Jump to content
  • Advertisement
Sign in to follow this  
owl

given a dll file, can you find out how to import what it exports?

This topic is 3413 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Say you have a specific kind of scanner (pheripherical) and there is a dll that interfaces with the driver and you know the name of the functions it exports but don't have the header definiton for those functions. Is there a way to figure out the function definitions without the header file?

Share this post


Link to post
Share on other sites
Advertisement
Quote:
Original post by owl
Say you have a specific kind of scanner (pheripherical) and there is a dll that interfaces with the driver and you know the name of the functions it exports but don't have the header definiton for those functions. Is there a way to figure out the function definitions without the header file?


Dependency Walker will list the exports for you and you can load those via GetProcAddress after you call LoadLibrary on the DLL in your program.

For actually calling them though, you will need to do as outRider suggested and check an existing EXE that uses the DLL to find the proper usage. That is, unless you can find some documentation somewhere for using the API, which would make life a lot easier [wink]

Share this post


Link to post
Share on other sites
If you're lucky and the export names are mangled, you can retrieve the function signature with PE Explorer or UnDecorateSymbolName().

If the DLL uses stdcall convention (callee cleanup of function arguments), you get a second opportunity without needing a client of the DLL because the RET instruction indicates how many bytes of stack data a function uses. By analysing the function prolog (which IDA does automatically), you can differentiate between parameters and local variables and at least guess at the parameter count.

Share this post


Link to post
Share on other sites
Quote:
Original post by outRider
Disassemble the module that calls into the DLL and see what it's pushing onto the stack before each call.


That sounds logical. I guess I'll have to learn some assembler to do that...

Could you elaborate a bit on how to recognize function parameters and return values (and their types!) in assembler?

Thanks.

Share this post


Link to post
Share on other sites
Mazbe you should take a look into this: Disassembler . And your debugger is also able to disasseble things. By the way: dumpbin.exe is also a good start to look into the exported functions of a dll ( nm using linux ).

Share this post


Link to post
Share on other sites
Thanks. Yes, this utilities that look what functions a dll exports only tell the function names but not their parameters, return values and their types.

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

We are the game development community.

Whether you are an indie, hobbyist, AAA developer, or just trying to learn, GameDev.net is the place for you to learn, share, and connect with the games industry. Learn more About Us or sign up!

Sign me up!