Injecting a DLL into a Process Space (Windows CE 5.0)
There are times when a dynamic-link library (DLL) must be automatically added to a process space to perform some required action. This could be a debugging tool that wants to track some actions. If neither the source code nor the ability to build the code is available, you are limited in the kinds of debugging you can perform. The kernel has the ability to load a DLL into every process space.
To enable this process, you can add the name of the DLL to the following registry key.
HKEY_LOCAL_MACHINE\SYSTEM\KERNEL
"InjectDLL" = REG_MULTI_SZ : "MyDLL1.DLL","MyDLL2.DLL", ...
The data type is a REG_MULTI_SZ or an array of strings, which can list more than one DLL. The name of the DLL can contain the full path and file name or just the file name.
Applications that install DLLs to be injected into a process should only append or remove their specific DLL from the registry.
When a process is created and all implicitly-linked DLLs are loaded, the kernel loads each DLL listed in "InjectDLL". Failure to load the DLL will not result in a failure of the application to launch. A DLL could fail to load if the DLL returns FALSE in DllMain or if the application is trusted and the DLL being loaded is not. DLLs can check in DLLMain to determine what process they are being loaded into by calling GetModuleFileName. The values you need to pass are (NULL, &Filename, nSize).
See Also
Send Feedback on this topic to the authors