我写了个DLL,用工具注入到explorer.exe,运行到某些函数的时候会导致DLL崩溃从而引发explorer.exe崩溃,
用drwtsn32.ex生成了dump文件,用windbg分析了下说是堆栈溢出。
(因为程序需要,所以数组定义的都特别大,MAXSIZE是6W多 Σ( ° △ °|||)︴)
于是我在工程属性里改了一下:
但还是没有解决问题。
但是在测试的EXE里用LoadLibrary加载就一切正常。而且没有在工程设置里改变堆栈大小(默认的空)
请问大神这是什么原因?
难道是注入到explorer.exe后,堆栈保留大小受explorer.exe的设置控制?如果是的话,请问该如何解决?
谢谢。
阿神2017-04-17 15:36:34
Make a distinction between heap and stack. Only threads have a stack, which is the thread stack.
What you set here is just the stack size of your DLL. This is useless. Because the functions in your DLL are injected into the thread of the explorer program to run.
It is recommended that you still use dynamic allocation, but each module has a heap, so you need to actively release the memory you applied for in your DLL.
Of course, it’s possible that the crux of the problem isn’t here.
