Here is my GetProcAddr routine simulating the API function GetProcAddress. It takes two parameters like the API version, the first one is the handle to the DLL module and the second one is a pointer to the name of function.
GetProcAddr scans the export table of the DLL and if it succeeds , it returns the address of the function exported by the DLL.
In failure, GetProcAddr returns NULL.
; GetProcAddr by Vortex
.386
.model flat, stdcall
option casemap:none
include \GeneSys\include\windows.inc
StrCmpA PROTO :DWORD,:DWORD
.code
GetProcAddr PROC uses esi edi ebx hModule:DWORD,func:DWORD
LOCAL counter:DWORD
mov edi,hModule
add edi,IMAGE_DOS_HEADER.e_lfanew[edi]
mov edi,IMAGE_NT_HEADERS.OptionalHeader.DataDirectory.VirtualAddress[edi]
add edi,hModule
mov ebx,edi
mov eax,IMAGE_EXPORT_DIRECTORY.NumberOfNames[edi]
mov esi,IMAGE_EXPORT_DIRECTORY.AddressOfNames[edi]
mov ecx,eax
mov counter,eax
add esi,hModule
inc ecx
sub esi,4
scan_export_table:
add esi,4
dec ecx
jz finish ; returns NULL if the function fails
mov edi,[esi]
add edi,hModule
push ecx
invoke StrCmpA,func,edi
pop ecx
test eax,eax
jz scan_export_table
mov esi,IMAGE_EXPORT_DIRECTORY.AddressOfNameOrdinals[ebx]
neg ecx
add ecx,counter
shl ecx,1
add esi,ecx
add esi,hModule
movzx eax,WORD PTR [esi]
mov esi,IMAGE_EXPORT_DIRECTORY.AddressOfFunctions[ebx]
shl eax,2
add esi,hModule
add esi,eax
mov edi,[esi]
add edi,hModule
mov eax,edi
finish:
ret
GetProcAddr ENDP
END
[attachment deleted by admin]
Vortex, that excellent.
What are the advantages of your API over the WIN32 version ?
Could you make an API that returns a table of all function names ?
Maybe even a structure containing the name and the address
Rgs, James.
That is usually the case with all functions in a library. It is a part of the 'trade off.' We are willing to sacrifice a little of the speed for ease of use. Besides, when the results are measured in nanoseconds or picoseconds, a slight loss in speed is not detectable by a human being so what difference does it make? Ease of use is always the answer that makes the most sense. :U
Paul
Paul,
The function is great.
Is it possible to get a function like the one I asked for, where all the exported functions are returns in one
go with the name and the address?
James,
We will definitely do something. Right now, we are exploring options. Stay tuned...
Paul
Premature optimization is the root of all evil (or at least most of it) in programming.
- Donald Knuth
Hi James,
Thanks for the idea, I will try to work on that option ( returning in one go)
It became necessary for me to remove some posts from this thread. The decision was not an easy one and as a collateral effect, some posts which had nothing to do with the problem were also removed as they no longer made any sense. If any one wishing a more detailed explanation, I would appreciate it if the request is made by PM.
This thread will now return to its intended function. James, we are working on your request. Thank you for your patience.
Paul
New upload at the top :
- Removed some unnecessary local variables.
Here is the GetExpTable function returning a structure receiving the names and the addresses of exported functions :
GetExpTable PROTO hModule:DWORD,pExpTable:DWORD
hModule : handle to DLL.
pExpTable : pointer to the EXPORT_TABLE structure receiving the names and addresses.
EXPORT_TABLE STRUCT
NumbOfNames DWORD ? ; number of exported functions
AddrOfNames DWORD ? ; address pointing to an array of RVAs of function names
AddrOfEntryPoints DWORD ? ; address pointing to an array of RVAs of function etry points
EXPORT_TABLE ENDS
GetExpTable PROC uses esi hModule:DWORD,pExpTable:DWORD
mov esi,pExpTable
mov edx,hModule
add edx,IMAGE_DOS_HEADER.e_lfanew[edx]
mov edx,IMAGE_NT_HEADERS.OptionalHeader.DataDirectory.VirtualAddress[edx]
add edx,hModule
mov eax,IMAGE_EXPORT_DIRECTORY.NumberOfNames[edx]
mov EXPORT_TABLE.NumbOfNames[esi],eax
mov ecx,IMAGE_EXPORT_DIRECTORY.AddressOfNames[edx]
add ecx,hModule
mov EXPORT_TABLE.AddrOfNames[esi],ecx
mov ecx,IMAGE_EXPORT_DIRECTORY.AddressOfNameOrdinals[edx]
add ecx,hModule
movzx eax,WORD PTR [ecx]
mov ecx,IMAGE_EXPORT_DIRECTORY.AddressOfFunctions[edx]
shl eax,2
add ecx,hModule
add ecx,eax
mov EXPORT_TABLE.AddrOfEntryPoints[esi],ecx
ret
GetExpTable ENDP
[attachment deleted by admin]
Vortex,
Thanks for taking the time to do this. I really appreciate it.
Rgs,James.
James,
You are welcome :U