Restrict DLL search at Load-Time dynamic linking RRS feed

  • Question

  • Hi,

    I was wondering if there is a way to restrict DLL search to specific directory(not default) at Load-Time dynamic linking. I know it is possible at Run-Time dynamic linking with use of LoadLibrary() or LoadLibraryEx() but was wondering if there is a way to use custom directory at Load-Time rather than default search?

    Friday, July 3, 2020 5:15 PM


All replies

  • Check if SetDllDirectory can be used in your case:

    But also enumerate the libraries in Project Properties, Linker, “Delay Loaded Dlls”.

    Or set the same option and define a special handler: https://docs.microsoft.com/en-us/cpp/build/reference/understanding-the-helper-function. You will be notified when a DLL is needed, then you will call LoadLibrary with your explicit path.

    • Edited by Viorel_MVP Friday, July 3, 2020 7:37 PM
    • Marked as answer by radzioo Monday, July 6, 2020 3:59 PM
    Friday, July 3, 2020 7:36 PM
  • Take a look at SetDefaultDllDirectories.  You can use it to restrict the DLL search path. I used the flags LOAD_LIBRARY_SEARCH_SYSTEM32 | LOAD_LIBRARY_SEARCH_USER_DIRS

    You can add the specific directories that you want to search to the path with AddDllDirectory.

    If you use delay-loading and call these functions when your application starts up then you don't need to use LoadLibrary or a custom delay-load helper function.

    From a security standpoint you would want to make sure that access to any directory you add to the DLL search path has been appropriately restricted.

    • Edited by RLWA32 Saturday, July 4, 2020 10:49 AM
    • Marked as answer by radzioo Monday, July 6, 2020 3:59 PM
    Saturday, July 4, 2020 10:15 AM
  • You should also recognize that the system will load DLLs when it creates your process before it calls your entry point function.  So you can only influence loading of DLLs that takes place after your entry point function receives control.

    Saturday, July 4, 2020 1:21 PM
  • Why not copy the dll from where the application is launched ? as dll search order first check if the dll is present in the application's current directory 
    • Edited by Pradish.MP Saturday, July 4, 2020 3:35 PM edit
    Saturday, July 4, 2020 3:35 PM
  • Depends on what the OP wants: A. Make a specific app to pick a specific DLL , or B. Prevent it from picking a wrong/hostile DLL.

    Read this: https://helgeklein.com/blog/2010/08/how-the-app-paths-registry-key-makes-windows-both-faster-and-safer/

    -- pa

    Sunday, July 5, 2020 12:06 AM
  • Thanks For your reply! I used  SetDefaultDllDirectory & AddDllDirectory but didn't know about delaying library load. Adding my library to "Delay Loaded DLLs" Does the job. Thanks!
    Monday, July 6, 2020 4:11 PM
  • Just like below, I wasn't aware of delaying DLL load, therefore my system was using default DLL search even with use of SetDllDirectory(). Thanks for your hint!
    Monday, July 6, 2020 4:20 PM
  • Yes, You are right it will be first place where system will look for .dll, but I think it's safer to restrict directory search to avoid eventual DLL hijacking if application is moved or library is deleted.
    Monday, July 6, 2020 4:30 PM