TLS回调函数

herowuking 2015-06-06

展开全文

TLS回调函数是指，每当创建/终止进程的线程时会自动调用执行的函数。创建的主线程也会自动调用回调函数，且其调用执行先于EP代码。

IMAGE_DATA_DIRECTORY[9]:IMAGE_TLS_DIRECTORY

typedef struct _IMAGE_TLS_DIRECTORY64 {
   ULONGLONG StartAddressOfRawData;
   ULONGLONG EndAddressOfRawData;
   ULONGLONG AddressOfIndex;       // PDWORD
   ULONGLONG AddressOfCallBacks;   // PIMAGE_TLS_CALLBACK *;
   DWORD SizeOfZeroFill;
   DWORD Characteristics;
} IMAGE_TLS_DIRECTORY64;
typedef IMAGE_TLS_DIRECTORY64* PIMAGE_TLS_DIRECTORY64;

typedef struct _IMAGE_TLS_DIRECTORY32 {
   DWORD StartAddressOfRawData;
   DWORD EndAddressOfRawData;
   DWORD AddressOfIndex;       // PDWORD
   DWORD AddressOfCallBacks;   // PIMAGE_TLS_CALLBACK *;
   DWORD SizeOfZeroFill;
   DWORD Characteristics;
} IMAGE_TLS_DIRECTORY32;
typedef IMAGE_TLS_DIRECTORY32* PIMAGE_TLS_DIRECTORY32;

#ifdef _WIN64
typedef IMAGE_TLS_DIRECTORY64   IMAGE_TLS_DIRECTORY;
typedef PIMAGE_TLS_DIRECTORY64 PIMAGE_TLS_DIRECTORY;
#else
typedef IMAGE_TLS_DIRECTORY32   IMAGE_TLS_DIRECTORY;
typedef PIMAGE_TLS_DIRECTORY32   PIMAGE_TLS_DIRECTORY;
#endif

TlsTest.cpp

#include<windows.h>

#pragma comment(linker, "/INCLUDE:__tls_used")

void print_console(char* szMsg)
{
   HANDLE hStdout = GetStdHandle(STD_OUTPUT_HANDLE);

   WriteConsoleA(hStdout, szMsg, strlen(szMsg), NULL, NULL);
}

void NTAPI TLS_CALLBACK1(PVOID DllHandle, DWORD Reason, PVOID Reserved)
{
   char szMsg[80] = {0,};
   wsprintfA(szMsg, "TLS_CALLBACK1() : DllHandle = %X, Reason = %d\n",
               DllHandle, Reason);
   print_console(szMsg);
}

void NTAPI TLS_CALLBACK2(PVOID DllHandle, DWORD Reason, PVOID Reserved)
{
   char szMsg[80] = {0,};
   wsprintfA(szMsg, "TLS_CALLBACK2() : DllHandle = %X, Reason = %d\n",
               DllHandle, Reason);
   print_console(szMsg);
}

#pragma data_seg(".CRT$XLX")
   PIMAGE_TLS_CALLBACK pTLS_CALLBACKs[] = {TLS_CALLBACK1, TLS_CALLBACK2, 0};
#pragma data_seg()

DWORD WINAPI ThreadProc(LPVOID lParam)
{
   print_console("ThreadProc() start\n");

   print_console("ThreadProc() end\n");

   return 0;
}

int main()
{
   HANDLE hThread = NULL;
   print_console("main() start\n");

   hThread = CreateThread(NULL, 0, ThreadProc, NULL, 0, NULL);
   WaitForSingleObject(hThread, 60*1000);
   CloseHandle(hThread);

   print_console("main() end\n");
   return 0;
}