📄 lion-tutorial17.htm
字号:
You can't obtain it again easily. <br>
<b>reason</b> can be one of the four values:
<ul>
<li> <b>DLL_PROCESS_ATTACH</b> The DLL receives this value when it is first
injected into the process address space. You can use this opportunity to do
initialization.</li>
<li> <b>DLL_PROCESS_DETACH</b> The DLL receives this value when it is being
unloaded from the process address space. You can use this opportunity to do
some cleanup such as deallocate memory and so on.</li>
<li> <b>DLL_THREAD_ATTACH</b> The DLL receives this value when the process creates
a new thread.</li>
<li> <b>DLL_THREAD_DETACH</b> The DLL receives this value when a thread in the
process is destroyed.</li>
</ul>
You return TRUE in eax if you want the DLL to go on running. If you return FALSE,
the DLL will not be loaded. For example, if your initialization code must allocate
some memory and it cannot do that successfully, the entrypoint function should
return FALSE to indicate that the DLL cannot run. <br>
You can put your functions in the DLL following the entrypoint function or before
it. But if you want them to be callable from other programs, you must put their
names in the export list in the module definition file (.def). <br>
A DLL needs a module definition file in its developmental stage. We will take
a look at it now.
<p><b>LIBRARY</b> DLLSkeleton <br>
<b>EXPORTS</b> TestFunction
<p>Normally you must have the first line.The <b>LIBRARY</b> statement defines
the internal module name of the DLL. You should match it with the filename of
the DLL. <br>
The <b>EXPORTS</b> statement tells the linker which functions in the DLL are
exported, that is, callable from other programs. In the example, we want other
modules to be able to call TestFunction, so we put its name in the <b>EXPORTS</b>
statement. <br>
Another change is in the linker switch. You must put <b>/DLL</b> switch and
<b>/DEF:<your def filename> </b>in your linker switches like this:
<p><b>link /DLL /SUBSYSTEM:WINDOWS /DEF:DLLSkeleton.def /LIBPATH:c:\masm32\lib
DLLSkeleton.obj</b>
<p>The assembler switches are the same, namely /c /coff /Cp. So after you link
the object file, you will get .dll and .lib. The .lib is the import library
which you can use to link to other programs that use the functions in the DLL.
<br>
Next I'll show you how to use LoadLibrary to load a DLL.
<p>;---------------------------------------------------------------------------------------------
<br>
;
UseDLL.asm <br>
;----------------------------------------------------------------------------------------------
<br>
<b>.386</b> <br>
<b>.model flat,stdcall</b> <br>
<b>option casemap:none</b> <br>
<b>include \masm32\include\windows.inc</b> <br>
<b>include \masm32\include\user32.inc</b> <br>
<b>include \masm32\include\kernel32.inc</b> <br>
<b>includelib \masm32\lib\kernel32.lib</b> <br>
<b>includelib \masm32\lib\user32.lib</b>
<p><b>.data</b> <br>
<b>LibName db "DLLSkeleton.dll",0</b> <br>
<b>FunctionName db "TestHello",0</b> <br>
<b>DllNotFound db "Cannot load library",0</b> <br>
<b>AppName db "Load Library",0</b> <br>
<b>FunctionNotFound db "TestHello function not found",0</b>
<p><b>.data?</b> <br>
<b>hLib dd ?
; the handle of the library (DLL)</b> <br>
<b>TestHelloAddr dd ?
; the address of the TestHello function</b>
<p><b>.code</b> <br>
<b>start:</b> <br>
<b> invoke LoadLibrary,addr LibName</b>
<br>
<b>;---------------------------------------------------------------------------------------------------------</b>
<br>
<b>; Call LoadLibrary with the name of the desired DLL. If the call is successful</b>
<br>
<b>; it will return the handle to the library (DLL). If not, it will return
NULL</b> <br>
<b>; You can pass the library handle to GetProcAddress or any function that
requires</b> <br>
<b>; a library handle as a parameter.</b> <br>
<b>;------------------------------------------------------------------------------------------------------------</b>
<br>
<b> .if eax==NULL</b> <br>
<b>
invoke MessageBox,NULL,addr DllNotFound,addr AppName,MB_OK</b> <br>
<b> .else</b> <br>
<b>
mov hLib,eax</b> <br>
<b>
invoke GetProcAddress,hLib,addr FunctionName</b> <br>
<b>;-------------------------------------------------------------------------------------------------------------</b>
<br>
<b>; When you get the library handle, you pass it to GetProcAddress with the
address</b> <br>
<b>; of the name of the function in that DLL you want to call. It returns the
address</b> <br>
<b>; of the function if successful. Otherwise, it returns NULL</b> <br>
<b>; Addresses of functions don't change unless you unload and reload the library.</b>
<br>
<b>; So you can put them in global variables for future use.</b> <br>
<b>;-------------------------------------------------------------------------------------------------------------</b>
<br>
<b>
.if eax==NULL</b> <br>
<b>
invoke MessageBox,NULL,addr FunctionNotFound,addr AppName,MB_OK</b> <br>
<b>
.else</b> <br>
<b>
mov TestHelloAddr,eax</b> <br>
<b>
call [TestHelloAddr]</b> <br>
<b>;-------------------------------------------------------------------------------------------------------------</b>
<br>
<b>; Next, you can call the function with a simple call with the variable containing</b>
<br>
<b>; the address of the function as the operand.</b> <br>
<b>;-------------------------------------------------------------------------------------------------------------</b>
<br>
<b>
.endif</b> <br>
<b>
invoke FreeLibrary,hLib</b> <br>
<b>;-------------------------------------------------------------------------------------------------------------</b>
<br>
<b>; When you don't need the library anymore, unload it with FreeLibrary.</b>
<br>
<b>;-------------------------------------------------------------------------------------------------------------</b>
<br>
<b> .endif</b> <br>
<b> invoke ExitProcess,NULL</b> <br>
<b>end start</b>
<p>So you can see that using LoadLibrary is a little more involved but it's also
more flexible.
<hr size="1">
<div align="center"> This article come from Iczelion's asm page, Welcom to <a href="http://asm.yeah.net">http://asm.yeah.net</a></div>
</body>
</html>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -