[C/C++] Five things you should not do in DLL Main you should know before Windows hooking

What you should not do in DLL Main before hooking on Windows Message Hooking
As we have been doing main work and system analysis recently, there have been a lot of problems in DLL Main due to some operations, so we have put together precisely.
There is no guarantee that loading DLLs for hooking will guarantee that Kernel32.dll is loaded.

 

So what kind of problems do you have in any situation?

The biggest problem is that the deadlock is applied to the DLL, and the program can not be executed because the blur does not proceed any more.

 

Precautions

• Calling LoadLibrary, LoadLibraryEx, and so on can cause deadlocks or crashes.
• If you use CoCreateInstanceEx to initialize a COM Thread, LoadLibraryEx may be called under certain circumstances.
• Synchronization with other threads can cause deadlocks.
• Acquiring a synchronization object that is in the code to acquire the loader lock can lead to deadlocks.
• If you create a new CreateProcess process, you can load another DLL.

 

Best of all, it's a good idea to leave it clean in DLL Main.

However, when hooking API beyond message hooking, there are things to be processed at DLL Main timing, so you have to pay attention to various situations.