Hi guys
Do windows dlls have a list of forbidden chars for the export function name of a dll ? I mean, can i have a dll with a export function like:
"My Function" - (with a space anywhere the function name)
";MyFunction" - (with a colon sign anywhere the function name)
"My,Function" - (with a comma sign anywhere the function name)
"My'Function" - (with a single quote char anywhere the function name)
So...if it have some forbidden chars to be used as the name of a exported function, what are those chars ?
Note: I´m not talking about the decoretaed name that allows chars like @ ? _ # etc... I would like to know if there are other chars that are strictly forbidden to be used as a export function name
Test it... write your own DLL, then insert chars with a hex editor.
I did some tests, and it seems that the OS has means to detect changes. Attached a test project: when you run the exe, it allows to poke one char into MyReal8. GetProcAddress, handle, M?Real8 works fine as long as the ? is y. Even uppercase Y won't work, so it seems that a checksum is involved to prevent poking around.
Guga,
I would be inclined to stick to normal alphabetical characters as the conventions for things like export name was settle long ago and before spaces and punctuations were allowed in file names.
Quote from: guga on April 11, 2020, 06:36:32 AM
"My Function" - (with a space anywhere the function name)
";MyFunction" - (with a colon sign anywhere the function name)
"My,Function" - (with a comma sign anywhere the function name)
"My'Function" - (with a single quote char anywhere the function name)
None of the above are acceptable.
Acceptable:
[_,a..z,A..Z], [0..9] for characters after first.
Untested/Uncertain:
- Some Unicode code points.
- $
- ASCII after 127 when using specific code pages.
No any problem with the leading symbol $ :
.386
.model flat, stdcall
option casemap :none
include \masm32\include\windows.inc
include \masm32\include\kernel32.inc
include \masm32\include\msvcrt.inc
includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\msvcrt.lib
includelib simpleDLL.lib
$StrLen PROTO :DWORD
.data
message db 'Hello world!',0
str1 db 'StrLen = %d',0
.code
start:
invoke $StrLen,ADDR message
invoke crt_printf,ADDR str1,eax
invoke ExitProcess,0
END start
Quote from: Vortex on April 11, 2020, 09:23:51 PM
No any problem with the leading symbol $
Not tested, but it probably works also for the question mark. These are legal chars used in macros etc.
Quote
Not tested, but it probably works also for the question mark. These are legal chars used in macros etc.
The question mark does not pose any problem, that's OK. I tested it now.
I think the question mark is a hint for C++ linkage, otherwise is not a legal character.
deleted
Thanks guys
Indeed the OS seems to not allow some specific chars. Unfortunately, i didn´t find anywhere what those chars are. This was for a update i made in rosAsm on a function that imports the Apis using LoaLibraryEx, LoadLibrary to assemble the app. I would like to make a extra security check in case a user made a mistake typing invalid chars as the name of a api.
I´m quite sure the space ' ' is not allowed, but i was wondering what are the other chars.
Btw....Nidud and AW
You mean Ansi chars, right ? So, valid chars are:
a to z
A to Z
0 to 9
_
?
But....watcom, OpenVMS, Visual Studio, GCC, IAR EWARM allows also "(" and ")" and "$" and "@" and "<" ">" ASCII after 127 when using specific code pages. ?
So, if those others chars and rules are allowed is it safe to use them on any Windows Version ?
Are there any other chars that are valid ?
https://en.wikipedia.org/wiki/Name_mangling
deleted
We are talking about exported functions from DLLs not about identifiers in general.
For those I believe only the following characters are acceptable:
[_,a..z,A..Z], [0..9] for characters after first
With C++, the ? character exists and has a special meaning.
However, for internal functions of a program more characters are acceptable, including some Unicode code points and after-127 ASCII characters. The $ is a Microsoft extension.
See:
https://docs.microsoft.com/en-us/cpp/cpp/identifiers-cpp?view=vs-2019
There is another alternative and that is to use ordinals instead of names. I rarely ever use it but it does work and it appears to be a Microsoft technique to make tracking the exports more obscure, mainly against hacking.
deleted
Quote from: hutch-- on April 12, 2020, 07:14:38 PM
There is another alternative and that is to use ordinals instead of names. I rarely ever use it but it does work and it appears to be a Microsoft technique to make tracking the exports more obscure, mainly against hacking.
You can even use equates in your sources to de-obscure them
PrintReal10Index=123
.data?
PrintReal10 dd ?
.code
mov PrintReal10, rv(GetProcAddress, MyDll, PrintReal10Index)
push FP10(123.456)
call PrintReal10
Quote from: hutch-- on April 12, 2020, 07:14:38 PM
There is another alternative and that is to use ordinals instead of names. I rarely ever use it but it does work and it appears to be a Microsoft technique to make tracking the exports more obscure, mainly against hacking.
Hi Steve and Jochen.
Yes, ordinal numbers are a alternative. RosAsm allows them to be used too. The problem is that, i would like to make things a bit simpler, like a check for forbidden chars when the user writes a call to a api function.
For what i read on the comments (nidud,Aw etc) there are some invalid chars that can be used for such a thing, but the compilation speed maybe a bit affected. So, perhaps, i´ll be forced to end simply allowing the user to write whatever he wants as it is already. So, when the user types a invalid api function the proper message will show up. (Since the verification of that api is done by loadlibrary etc, rosasm uses it´s return value to show the proper message).
I´m thinking in what could be better to do (If i use some of the forbidden chars or not). I just faced another problem regarding the LoadLibrary api concerning a deadlock i found in one dll from ffmpeg. I opened another thread for that specific problem. I´m quite sure it is a windows10 bug in LoadLibraryExW function, but, i posted there to try to find a workaround for that.
Guga,
Just do a lookup table with the allowable characters and reject the rest. Table below is numbers, upper and lower case characters for a US character set.
db 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
db 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
db 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
db 1,1,1,1,1,1,1,1,1,1,0,0,0,0,0,0
db 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1
db 1,1,1,1,1,1,1,1,1,1,1,0,0,0,0,0
db 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1
db 1,1,1,1,1,1,1,1,1,1,1,0,0,0,0,0
db 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
db 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
db 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
db 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
db 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
db 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
db 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
db 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
Tks, Steve :thumbsup: :thumbsup: :thumbsup: :thumbsup: