Hello everyone,
Some study these days about address of exported function in DLL. It is appreciated if you could review and comment.
(for C++ DLL/EXE only)
1.Inside DLL
For the DLL itself, in its build process, it has to decide the address of each function in the result binary file (.dll), right? I think each exported function in the dll biinary file has a definite absolute address, which is based on the default load base address of the DLL, right?
2. Inside EXE
For the EXE, which utilizes the DLL, since there may be DLL rebase, which changes the base load address of the DLL into EXE process space, the address of the exported function of the DLL is not known until EXE load time and the final rebased address of the exported function of the DLL is put into the IAT of EXE.
In other words, the same function of the DLL, may have different address in different EXEs, which loads the DLL into related process space of EXE.
So, all the places where invokes the dllexported function, will use a function pointer to point to the IAT entry of the related dllexported function to form a indirection level function call. No address of DLL exported function is known and written to the EXE binary until load time address fix-up.
My understanding of (1) and (2) correct? Any comments?
thanks in advance,
George
Some study these days about address of exported function in DLL. It is appreciated if you could review and comment.
(for C++ DLL/EXE only)
1.Inside DLL
For the DLL itself, in its build process, it has to decide the address of each function in the result binary file (.dll), right? I think each exported function in the dll biinary file has a definite absolute address, which is based on the default load base address of the DLL, right?
2. Inside EXE
For the EXE, which utilizes the DLL, since there may be DLL rebase, which changes the base load address of the DLL into EXE process space, the address of the exported function of the DLL is not known until EXE load time and the final rebased address of the exported function of the DLL is put into the IAT of EXE.
In other words, the same function of the DLL, may have different address in different EXEs, which loads the DLL into related process space of EXE.
So, all the places where invokes the dllexported function, will use a function pointer to point to the IAT entry of the related dllexported function to form a indirection level function call. No address of DLL exported function is known and written to the EXE binary until load time address fix-up.
My understanding of (1) and (2) correct? Any comments?
thanks in advance,
George