Your debugging code can be a security vulnerability: Loading optional debugging DLLs without a full path

Remember, the bad guys don't care that your feature exists just for debugging purposes. If it's there, they will attack it.Consider the following code:DOCLOADINGPROC g_pfnOnDocLoading; void LoadDebuggingHooks(){ HMODULE hmodDebug = LoadLibrary(TEXT("DebugHooks.dll")); if (!hmodDebug) return; g_pfnOnDocLoading = (DOCLOADINGPROC)               GetProcAddress(hmodDebug, "OnDocLoading"); ...}HRESULT