How/why does the game use dxgi.dll?
Closed this issue · 3 comments
I'm sorry if this isn't the right place to ask, but I've seen someone else ask a somewhat similar question and I was wondering if I could get an answer to mine too.
I know this mod uses DLL proxying, it modifies the code that it needs to and does forward exports for everything else. But from what I remember and from I've seen in installation tutorials recently there isn't actually a dxgi.dll file (or whatever equivalent there is to the latest FAR version) in the actual game folder that you overwrite when installing the mod. AFAIK ReShade works in the same way.
So my question is, why does the game pick up this .dll file as something it needs to load? As far as I know the .dll is just a passive piece of code, lying there and waiting for something to load it, but I would think the game wouldn't know to load that exact .dll file, when seemingly nothing has changed to make the game load it? Does the game literally just load the first dxgi.dll that it finds?
dxgi.dll is the name of a system level DLL file for DirectX that is located somewhere below C:\Windows.
Basically what happens is that the game is coded to import/access certain functions that can be found in dxgi.dll. When the game then tries to load dxgi.dll it doesn’t have a hardcoded path for that DLL file.
The lack of a hardcoded path for the DLL file means the game will basically try to access the DLL file through a series of alternative paths:
-
First it will check for the existence in the “working directory” of the executable (typically the game folder).
-
Next it will go through the user’s specified folders in the PATH user environment variable.
-
Third and finally, it will go through the system’s specified folders in the PATH system environmental variable.
dxgi.dll typically can only be found in the third option, but the fact that the game first tries to load it from the working directory is what allows FAR and similar DLL proxying techniques to function.
FAR then implements the necessary functions and adds its own code before it executes the original function from the original system DLL file.
All DLL proxying works by utilizing the above property of how DLLs are loaded by processes in Windows. Then it is simply a matter of implementing a barebone function that is expected from the original DLL file, and adding custom code before executing the original function from the original DLL file.
But a consequence of this is that DLL proxying only works by utilizing a DLL file the game actually tries to load. For NieR:Automata, dxgi.dll, d3d11.dll, dinput8.dll, as well as xinput.dll (a name FAR does not support proxing for) are examples of DLL files the game attempts to load and can be used to add custom code to the game.
Note that anti-cheat protection typically prevent this sort of injection, either by validating the path or digital signature of all loaded DLL files and compare them to a whitelist.
Thanks, this answered all of my questions
holy wow, you really did answered this? That's impressive