DLL without exported functions?

2019-06-15 19:12发布

I've snooped around a little bit in MS-Office DLLs, and I noticed that some of the DLLs don't have any exported functions. What I don't quite understand, how an application can use these DLLs without any functions exported ?!

I mean, the dllmain() does get executed on LoadLibrary(), but whats the point? Why would anyone create a DLL without exported functions?

thanks! :-)

5条回答
欢心
2楼-- · 2019-06-15 19:43

I haven't looked at the DLLs in question; but it's possible in something like MSOffice Microsoft have done this to obfuscate the DLL to make it more difficult to debug / reverse engineer.

However, as you ask how would you use such a DLL? Well if the application knows the layout of the DLL then it can create a function pointer with the address of a known function and call it.

If you really want to dig further you could objdump the DLL and look for standard C / C++ ABI function prologues & epilogues and possibly work out where the functions start.

查看更多
等我变得足够好
3楼-- · 2019-06-15 19:47

Resources

The DLL likely has resources, like string tables, images, icons, etc., used by the rest of Office.

查看更多
混吃等死
4楼-- · 2019-06-15 19:48

When you call LoadLibrary the DLL gets call of its DllMain. That is DLL entry point. It is called on process attach and thread attach. So you do have entry point.

As soon as it has at least one entry point then it can create instance of some interface (e.g. factory) an set it in e.g. TLS variables where other modules will pickup them.

So you can can have COM alike system of interfaces that are not exposed outside except to the application. Something like that - many over variations are possible.

查看更多
5楼-- · 2019-06-15 19:55

Always possible that they just don't export them as C interfaces. A DLL isn't magic, it's just bits and bytes, and nothing says that you can't get code out of a DLL if you don't ask Windows for it. I believe that .NET takes this approach- they save metadata in the DLL that tells the CLR what's in it, instead of making .NET functions available by the normal GetProcAddress approach. Unless you explicitly ask for it.

查看更多
We Are One
6楼-- · 2019-06-15 19:57

One way of dealing with versions of a program destined for different languages is to put all of the resources into a language DLL. The DLL doesn't contain any code, just resources that have been translated to a target language. When the main program starts up, all it needs to do is load the proper language DLL.

查看更多
登录 后发表回答