I have been asked this question a few times recently so I had a quick play to try and remember how its done and it is a simple enough process.
In the module definition (DEF) file you have at least the minimum lines,
LIBRARY YourDLL
EXPORTS YourFunction
To export "YourFunction" by using an ordinal numer instead of the name, add @ and the number you want so you end up with a line that looks like,
EXPORTS YourFunction @1
When you call this DLL function in your calling application, instead of using the name in GetProcAddress, you use the ordinal number. Properly you are supposed to use the LoWord of the parameter but if you use a number less than 65535, this will automatically happen in the 32 bit value you supply to the GetProcAddress function so your line of code will look like,
invoke GetProcAddress,hDLL,1
When I am a bit more awake, I will see if it can be done with the library and prototype.
Regards,
hutch@movsd.com
In the module definition (DEF) file you have at least the minimum lines,
LIBRARY YourDLL
EXPORTS YourFunction
To export "YourFunction" by using an ordinal numer instead of the name, add @ and the number you want so you end up with a line that looks like,
EXPORTS YourFunction @1
When you call this DLL function in your calling application, instead of using the name in GetProcAddress, you use the ordinal number. Properly you are supposed to use the LoWord of the parameter but if you use a number less than 65535, this will automatically happen in the 32 bit value you supply to the GetProcAddress function so your line of code will look like,
invoke GetProcAddress,hDLL,1
When I am a bit more awake, I will see if it can be done with the library and prototype.
Regards,
hutch@movsd.com
i thought you have to do
foo @1 NONAME
to get rid of the name, otherwise it will still be there...
foo @1 NONAME
to get rid of the name, otherwise it will still be there...
I added a "HOWTO:" to the thead name, so it will show up if people
do a HOWTO search. Hope you don't mind.
do a HOWTO search. Hope you don't mind.
f0dder,
Thanks for the Howto.
cynix,
Thanks for the suggestion, the complete line is,
Which is seen in DumpPE as,
Regards,
hutch@movsd.com
Thanks for the Howto.
cynix,
Thanks for the suggestion, the complete line is,
EXPORTS function1 @1 NONAME
Which is seen in DumpPE as,
Exp Addr Hint Ord Export Name by mmfdll.dll - Sat Feb 9 10:03:59 2002
-------- ---- ----- ---------------------------------------------------------
00001068 Ord 1 mmfdll.1
Regards,
hutch@movsd.com
Could someone please list the Advantages of Calling a DLL function by its ordinal number and a brief description of how this work? (steps that it takes)
I read of one disavanage of Calling a DLL function by its ordinal number and that is that it may change in furture version of Win32 OS. I think i can live with that but are there any other disadvantages.
Thanks
I read of one disavanage of Calling a DLL function by its ordinal number and that is that it may change in furture version of Win32 OS. I think i can live with that but are there any other disadvantages.
Thanks
Advantages of calling functions by ordinal? I can only think of two.
First is that your import section is shorter - only really useful if you're
trying to do extreme stuff like 4k intros. Second is that it's harder
to see what you're importing... which is stupid in most applications.
Importing windows functions by ordinal... I wouldn't do it. Most
will probably keep working, but you risk that your app will break
one day. It's worth noting that some import libraries from microsoft
use ordinals... especially MFC. But they have versions like mfc40.dll,
mfc42.dll, and so on, so it's unlikely that the app breaks. I've also
seen winsock implibs do ordinal imports (again... ws2_32.dll probably
wont change - and if they add significant new features they'll
probably rename it ws3_32.dll).
First is that your import section is shorter - only really useful if you're
trying to do extreme stuff like 4k intros. Second is that it's harder
to see what you're importing... which is stupid in most applications.
Importing windows functions by ordinal... I wouldn't do it. Most
will probably keep working, but you risk that your app will break
one day. It's worth noting that some import libraries from microsoft
use ordinals... especially MFC. But they have versions like mfc40.dll,
mfc42.dll, and so on, so it's unlikely that the app breaks. I've also
seen winsock implibs do ordinal imports (again... ws2_32.dll probably
wont change - and if they add significant new features they'll
probably rename it ws3_32.dll).
For those who want to try it a solution for that would be comment what your doing in maybe.
EXPORTS functionWHATEVER @1 NONAME ; GetProcAddr
EXPORTS functionWHATEVER @1 NONAME ; GetProcAddr
cmax,
The syntax of a DEF file does not allow comments on the same line, you are safe to put them on a seperate line.
The main advantage with calling a function by its ordinal is that it is faster because it does not have to look up the name. Very few applications will get much advantage from it but if you are looking for a slight speed advantage, its one of the tricks.
Regards,
hutch@movsd.com
The syntax of a DEF file does not allow comments on the same line, you are safe to put them on a seperate line.
The main advantage with calling a function by its ordinal is that it is faster because it does not have to look up the name. Very few applications will get much advantage from it but if you are looking for a slight speed advantage, its one of the tricks.
Regards,
hutch@movsd.com
Even with import_by_name, there's a "hint" for the PE loader where
to start looking. This hint is in effect the function ordinal...which means
there's a pretty good chance you'll hit gold the first time. If not, well,
the export names are sorted by name, so a binary search can be
performed. So importing by ordinal as a speed advantage? Get real ;).
Even with 1000s of imports, this is only a fraction of a second at
program startup. And remember, program startup, one-time penalty.
to start looking. This hint is in effect the function ordinal...which means
there's a pretty good chance you'll hit gold the first time. If not, well,
the export names are sorted by name, so a binary search can be
performed. So importing by ordinal as a speed advantage? Get real ;).
Even with 1000s of imports, this is only a fraction of a second at
program startup. And remember, program startup, one-time penalty.
I see now that even the smallest detail all really major issues when it come to ASM and coding itself. I thinki end up just letting masm do it thing and be HAPPY i got to understand more of what the code are doing, but not before i try everything else just to know how it's done. Now i know how to get into those dll's and why....
It use to read and sound so compucated...But the way you guys break things down, it beginnig to make a lot of since..
I can't get that out of a book...This board is getting very active anv very SERIOUS for the pass few months it seems.
Sorry to get off the subject but things are just beginning to kick in to me...ASM is SeriouS thats why i can't get no sleep anymore...
It use to read and sound so compucated...But the way you guys break things down, it beginnig to make a lot of since..
I can't get that out of a book...This board is getting very active anv very SERIOUS for the pass few months it seems.
Sorry to get off the subject but things are just beginning to kick in to me...ASM is SeriouS thats why i can't get no sleep anymore...