Hello Everybody, I'm working on a simple C++ Project in VS 2013 Express. I'm trying to implement a TLS Callback function into a simple prog. What I want to do in future is to check for any present debuggers before the main (entrypoint) is called (...I know that most debuggers can handle TLS). Here is my code so far and it works:
#include #include using namespace std;
// tls callback declaration
void WINAPI TLSCallback(PVOID DllHandle, DWORD dwReason, PVOID Reserved)
{
MessageBox(0, L"TLS Callback before main.", L"TLS CallBack", 0);
}
// end declaration
//linker specs
#ifdef _M_IX86
#pragma comment (linker, "/INCLUDE:__tls_used")
#pragma comment (linker, "/INCLUDE:__xl_b")
#else
#pragma comment (linker, "/INCLUDE:_tls_used")
#pragma comment (linker, "/INCLUDE:_xl_b")
#endif
#ifdef _WIN64
#pragma const_seg (".CRT$XLB")
const
#else
#pragma data_seg (".CRT$XLB")
#endif
//end linker
//tls import
EXTERN_C
{
PIMAGE_TLS_CALLBACK _xl_b = TLSCallback;
#pragma data_seg ()
#pragma const_seg ()
}
//end
int main(int argc, char* argv[])
{
printf("Hello World from main()!");
getchar();
return 0;
}
However, the really strange thing (at least to me) is, that if I switch in VS 2013 Express from Debug Configuration to Release Configuration and compile the project, AntiVir pops up with a message like "TR/Crypt.XPACK.Gen" found in compiled EXE. O.k. since TLS is also used by maleware I can basically understand that AntiVir doesn't like such things, but why does it not happen in Debug Configuration? Is there any way that it also would work in Release Configuration (Linker Options etc.?) ?:confused: