0

I'm using the following code to dynamically link to the LoadIconWithScaleDown API, for my code to be able to run on Windows XP:

HRESULT (WINAPI *pfnLoadIconWithScaleDown)(HINSTANCE, PCWSTR, int, int, HICON *);

HMODULE hComCtrl32 = LoadLibrary(_T("Comctl32.dll"));
if(hComCtrl32)
{
    (FARPROC&)pfnLoadIconWithScaleDown = GetProcAddress(hComCtrl32, "LoadIconWithScaleDownW");
}

I try this code on Windows 7, but the 'pfnLoadIconWithScaleDown' is always NULL. Why?

jww
  • 97,681
  • 90
  • 411
  • 885
c00000fd
  • 20,994
  • 29
  • 177
  • 400

1 Answers1

3

There is no ASCII (A) and UNICODE (W) versions of LoadIconWithScaleDown() so change the GetProcAddress() invocation to:

pfnLoadIconWithScaleDown = GetProcAddress(hComCtrl32, "LoadIconWithScaleDown");
hmjd
  • 120,187
  • 20
  • 207
  • 252
  • A proper side-by-side manifest is required as well so the correct version of comctl32.dll gets loaded. – Hans Passant Dec 01 '12 at 13:56
  • @HansPassant: Can you give me more details about this side-by-side manifest, because I get NULL for what hmjd suggested as well... – c00000fd Dec 01 '12 at 18:27
  • Migration requirements section: http://msdn.microsoft.com/en-us/library/bb531404.aspx – Hans Passant Dec 01 '12 at 19:06
  • comctl32 v6 manifest. There are millions of articles on internet. No need to do it all again here. – David Heffernan Dec 01 '12 at 19:06
  • @DavidHeffernan: OK, I realized what I was doing wrong. I read LoadLibrary security note and that they recommend always using a full path to the dll, instead of just doing LoadLibrary(L"Comctl32.dll"); So providing a full path to it would not work with the comctrl32 manifest requirement. – c00000fd Dec 01 '12 at 21:11
  • No, that's completely wrong. You are meant to load `comctl32.dll` using just the name. Don't include the path. Fix your manifest. – David Heffernan Dec 01 '12 at 21:13
  • @DavidHeffernan: Wrong? Just hypothetically what if someone puts a malicious file named comctl32.dll in the folder with my app and adds LoadIconWithScaleDown export to it that say, infects my browser with popups instead? – c00000fd Dec 01 '12 at 21:58
  • Yep, wrong. Take a look at any mainstream program and look at how it imports system DLLs. What you describe is not a security hole. The breach was when you let in the thing that can write DLLs wherever it pleases. Anyway, I don't really mind if you do it your way. You don't have to take my advice. – David Heffernan Dec 01 '12 at 22:00