Win32 API 枚举dll 导出函数?

2021-12-05 00:00:00 windows dll winapi c++

我发现了类似的问题,但没有找到我想要的答案.所以这里是:

I found similar questions but no answer to what I am looking for. So here goes:

对于本机 Win32 dll,是否有 Win32 API 来枚举其导出函数名称?

For a native Win32 dll, is there a Win32 API to enumerate its export function names?

推荐答案

dumpbin/exports 几乎是您想要的,但这是一个开发人员工具,而不是 Win32 API.

dumpbin /exports is pretty much what you want, but that's a developer tool, not a Win32 API.

LoadLibraryExDONT_RESOLVE_DLL_REFERENCES 被严重警告,但碰巧对这种特殊情况很有用它完成了将 DLL 映射到内存的繁重工作(但您实际上并不需要或不想使用库中的任何内容),这使得您读取头文件变得微不足道:LoadLibraryEx<返回的模块句柄/code> 指向它.

LoadLibraryEx with DONT_RESOLVE_DLL_REFERENCES is heavily cautioned against, but happens to be useful for this particular case – it does the heavy lifting of mapping the DLL into memory (but you don't actually need or want to use anything from the library), which makes it trivial for you to read the header: the module handle returned by LoadLibraryEx points right at it.

#include <winnt.h>
HMODULE lib = LoadLibraryEx("library.dll", NULL, DONT_RESOLVE_DLL_REFERENCES);
assert(((PIMAGE_DOS_HEADER)lib)->e_magic == IMAGE_DOS_SIGNATURE);
PIMAGE_NT_HEADERS header = (PIMAGE_NT_HEADERS)((BYTE *)lib + ((PIMAGE_DOS_HEADER)lib)->e_lfanew);
assert(header->Signature == IMAGE_NT_SIGNATURE);
assert(header->OptionalHeader.NumberOfRvaAndSizes > 0);
PIMAGE_EXPORT_DIRECTORY exports = (PIMAGE_EXPORT_DIRECTORY)((BYTE *)lib + header->
    OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress);
assert(exports->AddressOfNames != 0);
BYTE** names = (BYTE**)((int)lib + exports->AddressOfNames);
for (int i = 0; i < exports->NumberOfNames; i++)
    printf("Export: %s
", (BYTE *)lib + (int)names[i]);

完全未经测试,但我认为它或多或少是正确的.(著名的遗言.)

Totally untested, but I think it's more or less correct. (Famous last words.)

相关文章