Solved

DLL import functions???

Posted on 1997-10-31
6
295 Views
Last Modified: 2010-04-04
Given a DLL with no supporting documentation around what functions it contains, and what parameters it takes for each function, how would you go about finding this information out?

I know how to get hold of the functions that it contains, the main problem that I have is I don't know what parameters each function takes...


I won't accept the response 'Talk to the author, what DLL is it' and other related statements.
0
Comment
Question by:john_m
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 

Author Comment

by:john_m
ID: 1349209
Edited text of question
0
 
LVL 3

Expert Comment

by:mirek071497
ID: 1349210
Unfortunatelly you can't. You can get names of exported function and paramcount for this, however you don't know what you can do with this. If this can help you then try find NEWEXE.ZIP at FtpSearch. This is utility for dumping exe and dll (without flat drivers).

good luck.
0
 
LVL 8

Expert Comment

by:MikeP090797
ID: 1349211
You can get a decompiler, and decompile the dll. then you can check the parametrs of the function, and what it does
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:john_m
ID: 1349212
Unfortunately I know all this already. If you could recommend a decompiler though, maybe that would be worth some points...
0
 
LVL 1

Accepted Solution

by:
ergates earned 350 total points
ID: 1349213
This is obviously a tough one.

I managed to reverse engineer an interface in the Trumpet Winsock  
DLL, which is used by the Trumpet "TCP meter" application. (It's probably all changed now).

What I did was put the DLL call into my code, and then step through the code by assembler instructions. When you step into the called routine, you can see the assembler code for it. Now you need to 80x86 assembler and know what calling conventions are used, i.e. where and how parameters are passed. They are usually passed on stack, but may also be passed in registers. In the called routine look for access to the stack to get parameters. You can tell if the called routine is expecting an address.

Similarly, returned parameters are left in registers or are pushed back onto the stack before the routine returns.

Using this I was able to deduce the interface, though there was one parameter I never worked out! I had a pretty good idea that the routine returned two ints, one for received and transmitted bytes.

Note the above was done with BPW not Delphi, but the principle is the same. I have seen a decompiler that works on TPUs, and also on (C) .exe programs. Working out the types is possible, if you know how compilers generate code (which I do) to access them. It would be very difficult without knowledge of what the routines are supposed to do.

I would be interested to know what DLL you want to decode and why, unless it is just an academic exercise.

Regards,
0
 

Author Comment

by:john_m
ID: 1349214
egrates,
Cheers for the info. Although I don't have enough information to continue with what I wanted to do, you did at least give a fair answer to a fair question. FYI the DLL I have been looking at is DCC.DLL as supplied with Delphi 3... Doubtful that I'll get anywhere with it though...
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello everybody This Article will show you how to validate number with TEdit control, What's the TEdit control? TEdit is a standard Windows edit control on a form, it allows to user to write, read and copy/paste single line of text. Usua…
In my programming career I have only very rarely run into situations where operator overloading would be of any use in my work.  Normally those situations involved math with either overly large numbers (hundreds of thousands of digits or accuracy re…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Suggested Courses
Course of the Month3 days, 21 hours left to enroll

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question