Another technique?

[cookpoo78]

Hey, I was diving into this subject while opening this bug that drove me crazy (If you have answer I would be happy to hear what you think about that).
Anyway I was thinking of another technique: Within DllMain, creating a thread that waits on DllMain to finish, and only then resumes to run the payload.
If it sounds good to you let me know and I can PR that.

[maxamula]

Hey, I was diving into this subject while opening this bug that drove me crazy (If you have answer I would be happy to hear what you think about that). Anyway I was thinking of another technique: Within DllMain, creating a thread that waits on DllMain to finish, and only then resumes to run the payload. If it sounds good to you let me know and I can PR that.

Or you can just use QueueUserAPC like so:

VOID CALLBACK CallWithoutLoaderLock(ULONG_PTR dwParam)
{
    // Do your stuff here
}


BOOL APIENTRY DllMain( HINSTANCE hinstDLL,
                       DWORD  ul_reason_for_call,
                       LPVOID lpReserved
                     )
{ 
    switch (ul_reason_for_call)
    {
    case DLL_PROCESS_ATTACH:
        if (!QueueUserAPC(CallWithoutLoaderLock, GetCurrentThread(), 0))
            std::abort();
    case DLL_THREAD_ATTACH:
    case DLL_THREAD_DETACH:
    case DLL_PROCESS_DETACH:
        break;
    }
    return TRUE;
}