|
This assignment is about calling conventions, linking, and dll's. You should be familiar with the example code and references from Wednesday, January 31 and Monday, February 5. There are two parts to this assignment. They make use of the files contained in this zip file. You can do this exercise using either the LCC-Win32 compiler or Microsoft's Visual C/C++ compiler. For this assignment you will also need to download several utility programs.
The first two programs do not have installers; just unzip and use them. The third one has an installer, but it just creates a directory for the program and unzips it there. You can move the program anywhere you want. All three of these programs will run from a flash drive.
Part I) The first part of this assignment asks you to answer a few questions about dll's, just to get you more familiar with them. Write up an answer to each of the following questions.
1.) How many dll's are there on the system drive of your computer? (Your system drive is the environment variable value %SystemDrive%.) Explain how you figured out your answer. How many dll's are there in your %SystemRoot% directory?
2.) For this question, you need Dependency Walker. This program is used to examine part of the structure of exe and dll files. It tells you all of the dll's that an exe (or dll) file will "load" when the file executes. It also tells you which functions an exe imports from each dll, and it tells you all of the functions that a dll exports. Use Dependency Walker to open notepad.exe. How many dll's does notepad.exe use? (Hint: Click on the name of one dll in the lower window (the "Module List View"), use the "Edit -> Select All" menu item, then use copy and paste to get all of the dll names into an editor window, and then see how many lines there are.) Does the notepad.exe program make use of the C Library printf() function? (C Library functions are contained in MSVCRT.DLL.)
3.) In the hw3 zip file there is a copy of a program called M.exe (downloaded from www.magma.ca/~wjr/). Notice the very small size of M.exe. How many dll's does M.exe make use of? Now run M.exe by double clicking on it, but do not do anything with the running program yet. Use the program PrcView.exe to find out how many dll's have been loaded into memory by the running instance of M.exe. Now go back to the running instance of M.exe and click on the "File -> Save As ..." menu item (but do not do anything yet with the dialogue box that opens up). Now how many dll's does the running instance of M.exe have loaded into memory? (You may need to refresh the relevant window of PrcView.exe. Click on the window and tap the F5 key.) Play around with M.exe. It is a nice little program. It is entirely written in assembly language (and there is a newer version available from its home page). Try loading the data file nice.m. Then click on the menu item "Colors -> Add Shifting" and watch the animation (it runs for quite a while).
3'.) If you wish, you can also redo the previous problem using either of the two programs LoadLibrarySpy.exe or ProcessSpy.exe found in the hw3 zip file. These two programs come from the MSDN article Escape from DLL Hell with Custom Debugging and Instrumentation Tools and Utilities.
.
4.) In the previous two exercises, you looked at a program and examined which dll's it used. In this exercise, you will look at a dll and find out which processes are currently (and simultaneously) using it. Start the program DllSpy.exe found in the hw3 zip file (this program also comes from the article Escape from DLL Hell with Custom Debugging and Instrumentation Tools and Utilities). Use it to find out how many processes currently running on your system have the dll msvcrt.dll loaded into their memory space (this dll is the C Library). Also see how many processes currently running on your system have the dll wsock32.dll loaded into their memory space (this dll contains functions for connecting to the Internet). Use DllSpy.exe to count how many dll's are currently loaded into your computer's memory. Explain how you get your count.
Part II) In the hw3 zip file there is an exe file called dllBlues.exe. When you run this program, it has a problem. Your assignment is to solve all of its problems so that the program can run properly (dllBlues.exe is not supposed to really do anything specific, so your job is to just provide it with whatever it needs so that it runs without generating any errors). You will need to examine what is inside of dllBlues.exe so that you can figure out what you need to do. Use Dependency Walker and PEBrowse Professional as your examining tools.
PEBrowse Professional is a dissasembler. To get started with it, run PEBrowsePro.exe and use the "File -> Open File..." menu item to open dllBlues.exe (or just use "drag and drop" and drop the dllBlues.exe icon onto the PEBrowsePro.exe icon). Then click on the little "+" symbol next to the word "Sections" in the left hand pane. Then right click on the item ".text" and choose the "Disassemble .text" menu item (you might be prompted for the source code to dllBlues.c, but you don't have that, so click on Cancel). You will then see a disassembly window for dllBlues.exe. There is a lot more that PEBrowsePro.exe can tell you about dllBlues.exe, so do some exploring.
There are other disassemblers that you can try to use on dllBlues.exe. For example, there is objdump.exe that comes with MinGW.
You will end up writing a dll. Turn in a zip file containing your dll's source code, your def file for your dll, your compiled and linked dll and lib files, the original dllBlues.exe, and your written answers to the questions from Part I.
This assignment is due Wednesday, February 14.
Here are a few references to some very useful documentation about the Microsoft compiler and linker from Visual Studio 6.
|
