is it possible for function address in DLL to change if it loaded to application?

Question

I disassembled a DLL and see there some functions. I found the function that I need and it's address is 0x10001340.

Would this address stay the same, if I load this dll into my application? So would it be possible for me to call that function by it's address from my application?

I am asking because I am not sure: what if when this dll loaded, some function in the main application already has the same address? So maybe the functions inside a dll can change addresses when loading or etc.

Answer 1

On Windows dlls have a preferential load address, but the loader is able to change all those references if it notices that such portion of the virtual address space is already used. This process is called "rebasing".

The "default" base address is specified at linking time (/BASE with the Microsoft linker), and it can be useful to set it to something different than the default if you plan to use the dll alongside with another one with the same base address; this speeds up the loading process, since the loader doesn't have to rebase one of the dlls at each load. (IIRC there are also tools that are able to rebase an existing dll and save the result on disk)

It's good to keep in mind that, from Windows Vista onwards, dlls compiled with a specified flag are loaded always at a random base address to avoid some kind of exploits.

Answer 2

It is extremely unlikely that you'll end up with the same address. The default /BASE argument for the linker for DLLs is 0x10000000, that's how your entrypoint ended up at that address. But there are many DLLs that are linked using the default setting, only one can actually get loaded at that address. All the other ones that get loaded later need to be re-based.

You could come up with a better value for /BASE, it is however never a guarantee that you get the load address you ask for.