这段代码或许对大家有所帮助: 显示DLL可导出函数<br><br>// 为了测试,你需要在Form上放置一个TButton、TOpenDialog和TListView构件 <br><br>// 完整的DLLTools单元的代码在示例代码之后 <br><br>uses DLLTools; <br><br>function TForm1.ListExport( const name: String; ordinal: Integer; address
ointer ): Boolean; <br>var <br>listentry: TLIstItem; <br>begin <br>Result := true; <br>listentry:= listview.Items.Add; <br>listentry.Caption := Format('%p',[address] ); <br>listentry.Subitems.Add( format('%d',[ordinal] )); <br>listentry.Subitems.Add( name ); <br>end; <br><br>procedure TForm1.Button1Click(Sender: TObject); <br>begin <br>if opendialog.execute then <br>begin <br>listview.items.clear; <br>ListDLLExports( opendialog.filename, listexport ); <br>end; <br>end; <br><br><br>***** <br>DLLTOOLS 单元 <br>***** <br><br><br>unit dlltools; <br><br>interface <br><br>Uses Windows, Classes, Sysutils, imagehlp ; <br><br>type <br>TDLLExportCallback = function (const name: String; ordinal: Integer; <br>address: Pointer): Boolean of Object; <br>{ Note: address is a RVA here, not a usable virtual address! } <br>DLLToolsError = Class( Exception ); <br><br>Procedure ListDLLExports( const filename: String; callback: <br>TDLLExportCallback ); <br>Procedure DumpExportDirectory( Const ExportDirectory: TImageExportDirectory; <br>lines: TStrings; const Image: LoadedImage ); <br>Function RVAToPchar( rva: DWORD; const Image: LoadedImage ): PChar; <br>Function RVAToPointer( rva: DWORD; const Image: LoadedImage ): Pointer; <br><br>implementation <br><br>resourcestring <br>eDLLNotFound = <br>'ListDLLExports: DLL %s does not exist!'; <br><br>{+---------------------------------------------------------------------- <br>Procedure EnumExports <br><br>Parameters : <br>ExportDirectory: IMAGE_EXPORT_DIRECTORY record to enumerate <br>image : LOADED_IMAGE record for the DLL the export directory belongs <br>to. <br>callback : callback function to hand the found exports to, must not be <br>Nil <br>Description: <br>The export directory of a PE image contains three RVAs that point at <br>tables <br>which describe the exported functions. The first is an array of RVAs <br>that <br>refer to the exported function names, these we translate to PChars to <br>get the exported name. The second array is an array of Word that <br>contains <br>the export ordinal for the matching entry in the names array. The <br>ordinal <br>is biased, that is we have to add the ExportDirectory.Base value to it <br>to <br>get the actual export ordinal. The biased ordinal serves as index for <br>the <br>third array, which is an array of RVAs that give the position of the <br>function code in the image. We don't translate these RVAs since the DLL <br>is not relocated since we load it via MapAndLoad. The function array is <br>usually much larger than the names array, since the ordinals for the <br>exported functions do not have to be in sequence, there can be (and <br>frequently are) gaps in the sequence, for which the matching entries in <br>the <br>function RVA array are garbage. <br>Error Conditions: none <br>Created: 9.1.2000 by P. Below <br>+----------------------------------------------------------------------} <br>Procedure EnumExports( const ExportDirectory : TImageExportDirectory ; <br>const image : LoadedImage ; <br>callback : TDLLExportCallback ) ; <br>Type <br>TDWordArray = Array [0..$FFFFF] of DWORD; <br>Var <br>i: Cardinal; <br>pNameRVAs, pFunctionRVas: ^TDWordArray; <br>pOrdinals: ^TWordArray; <br>name: String; <br>address: Pointer; <br>ordinal: Word; <br>Begin { EnumExports } <br>pNameRVAs := <br>RVAToPointer( DWORD(ExportDirectory.AddressOfNames), image ); <br>pFunctionRVAs := <br>RVAToPointer( DWORD(ExportDirectory.AddressOfFunctions), image ); <br>pOrdinals := <br>RVAToPointer( DWORD(ExportDirectory.AddressOfNameOrdinals), image ); <br>For i:= 0 to Pred( ExportDirectory.NumberOfNames ) Do Begin <br>name := RVAToPChar( pNameRVAs^
, image ); <br>ordinal := pOrdinals^; <br>address := Pointer( pFunctionRVAs^[ ordinal ] ); <br>If not callback( name, ordinal+ExportDirectory.Base, address ) Then <br>Exit; <br>End; { For } <br>End; { EnumExports } <br><br>{+---------------------------------------------------------------------- <br>Procedure ListDLLExports <br><br>Parameters : <br>filename : full pathname of DLL to examine <br>callback : callback to hand the found exports to, must not be Nil <br>Description: <br>Loads the passed DLL using the LoadImage function, finds the exported <br>names table and reads it. Each found entry is handed to the callback <br>for further processing, until no more entries remain or the callback <br>returns false. Note that the address passed to the callback for a <br>exported <br>function is an RVA, so not identical to the address the function would <br>have in a properly loaded and relocated DLL! <br>Error Conditions: <br>Exceptions are raised if <br>- the passed DLL does not exist or could not be loaded <br>- no callback was passed (only if assertions are on) <br>- an API function failed <br>Created: 9.1.2000 by P. Below <br>+----------------------------------------------------------------------} <br>Procedure ListDLLExports( const filename : String ; callback : <br>TDLLExportCallback ) ; <br>Var <br>imageinfo: LoadedImage; <br>pExportDirectory: PImageExportDirectory; <br>dirsize: Cardinal; <br>Begin { ListDLLExports } <br>Assert( Assigned( callback )); <br>If not FileExists( filename ) Then <br>raise DLLToolsError.CreateFmt( eDLLnotFound, [filename] ); <br><br>If MapAndLoad( PChar( filename ), nil, @imageinfo, true, true ) Then <br>try <br>pExportDirectory := <br>ImageDirectoryEntryToData( <br>imageinfo.MappedAddress, false, <br>IMAGE_DIRECTORY_ENTRY_EXPORT, dirsize ); <br><br>If pExportDirectory = Nil Then <br>RaiseLastWin32Error <br>Else <br>EnumExports( pExportDirectory^, imageinfo, callback ); <br>finally <br>UnMapAndLoad( @imageinfo ); <br>end <br>Else <br>RaiseLastWin32Error; <br>End; { ListDLLExports } <br><br>{+---------------------------------------------------------------------- <br>Procedure DumpExportDirectory <br><br>Parameters : <br>ExportDirectory: a IMAGE_EXPORT_DIRECTORY record <br>lines : a TStrings descendend to put the info into, must not be Nil <br>Description: <br>Dumps the fields of the passed structure to the passed strings <br>descendent <br>as strings. <br>Error Conditions: <br>will raise an exception if lines is Nil and assertions are enabled. <br>Created: 9.1.2000 by P. Below <br>+----------------------------------------------------------------------} <br>Procedure DumpExportDirectory( Const ExportDirectory : TImageExportDirectory; <br>lines : TStrings; const Image: LoadedImage ) ; <br>Begin { DumpExportDirectory } <br>Assert( Assigned( lines )); <br><br>lines.add( 'Dump of IMAGE_EXPORT_DIRECTORY' ); <br>lines.add( format('Characteristics: %d', <br>[ExportDirectory.Characteristics])); <br>lines.add( format('TimeDateStamp: %d', <br>[ExportDirectory.TimeDateStamp])); <br>lines.add( format('Version: %d.%d', <br>[ExportDirectory.MajorVersion, <br>ExportDirectory.MinorVersion])); <br>lines.add( format('Name (RVA): %x', <br>[ExportDirectory.Name])); <br>lines.add( format('Name (translated): %s', <br>[RVAToPchar( ExportDirectory.name, Image )])); <br>lines.add( format('Base: %d', <br>[ExportDirectory.Base])); <br>lines.add( format('NumberOfFunctions: %d', <br>[ExportDirectory.NumberOfFunctions])); <br>lines.add( format('NumberOfNames: %d', <br>[ExportDirectory.NumberOfNames])); <br>lines.add( format('AddressOfFunctions (RVA): %p', <br>[Pointer(ExportDirectory.AddressOfFunctions)])); <br>lines.add( format('AddressOfNames (RVA): %p', <br>[Pointer(ExportDirectory.AddressOfNames)])); <br>lines.add( format('AddressOfNameOrdinals (RVA): %p', <br>[Pointer(ExportDirectory.AddressOfNameOrdinals)])); <br>End; { DumpExportDirectory } <br><br>{+---------------------------------------------------------------------- <br>Function RVAToPointer <br><br>Parameters : <br>rva : a relative virtual address to translate <br>Image : LOADED_IMAGE structure for the image the RVA relates to <br>Returns : translated address <br>Description: <br>Uses the ImageRVAToVA function to translate the RVA to a virtual <br>address. <br>Error Conditions: <br>Will raise an exception if the translation failed <br>Created: 9.1.2000 by P. Below <br>+----------------------------------------------------------------------} <br>Function RVAToPointer( rva : DWORD ; const Image : LoadedImage ) : Pointer; <br>var <br>pDummy: PImageSectionHeader; <br>Begin { RVAToPchar } <br>pDummy := nil; <br>Result := <br>ImageRvaToVa( Image.FileHeader, Image.MappedAddress, rva, <br>pDummy ); <br>If Result = Nil Then <br>RaiseLastWin32Error; <br>End; { RVAToPointer } <br><br>{+---------------------------------------------------------------------- <br>Function RVAToPchar <br><br>Parameters : <br>rva : a relative virtual address to translate <br>Image : LOADED_IMAGE structure for the image the RVA relates to <br>Returns : translated address <br>Description: <br>Uses the RVAToPointer function to translate the RVA to a virtual <br>address. Note that we do not check that the address does indeed point <br>to a zero-terminated string! <br>Error Conditions: <br>Will raise an exception if the translation failed <br>Created: 9.1.2000 by P. Below <br>+----------------------------------------------------------------------} <br>Function RVAToPchar( rva : DWORD ; const Image : LoadedImage ) : PChar ; <br>Begin { RVAToPchar } <br>Result := RVAToPointer( rva, image ); <br>End; { RVAToPchar } <br><br>end. <br> <br>资料来源:碧波山庄 - 编程世界 http://www.moreres.com <br>