Enumerating Decorated DLL Functions in C++

3
votes

In my project, I need to load DLLs at run time and I have no information about them prior to that. I need to be able to enumerate the functions with their (decorated) names to be called with LoadLibrary and GetProcAddress (this is a requirement imposed on me). The names may or may not be decorated, and obviously GetProcAddress needs the decorated name if it has one.

Is there a reasonable way to do this?

I can use Depends and other tools to pull out decorated names myself, but this needs to be done at run time. With functions like UnDecorateSymbolName, there's got to be a way to get the decorated name out that I'm missing. I tried SymEnumSymbols but that undecorated the names.

Note that I'm not asking about calling the functions, just enumerating names from the DLL without a .DEF file. I'm on Visual Studio 2010 and it is assumed all DLLs will be compiled on Visual Studio.

1
c++dll
So you only want the names? What about this source code - huysentruitw
This doesn't make much sense. Be sure to look for "FormatDrive", you don't want to call it. And just about anything else that can do random nasty things if you have no clue what they do, crashing your program only if you're lucky. - Hans Passant
I realize it is a massive security hole but the project is to allow the 'user' to write a DLL (within some specific but dynamic rules) and have it execute. Any time you let the user run their own code there's going to be a way to break the machine. That's not what the question is about. - mwilliams

1 Answers

2
votes

If you want to enumerate DLL Functions at runtime using C++, then have a try at PEDUMP from Matt Pietrek (code included). He shows how to implement this feature.

Below a snapshot of the output, showing decorated exported functions of a DLL:

enter image description here