WHAT ARE DLL FILES?

- Bindesh Kumar Singh

March 2007

INTRODUCTION
Firstly, I would like to tell you about why it is important to understand the concept of DLL. Dlls
are the programmer’s most useful component. Dll provides us these facilities: -
1. Faster application development.
2. Memory conservation.
3. Data (resource) sharing.
4. Better way of updating the software.
Few more that is programmer dependent like adding security in dlls, personal information, etc

LET’S START READING THE DLL’S LORE AS A BEGINNER:

You would have seen many files with extension “dll”. What is the purpose of dll? Almost every
software contains it.
DLL expands to Dynamic Link Library.
Why it is so called?
Dynamic - why? Even it doesn’t execute.
Link - to where.
Library - of what.

Before we directly go for the core here are few general points which must have arrived in your
mind. The executables contain not only CPU instructions but data (sound, images etc). Suppose
you are creating a program which alarms by printing an image. You will put sound and image
code in your program. What would you do if you are required to develop 10 similar programs?
Bad habit! – Don’t just copy the code. Imagine, you made a program that executes the sound
playing code of your first program. Hanged! It is possible. Dll files allow you to do this. This
feature of DLL is known as linking. And b/c it’s done at run time (dynamically) it’s now called to
be dynamic linking. Further we added many more functions to our first program creating a small
library. Whenever we execute the later programs (client programs using the parent program)
they call the sound playing code of 1st program. Here our 1st program is acting as a library,
parent or source. Our newer programs will fail to work if there is no library program. That’s why
the library becomes very important to us and must be executed before we can run the later
programs.
The dll files are similar to what we were taking about our first program or library. But there are
some differences: -
1. Dll files can’t execute by themselves. Must be loaded by another executable.
2. They have extension “.dll” not “.exe”

Do DLLs only have library of code?

No.
They can also be used to maintain library of images, sound (i.e. RESOURCES).

You created a program which displays a window.

You didn’t programmed for the close, minimize icons. Where did they come from? Surely they
were copied from some library. Here it is shell32.dll [a windows shell library]. Present in
windows/system32 /

Here is the description of dll in action [lame language].

Carefully read the following.

1. Take one glass of water. [data creation instruction]

2. Put a spoon of salt in the glass. [move/copy instruction]
3. Add with lemon juice. [add instruction]
4. Say yes if prepared successfully. [return value]

The above are instructions for humans to make a lemon juice.

Anybody who understands english and owns the materials can prepare one. Also there is no
restriction how many people read it.

If these instructions are code of DLL files then you are the program using this dll. Every program
shares this same code.
Everyone having their material follow the same instructions to give the result.

What happens when we execute a program that uses a dll file?

=>
The program which uses a dll contains some code which loads the dll into memory. (more on this
later).
The dll file gets loaded in the memory (ram). This executable file uses the instructions of the dll.
When the execution of the program finishes it gets unloaded and dll also gets unloaded.

What happens if two programs are running and using a single DLL?
=>
Both are using the code of this dll. But if any of them finishes its task 1st. It’ll be unloaded. But dll
doesn’t unload. If it were unloaded what would happen with the 2nd program. To check this
troublesome state, windows uses a count strategy.
Windows uses a count value to check how many programs are using the dll file. Whenever a new
program (or another instance of 1st) executes windows increments the count of the dll by 1.
Similar happens when program unload i.e. decrements the count. When the count becomes 0,
finally unloads the dll from the memory.

PROGRAMMING FOR DLL.

If you have not yet developed any program using a dll, this is the right time to start. But there
are few things to mind before we go for dll programming. These are –
1. What compiler do I use?
2. Language preferred here is C or VC.
3. Must have developed some windows applications.

I will go with Microsoft Visual Studio 6.0.

Let’s start with our simplest dll project. Follow these steps –
1. Start VS 6.0
2. File -> New -> Projects [Win32 dynamic link library].
3. Give project name “dllprj” OR your own choice.
4. Click OK -> An empty dll project.
5. File -> new -> C++ source file -> Give name “dllprj.c” Don’t forget the C extension.

PLEASE NOTE:-
We are going to use a dll file that’s why we would not bother in creating static link library which
is mere a lib file like we used in TC++. Compiling Dynamic link library project creates exp,
 lib(doesn’t contains the code) and dll files. Whereas on compiling Static link library project
produces a lib file which contains the code.

Now edit in the file.

/******************* BEGIN **************************/

/* A TEST DLL PROJECT */
#include <windows.h>
#ifdef __cplusplus
#define extern “C” DLLEXPORT __declspec(dllexport)
#else
#define DLLEXPORT __declspec(dllexport)

BOOL __stdcall DllMain (HANDLE hdll, DWORD dwreason, LPVOID lpreserved)

{
return TRUE;
}
/* your functions here */

void DLLEXPORT dllfunction()

{
MessageBox(0,"Called from Dll","INFORMATION",0);
}

/* will not be exported/usable by other programs */

void fun()
{
MessageBox(0,"Will not be exported","INFORMATION",0);
}

/********************** EOF **************************/

Every dll contains an entry point named DllMain (…..)

Like a normal windows application contains WinMain(….)
All functions below this entry point are saved inside the dll file.
But are not exported (unaccessible by other programs). To export the functions we need to add
__declspec(dllexport). It means that we are going to export the functions and make them
accessible by other programs. Here the function “dllfunction” will be exported from the code to
the dll and will be accessible by other programs. But, “fun” will not be exported and will be
inaccessible from outside the dll.

What extern “C” means?

It means that the function will follow the C (programming) rules. It will behave as the normal c
programs behave. Technically saying – It specifies the calling convention. The way stack will be
managed. Which functions pushes OR pops the stack, calling function OR called function?

Calling convention Passed parameter Stack cleared by

C, C++ Pushes parameters on the stack, in Caller clears the stack

reverse order (right to left)

Fortran (__stdcall) Pushes parameters on the stack, in Called function clears the
reverse order (right to left) stack
If you have created a function in dll with __stdcall the function will contain some garbage like
letters in its name. If function is declared as: -
void DLLEXPORT __stdcall dllfunction()
_dllfunction@0 name is created in the dll.

If we were just named our file with cpp extension then the dll’s sign would have been something
like this
?dllfunction@@YAX
NOTE: Because c++ remembers functions by its parameters not only names. That’s why it
supports function overloading.
HOW TO SEE THESE NAMES: Use Dependency Walker See reference

Compile the code. It’ll create dllprj.dll, dllprj.lib, dllprj.exp.

Dllprj.lib => Contains the list of linkable functions. Used during static linking of dll.
Dllprj.dll => Contains the actual code of function. Most important file.
Dllprj.exp => Contains the export information.

Creating a program which uses a dll.

There are two ways of using the dll.

1. Load-time dynamic linking
2. Run-time dynamic linking

To use a dll, we must declare the function prototype before using them. A header file is to be
created first.

Load-time dynamic linking: This is the easiest way of using the dll. The program will be linked
(save the address of the exported functions) with the dll at compile time. It requires the lib file
created with the dll. The lib file contains the information how the functions will be linked with the
target program.

Run-time dynamic linking: This is harder b/c it requires many function pointers. But any
change in the dll will not affect the user program. It doesn’t require a lib file.

Let’s create a program using our dll.

Load-time:
1. Start VC++ 6.0
2. File -> New -> Projects -> Win32 Application -> give project name -> An empty project.
3. File -> New -> File -> C++ source file -> give name with C extension.

Edit the file:-

/********************** BEGIN **********************/
#include <windows.h>

void dllfunction(); /* Or include the header file for our dll. */

int __stdcall WinMain(HINSTANCE hinst, HINSTANCE hprevinst, LPSTR lpcmdline, int cmdshow)
{
dllfunction();
return 0;
}
/********************** EOF ************************/

Click project -> settings -> Link -> On the list of lib files add your dll’s lib file i.e. dllprj.lib -> OK

Now paste dllprj.lib in the LIB folder of VC++ 6.0.

Build the program.

Run the program. It will give error that dllprj.dll not found.
Paste the dll file in the exe’s folder and run the exe.

Run-time: -

1. Start VC++ 6.0

2. File -> New -> Projects -> Win32 Application -> give project name -> An empty project.
3. File -> New -> File -> C++ source file -> give name with C extension.
Edit the file:-

/********************** BEGIN **********************/

#include <windows.h>

int __stdcall WinMain(HINSTANCE hinst, HINSTANCE hprevinst, LPSTR lpcmdline, int cmdshow)
{
HINSTANCE hdll; /* creates a handle for dll */
void (*pfunc)(); /*creates a function pointer */

/* OR
BOOL (CALLBACK *pfunc)();
Using this pointer there is no need to use typecasting in GetProcAddress.
*/

hdll = LoadLibrary("dllprj.dll"); /* Load the dll in memory*/

if(!hdll) /* If hdll is null */
{
MessageBox(0,"dllprj.dll not found","Dll absent",0);
return 0;
}
pfunc = (void*)GetProcAddress(hdll,"dllfunction");

/*
Use if callback function is used
pfunc = GetProcAddress(hdll,"dllfunction");
*/

if(pfunc) /* If not NULL */

(*pfunc)(); /* call the function */

FreeLibrary(hdll); /* unload the dll */

return 0;
}
/************************ EOF ***********************/
Before using the dll’s functions, we have to load the dll in the memory. Ones the dll has been
successfully loaded the address of the function can be retrieved. We ask for the function’s
address by calling GetProcAddress(dll’s handle, function name). It returns the address of the
function. (void*) typecast is used to indicate the type of function pointer being returned OR
assigned to function pointer.
We then call the function using our function pointer.
The advantage of dynamic linking is that you don’t need to have a lib file. That’s why you can
use any dll of your system if you know the details about its functions.
What is CALLBACK?
 Indicates that the function will be called by windows.
 #define of PASCAL, __stdcall, pascal.

Continued on next ……….

REFERNCES: -
 For all macros explore windef.h
 Dependency Walker – See dll’s functions. ( Get it from support tools
provided with Visual Studio and XP cd-rom.

 PEexplorer, IDA, w32dasm – Dig executables and dlls

______________________ END __________________________

Let’s have fun with dlls. Get in the powerful programming world.
MEET ON MY NEXT TUT
TUTORIAL…………. BYE!
______________________________________________________
ME @: -
Best of mine: www.ourinnovativemind.blogspot.com
Mail: [email protected]