Are there any tools out there that automatically prototype DLL files with exported API?
If not, I was thinking it may be possible to write one using LDE (Length Disassembler Engine)
Basically, locate the address of the API in the export table of PE file, then detect how many bytes subtracted from
stack before returning to callee.
I know it wouldn't probably work with certain files, but atleast those using STDCALL
FunctionAddress:
push ebp
mov ebp, esp
; additional code here...
leave
retn 4
so from the RETN 4 we can determine that 1 arguement was passed to this routine.
very simple, so would it work as an application?
I'm afraid not Kernel. I'm actually working on an application like this already. Consider what would happen if the called proc pulled some values off the stack before the RETN... just checking the RETN value wouldn't work in all cases. (Especially for any of my sloppy DLL's!) :bg
I've been thinking about autonomously disassembling the .dll and tracing the stack though each proc to arrive at an accurate conclusion of the number of arguments used, but obviously this is a potentially illegal activity for any DLL's which the user does not personally own. I can't decide wether to advance with a warning message and no source code (allowing any user to make potentially illegal libs but not alter the app to do other bad things) or just keep the app as a MASM-only lib maker. I guess making import libs is not so much a "bad thing" but disassembly is disassembly. (Hutch will probably say 'leave it' and that will be that.)
:bg
I doubt there is any problem in trying to make an automatic prototyping tool and from memory I have seen commercial software that does just this but its a treacherously difficult task to get right and any deviant code will break it anyway. A DLL that uses a virtual table will create nightmares and any functions that use FASTCALL, 3 registers then someting like STDCALL will be very hard to pick at a binary evaluation level.
You will do much better just grabbing a copy of te prototypes for the DLL and converting them to a format you can use. If you cannot get the information, you may be in trouble in copyright terms anyway.