LoadLibrary on DLL file that's not on disk
Posted on 2001-08-15
I'd like to know how I can call LoadLibrary and load a DLL file that's not physically located on any disk. LoadLibrary loads a DLL file that's on disk and takes the files path name as a parameter. I have the contents of the DLL in memory and would like LoadLibrary to load the DLL from memory instead.
As far as I can see, I have the following options. I'd like some advice on which way to go and if anyone's got a better idea.
1. Create my own network redirector and use a UNC path to LoadLibrary, having the redirector return the data to LoadLibrary from the in-memory-image
NEGATIVE: A lot of work to create a redirector.
2. Create a URL Moniker (protocol) that knows how to retrieve the data from memory and then pass in the URL to LoadLibrary (i.e. myurl://file.dll)
NEGATIVE: LoadLibrary internally may call a low-enough level API to open the actual file where the API bypasses URL mapping -- that is, LoadLibrary may only work if it's an actual mounted file system.
3. Use INJLIB or Microsoft's own "Detours" library to trap calls the CreateFile (or whatever), as they are called by LoadLibrary and return a file HANDLE that'll actually retrieve the file from memory. Perhaps the HANDLE returned is a named-pipe and if that doesn't work. perhaps the calls to Read() are also trapped to return the data. Depending on how much support LoadLibrary needs.
NEGATIVES: The "Detours" library can't be used to do this on non-NT systems. INLIB can be used, but the versions that are currently available on the Net (from May '94 issue of MSJ) only supported NT (no Windows 95 back then). The author of INJLIB supposedly has updated INJLIB to work under newer Win32 OSs, but I can't seem to find that anywhere.
4. Write the memory contents to disk and then call LoadLibrary.
NEGATIVES: There's no way to delete the file after calling LoadLibrary on it. At least it didn't work when I tried it (yes, I called FreeLibrary on it.)
WORKAROUND FOR NEGATIVE:
Use MoveFileEx with MOVEFILE_DELAY_UNTIL_REBOOT (and corresponding technique for 95/98/me) to mark the file for deletion after reboot.
Okay, I've rambled on enough about this. I'd like to hear some opinions about which way I should go and why.
It's hard to pronounce a "right answer" for this type of questions, so I guess the only thing I can do is give it to the person that gives me the best argument for a particular approach (weighing complexity vs. functionality, of course.)
I consider this a pretty advanced topic, so I'll set it for 300 points.