger, but of course it should not go into a 100%-CPU cycle, so maybe WaitForSingleObject or perhaps waiting for a message (eg WM_APP).
For the second, I thought of some kind of inter-process communication, but hopefully not something as messy as shared-memory or semaphores (I used shared-mem, semaphores, signals, etc. in Unix in uni, but this is on Windows). Of course I need a way of accessing the specific instance of the called export.
You can use CreateEvent, SetEvent, and WaitForSingleObject. If the dll was loaded by the executable that needs to signal the event that is all that is required. If it is from separate executables it is only slightly more complicated. When you call CreateEvent, create a named Event. This named event can be accessed by multiple processes. If it needs to work across different users logged in, prefix the name with "Global\" and it will be the same event for all processes for all users.
//in dll
HANDLE eventHandle = CreateEvent( NULL, TRUE, FALSE, "Global\\My-Unique-Trigger-Event" );
//do stuff
WaitForSingleObject( eventHandle, INFINITE);
//exit
//in executable
HANDLE eventHandle = CreateEvent( NULL, TRUE, FALSE, "Global\\My-Unique-Trigger-Event" );
SetEvent( eventHandle );