The MASM Forum

Since the MS COFF import libraries for 64-bit are not decorated, it''s easy to create them from system DLLs.
I coded a tool named dll2definc creating module definition and include files from dynamic link libraries. The resulting module definition files are converted to import libraries by another new tool def2lib64.

dll2definc and def2lib64 are 32-bit executables.

MakeDefIncLib.bat supplied with the attachment :


dll2definc aclui.dll
dll2definc activeds.dll
dll2definc advapi32.dll
.
.
.
def2lib64 aclui.def
def2lib64 activeds.def
def2lib64 advapi32.def
.
.
.


kernel32.inc :

EXTERNDEF ActivateActCtx:PROC
EXTERNDEF AddAtomA:PROC
AddAtom EQU <AddAtomA>

EXTERNDEF AddAtomW:PROC
EXTERNDEF AddConsoleAliasA:PROC
AddConsoleAlias EQU <AddConsoleAliasA>

EXTERNDEF AddConsoleAliasW:PROC
EXTERNDEF AddLocalAlternateComputerNameA:PROC
AddLocalAlternateComputerName EQU <AddLocalAlternateComputerNameA>

EXTERNDEF AddLocalAlternateComputerNameW:PROC
EXTERNDEF AddRefActCtx:PROC
.
.
.


A ml64 example using the include files and import libraries :

OPTION dotname

OPTION casemap:none

include \masm64\include\win64.inc
include \masm64\include\temphls.inc

include     kernel32.inc
include     user32.inc

includelib  kernel32.lib
includelib  user32.lib

PUBLIC start

.data

msg  db 'Hello world!',0
capt db 'ml64 demo',0

.code

start:

    sub      rsp,40

    invoke   MessageBox,0,ADDR msg,ADDR capt,0

    invoke  ExitProcess,0

END

Hi, Vortex!
line

QuoteOPTION casemap:none

can be omitted if you use the compiler ml64 with the option /Cp
lines

QuoteOPTION dotname
include \masm64\include\win64.inc
include \masm64\include\temphls.inc
include     kernel32.inc
include     user32.inc
includelib  kernel32.lib
includelib  user32.lib   

can be placed in win64a.inc file and then in asm-file will be a single line

Quoteinclude \masm64\include\win64a.inc

Quote from: Mikl__ on July 11, 2016, 11:01:26 AMline

QuoteOPTION casemap:none

can be omitted if you use the compiler ml64 with the option /Cp

Hi Mikl!
This may be right, but embedding it in the code is easier for most people than fumbling with assembler or linker options.

I have done it this way to keep it convenient. The file is named "masm64rt.inc".



    OPTION DOTNAME                          ; required for main macro file
    option casemap:none                     ; case sensitive

    OPTION PROLOGUE:rbpFramePrologue        ; macros for stack frame provision
    OPTION EPILOGUE:rbpFrameEpilogue

    include \masm64\include\win64.inc       ; main include file
    include \masm64\include\temphls.inc     ; main macro file
    include \masm64\macros\macros64.inc     ; auxillary macro file

    include \masm64\m64lib\m64lib.inc       ; include file for m64lib library

  ; ------------------------
  ; system API include files
  ; ------------------------
    include \masm64\include\kernel32.inc
    include \masm64\include\user32.inc
    include \masm64\include\gdi32.inc
    include \masm64\include\Comctl32.inc
    include \masm64\include\comdlg32.inc
    include \masm64\include\shell32.inc
    include \masm64\include\oleaut32.inc
    include \masm64\include\ole32.inc
    include \masm64\include\msvcrt.inc

    includelib \masm64\m64lib\m64lib.lib    ; m64lib library

  ; ------------------------
  ; system API library files
  ; ------------------------
    includelib \masm64\lib\kernel32.lib
    includelib \masm64\lib\user32.lib
    includelib \masm64\lib\gdi32.lib
    includelib \masm64\lib\Comctl32.lib
    includelib \masm64\lib\comdlg32.lib
    includelib \masm64\lib\shell32.lib
    includelib \masm64\lib\oleaut32.lib
    includelib \masm64\lib\ole32.lib
    includelib \masm64\lib\msvcrt.lib

Hi,
converter dll2definc does not work on this new dll, application closes with the exception https://www.file-upload.net/download-12497907/VS2017_MSDisasm.7z.html (https://www.file-upload.net/download-12497907/VS2017_MSDisasm.7z.html)
How else can I make an include file?!

Hi LiaoMi,

dll2definc was instructed to skip symbols with the leading symbol ? I removed this detection. You can download the new build. Here is the include file :

EXTERNDEF ?Addr@DIS@@QBE_KXZ:PROC
EXTERNDEF ?CchFormatAddr@DIS@@QBEI_KPA_WI@Z:PROC
EXTERNDEF ?CchFormatInstr@DIS@@QBEIPA_WI@Z:PROC
EXTERNDEF ?Dist@DIS@@QBE?AW4DIST@1@XZ:PROC
EXTERNDEF ?PdisNew@DIS@@SGPAV1@W4DIST@1@@Z:PROC
EXTERNDEF ?PfncchaddrSet@DIS@@QAEP6GIPBV1@_KPA_WIPA_K@ZP6GI012I3@Z@Z:PROC
EXTERNDEF ?PfncchfixupSet@DIS@@QAEP6GIPBV1@_KIPA_WIPA_K@ZP6GI01I2I3@Z@Z:PROC
EXTERNDEF ?PfncchregSet@DIS@@QAEP6GIPBV1@W4REGA@1@PA_WI@ZP6GI012I@Z@Z:PROC
EXTERNDEF ?PfncchregrelSet@DIS@@QAEP6GIPBV1@W4REGA@1@KPA_WIPAK@ZP6GI01K2I3@Z@Z:PROC
EXTERNDEF ?PfndwgetregSet@DIS@@QAEP6G_KPBV1@W4REGA@1@@ZP6G_K01@Z@Z:PROC
EXTERNDEF ?PvClient@DIS@@QBEPAXXZ:PROC
EXTERNDEF ?PvClientSet@DIS@@QAEPAXPAX@Z:PROC
EXTERNDEF ?PwostrstreamNew@wostrstream@DIS@@SGPAV12@PA_WI@Z:PROC
EXTERNDEF ?PwostrstreamNew@wostrstream@DIS@@SGPAV12@XZ:PROC
EXTERNDEF ?SetAddr64@DIS@@QAEX_N@Z:PROC


Verifying with Podump :


\Pellesc\bin\podump.exe /EXPORTS msvcdis140.dll

Dump of msvcdis140.dll

File type: DLL

        Exported symbols for msvcdis140.dll

               0 characteristics
        58D1B0E1 time date stamp (Wed Mar 22 01:01:53 2017)
            0.00 version
               1 ordinal base
               F number of functions
               F number of names

        ordinal  hint  address   name
              1     0  100B5870  ?Addr@DIS@@QBE_KXZ
              2     1  100B58A0  ?CchFormatAddr@DIS@@QBEI_KPA_WI@Z
              3     2  100B5990  ?CchFormatInstr@DIS@@QBEIPA_WI@Z
              4     3  100B5A80  ?Dist@DIS@@QBE?AW4DIST@1@XZ
              5     4  100B5B80  ?PdisNew@DIS@@SGPAV1@W4DIST@1@@Z
              6     5  100B5DF0  ?PfncchaddrSet@DIS@@QAEP6GIPBV1@_KPA_WIPA_K@ZP6
GI012I3@Z@Z
              7     6  100B5E00  ?PfncchfixupSet@DIS@@QAEP6GIPBV1@_KIPA_WIPA_K@Z
P6GI01I2I3@Z@Z
              8     7  100B5E20  ?PfncchregSet@DIS@@QAEP6GIPBV1@W4REGA@1@PA_WI@Z
P6GI012I@Z@Z
              9     8  100B5E10  ?PfncchregrelSet@DIS@@QAEP6GIPBV1@W4REGA@1@KPA_
WIPAK@ZP6GI01K2I3@Z@Z
              A     9  100B5E30  ?PfndwgetregSet@DIS@@QAEP6G_KPBV1@W4REGA@1@@ZP6
G_K01@Z@Z
              B     A  100B5E40  ?PvClient@DIS@@QBEPAXXZ
              C     B  100B5E50  ?PvClientSet@DIS@@QAEPAXPAX@Z
              D     C  100B5270  ?PwostrstreamNew@wostrstream@DIS@@SGPAV12@PA_WI
@Z
              E     D  100B51E0  ?PwostrstreamNew@wostrstream@DIS@@SGPAV12@XZ
              F     E  100B5E60  ?SetAddr64@DIS@@QAEX_N@Z

Hi Vortex,

32 bit dll worked perfectly, and 64 bits should not be analyzed?

VS2017_MSDisasm\Dll2defincV10>Dll2definc.exe msvcdis140.dll
dll2inc cannot load the DLL

This is the result from the 64-bit folder. Many thanks!

Hi LiaoMi,

dll2def2inc is a 32-bit executable and the LoadLibrary function cannot load a 64-bit DLL in this case. You will have to employ other tricks to load such kind of DLLs but no need of this for the moment as both of the 32-bit and 64-bit versions of msvcdis140.dll are supposed to export the same functions.

dll2def64 tool reading 64-bit DLLs and creating module definition files :

dll2def64.exe C:\WINDOWS\system32\kernel32.dll

Works fine here Erol.

LIBRARY kernel32
EXPORTS
"AcquireSRWLockExclusive"
"AcquireSRWLockShared"
"ActivateActCtx"
"ActivateActCtxWorker"
"AddAtomA"
"AddAtomW"
"AddConsoleAliasA"
"AddConsoleAliasW"
"AddDllDirectory"
etc .....


I originally copied kernel32.dll into the same directory as your tool and it kept rejecting it as 32 bit so I used you posted command line, seems I missed the translated 64 bit layer.

Hi Hutch,

Thanks for the test. dll2def64V10 is only for 64-bit DLLs. To create module definition files from 32-bit DLLs, you can try Dll2defincV10 in the same thread.