locked
Restrict DLL search at Load-Time dynamic linking RRS feed

  • Pergunta

  • Hi,

    I was wondering if there is a way to restrict DLL search to specific directory(not default) at Load-Time dynamic linking. I know it is possible at Run-Time dynamic linking with use of LoadLibrary() or LoadLibraryEx() but was wondering if there is a way to use custom directory at Load-Time rather than default search?

    sexta-feira, 3 de julho de 2020 17:15

Respostas

Todas as Respostas

  • Check if SetDllDirectory can be used in your case:


    But also enumerate the libraries in Project Properties, Linker, “Delay Loaded Dlls”.

    Or set the same option and define a special handler: https://docs.microsoft.com/en-us/cpp/build/reference/understanding-the-helper-function. You will be notified when a DLL is needed, then you will call LoadLibrary with your explicit path.


    • Editado Viorel_MVP sexta-feira, 3 de julho de 2020 19:37
    • Marcado como Resposta radzioo segunda-feira, 6 de julho de 2020 15:59
    sexta-feira, 3 de julho de 2020 19:36
  • Take a look at SetDefaultDllDirectories.  You can use it to restrict the DLL search path. I used the flags LOAD_LIBRARY_SEARCH_SYSTEM32 | LOAD_LIBRARY_SEARCH_USER_DIRS

    You can add the specific directories that you want to search to the path with AddDllDirectory.

    If you use delay-loading and call these functions when your application starts up then you don't need to use LoadLibrary or a custom delay-load helper function.

    From a security standpoint you would want to make sure that access to any directory you add to the DLL search path has been appropriately restricted.



    • Editado RLWA32 sábado, 4 de julho de 2020 10:49
    • Marcado como Resposta radzioo segunda-feira, 6 de julho de 2020 15:59
    sábado, 4 de julho de 2020 10:15
  • You should also recognize that the system will load DLLs when it creates your process before it calls your entry point function.  So you can only influence loading of DLLs that takes place after your entry point function receives control.

    sábado, 4 de julho de 2020 13:21
  • Why not copy the dll from where the application is launched ? as dll search order first check if the dll is present in the application's current directory 
    • Editado Pradish.MP sábado, 4 de julho de 2020 15:35 edit
    sábado, 4 de julho de 2020 15:35
  • Depends on what the OP wants: A. Make a specific app to pick a specific DLL , or B. Prevent it from picking a wrong/hostile DLL.

    Read this: https://helgeklein.com/blog/2010/08/how-the-app-paths-registry-key-makes-windows-both-faster-and-safer/

    -- pa

    domingo, 5 de julho de 2020 00:06
  • Thanks For your reply! I used  SetDefaultDllDirectory & AddDllDirectory but didn't know about delaying library load. Adding my library to "Delay Loaded DLLs" Does the job. Thanks!
    segunda-feira, 6 de julho de 2020 16:11
  • Just like below, I wasn't aware of delaying DLL load, therefore my system was using default DLL search even with use of SetDllDirectory(). Thanks for your hint!
    segunda-feira, 6 de julho de 2020 16:20
  • Yes, You are right it will be first place where system will look for .dll, but I think it's safer to restrict directory search to avoid eventual DLL hijacking if application is moved or library is deleted.
    segunda-feira, 6 de julho de 2020 16:30