News:

MASM32 SDK Description, downloads and other helpful links
MASM32.com New Forum Link
masmforum WebSite

Automatic prototyping tool

Started by bozo, July 20, 2005, 02:05:40 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

bozo

July 20, 2005, 02:05:40 PM
Are there any tools out there that automatically prototype DLL files with exported API?
If not, I was thinking it may be possible to write one using LDE (Length Disassembler Engine)
Basically, locate the address of the API in the export table of PE file, then detect how many bytes subtracted from
stack before returning to callee.
I know it wouldn't probably work with certain files, but atleast those using STDCALL

Code Select

FunctionAddress:
   push ebp
   mov ebp, esp
   ; additional code here...
   leave
   retn 4


so from the RETN 4 we can determine that 1 arguement was passed to this routine.
very simple, so would it work as an application?

Mark Jones

#1
July 20, 2005, 02:29:49 PM
I'm afraid not Kernel. I'm actually working on an application like this already. Consider what would happen if the called proc pulled some values off the stack before the RETN... just checking the RETN value wouldn't work in all cases. (Especially for any of my sloppy DLL's!) :bg

I've been thinking about autonomously disassembling the .dll and tracing the stack though each proc to arrive at an accurate conclusion of the number of arguments used, but obviously this is a potentially illegal activity for any DLL's which the user does not personally own. I can't decide wether to advance with a warning message and no source code (allowing any user to make potentially illegal libs but not alter the app to do other bad things) or just keep the app as a MASM-only lib maker. I guess making import libs is not so much a "bad thing" but disassembly is disassembly. (Hutch will probably say 'leave it' and that will be that.)
"To deny our impulses... foolish; to revel in them, chaos." MCJ 2003.08

hutch--

#2
July 20, 2005, 03:33:20 PM
 :bg

I doubt there is any problem in trying to make an automatic prototyping tool and from memory I have seen commercial software that does just this but its a treacherously difficult task to get right and any deviant code will break it anyway. A DLL that uses a virtual table will create nightmares and any functions that use FASTCALL, 3 registers then someting like STDCALL will be very hard to pick at a binary evaluation level.

You will do much better just grabbing a copy of te prototypes for the DLL and converting them to a format you can use. If you cannot get the information, you may be in trouble in copyright terms anyway.
Download site for MASM32      New MASM Forum
https://masm32.com          https://masm32.com/board/index.php
Print
Go Up Pages1
User actions