• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 438
  • Last Modified:

referenced DLLs as seen in Dependency Walker

Hi, I have a bunch of DLLs referenced in my application, but when I view the application in Dependency Walker I do not see those DLLs, I only see the system DLLs, How does this work, thanks!
0
ol muser
Asked:
ol muser
2 Solutions
 
AndyAinscowFreelance programmer / ConsultantCommented:
Does your app actually call any functions in those dll's ?  (Does it compile and run if you remove the dependancy?)
0
 
ZoppoCommented:
Hi olmuser,

there are two ways to use a DLL:

1. DLL is implicitely linked to the EXE: when the executable is created the linker adds functionality which loads a needed DLL if it's not yet loaded and replaces some kind of dummy functions with the functions loaded from the DLL. In this case the list of needed DLLs is stored in the binary. These can be shown by DependencyWalker.

2. Explicit use: the executable loads DLLs at runtime using LoadLibrary and accesses function with GetProcAddress. In this case there's usually no info available in the binary which DependencyWalker can use to determine the dependencies. (I say usually because it might be possible for DependencyWalker to find places like i.e. LoadLibrary( "user32.dll" ), but at least when i.e. all DLLs within a given directory are loaded iterating through the files per code this won't be possible).

Hope that helps,

ZOPPO
0
 
jkrCommented:
I'm with Zoppo here. You can find out about that easily if you choose 'Profile...' from the Dependency Walker's main menu, it will show all DLL load events. Oh, and one thing to add to what Zoppo wrote: There's also a '3.' which applies to COM DLLs - these are also loaded via 'LoadLibrary()' after the sever DLL is found via a registry lookup.
0
 
btanExec ConsultantCommented:
Below can be helpful for understanding especially for dynamic loading and system hooks, it needs runtime profiling. So you can try using Application Profiling to Detect Dynamic Dependencies

http://www.dependencywalker.com/help/html/application_profiling.htm

When a module is first opened by Dependency Walker, it is immediately scanned for all implicit, delay-load, and forwarded dependencies. Once all the modules have been scanned, the results are displayed. In addition to these known dependencies, modules are free to load other modules at run-time without any prior warning to the operating system. These types of dependencies are known as dynamic or explicit dependencies. There is really no way to detect dynamic dependencies without actually running the application and watching it to see what modules it loads at run-time. This is exactly what Dependency Walker's application profiling.

It is the job of the user to "exercise" the application to ensure that all dynamic dependencies are found. Usually dynamic dependencies are only loaded when needed.needed. For example, modules related to printing might only be loaded if the application actually prints. In a case like this, if the application does not perform a print while being profiled, then Dependency Walker will not detect those modules related to printing. Other modules might only get loaded if an error occurs in the application. Scenarios like these might be hard to produce. Because of this, It is impossible to guarantee that all dynamic dependencies are found, but the more an application is exercised, the better the odds are of finding them.

The faq is useful reference
http://www.dependencywalker.com/faq.html

You may be interested to look at Process Explorer
http://www.symantec.com/connect/blogs/using-process-explorer-who-loaded-dll
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now