Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Removing exported symbols from a DLL and its associated import library (VS8)

Tags:

visual-studio

visual-studio-2005

Is there any way to postprocess a DLL and its .lib file to remove symbols that I do not want within them?

Background:

The DLL's code uses boost::serialization, which dllexports (many many) symbols. Apparently this is so as to cause the linker not to omit static objects that are unreferenced but have important side effects when initialized.

However, I'd very much prefer that there be no hint of boost within the DLL's exported symbols.

I reason that since the link step has completed that it would be safe to remove the mess in the symbol table caused by the library.

Hence, I am wondering if there exists some tool to accomplish this.

like image 934
lijie Avatar asked Sep 14 '11 11:09

lijie

1 Answers

I don't know a tool that does this, but here is a piece of C++ code you can build that can change a DLL exported names. In this case, you can set the names you don't want to an empty string (the 0 character):

void RemoveUnwantedExports(PSTR ImageName)
{
    LOADED_IMAGE image;
    // load dll in memory for r/w access
    // you'll need Imagehlp.h and Imagehlp.lib to compile successfully
    if (MapAndLoad(ImageName, NULL, &image, TRUE, FALSE))
    {
        // get the export table
        ULONG size;
        PIMAGE_EXPORT_DIRECTORY exports = (PIMAGE_EXPORT_DIRECTORY)ImageDirectoryEntryToData(image.MappedAddress, FALSE, IMAGE_DIRECTORY_ENTRY_EXPORT, &size);

        PIMAGE_SECTION_HEADER *pHeader = new PIMAGE_SECTION_HEADER();

        // get the names address
        PULONG names = (PULONG)ImageRvaToVa(image.FileHeader, image.MappedAddress, exports->AddressOfNames, pHeader);

        for (ULONG i = 0; i < exports->NumberOfNames; i++)
        {
            // get a given name
            PSTR name = (PSTR)ImageRvaToVa(image.FileHeader, image.MappedAddress, names[i] , pHeader);

            // printf("%s\n", name); // debug info

            if (IsUnwanted(name))
            {
                name[0] = 0; // set it to an empty string
            }
        }

        UnMapAndLoad(&image); // commit & write
    }
}

BOOL IsUnwanted(PSTR name)
{
  // implement this
}

It's more some kind of obfuscation but removing names completely is more complex since it requires a full consistent rewrite of the exports section.

like image 85
Simon Mourier Avatar answered Oct 18 '22 13:10

Simon Mourier
Sign in to Comment

Related questions

How do I perform VS 2010 cross domain remote debugging?
Visual Studio enable debug exceptions through macro
Is it possible to use a gcc compiled library with MSVC?
C++ memory alignment question
Effects of IDE/Text-Editor Color Settings on our Eyes [closed]
Is there a "ZIP project" in Visual Studio? [closed]
How do you exclude .svn directories from search in Visual Studio?
Unit testing 3.5 project in VS2010 yields CS1685 warnings
When building a DLL; what type of CRT should I link to?
Visual Studio equivalent to Eclipse keyboard shortcut Alt Shift L
Visual Studio 2008 keeps rebuilding [duplicate]
Visual Studio 2010 opens wrong file
Why do I get a busy cursor while building in Visual Studio 2010?
How to Add VS2010 Project to Google Code SVN using AnkhSVN?
VS2010 specific port changes at random
Visual Studio warning C4133
Do certain exception errors occur only in the debugger?
How to download and install Microsoft's Visual Studio C/C++ compiler without Visual Studio
xamarin for visual studio not showing simulator list
Why did Microsoft abandon long double data type? [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!