我需要通过ntdll的LdrLoadDll函数加载一个库,在这种情况下,我要加载的库是user32.dll。但是,当我尝试加载user32.dll时,调用(最后一行)上会引发访问冲突异常。我不确定导致此错误的原因。我会错误地创建unicode字符串吗?
typedef (__stdcall *LdrLoadDll)(
IN PWCHAR PathToFile OPTIONAL,
IN ULONG Flags OPTIONAL,
IN PUNICODE_STRING ModuleFileName,
OUT PHANDLE ModuleHandle);
LdrLoadDll LdrLoadDllStruct = (LdrLoadDll)GetProcAddress(ntdllHandle, "LdrLoadDll");
typedef (__stdcall *RtlInitUnicodeString)(
PUNICODE_STRING DestinationString,
PCWSTR SourceString);
RtlInitUnicodeString RtlInitUnicodeStringStruct = (RtlInitUnicodeString)GetProcAddress(ntdllHandle, "RtlInitUnicodeString");
HMODULE hModule = 0;
UNICODE_STRING unicodestring;
RtlInitUnicodeStringStruct(&unicodestring, L"USER32.dll");
LdrLoadDllStruct(NULL, NULL, &unicodestring, &hModule);
答案 0 :(得分:1)
在这里,一些代码可以(a)实际编译,并且(b)可以工作。请原谅(糟糕)错误处理:
#include <windows.h>
#include <subauth.h>
#include <assert.h>
#include <iostream>
#pragma comment (lib, "ntdll.lib")
typedef void (__stdcall *LdrLoadDll) (
IN PWCHAR PathToFile OPTIONAL,
IN ULONG Flags OPTIONAL,
IN PUNICODE_STRING ModuleFileName,
OUT HMODULE * ModuleHandle);
typedef void (__stdcall *RtlInitUnicodeString)(
PUNICODE_STRING DestinationString,
PCWSTR SourceString);
int main ()
{
HMODULE ntdllHandle = LoadLibrary (L"ntdll.dll");
assert (ntdllHandle);
LdrLoadDll LdrLoadDllStruct = (LdrLoadDll) GetProcAddress (ntdllHandle, "LdrLoadDll");
assert (LdrLoadDllStruct);
RtlInitUnicodeString RtlInitUnicodeStringStruct = (RtlInitUnicodeString) GetProcAddress (ntdllHandle, "RtlInitUnicodeString");
assert (RtlInitUnicodeStringStruct);
HMODULE hModule = 0;
UNICODE_STRING unicodestring;
RtlInitUnicodeStringStruct (&unicodestring, L"USER32.dll");
LdrLoadDllStruct (NULL, 0, &unicodestring, &hModule);
std::cout << hModule << "\n";
}
输出(在我的机器上,是64位版本):
00007FFF17C20000
但是……使用LoadLibrary()到底是什么 ?