0

Given the following:

  • the 32-bit DLL code file of some old Firefox plugin (i.e. a DLL containing among other a Typelib, XSD and XSL entries), without source code or debug info, originally coded in C++ and compiled with Visual Studio,
  • the name and parameters of an exported function/method in this DLL (a function of the Firefox plugin, accessable in JS code),
  • Visual Studio Community 2013 running on Windows 7,
  • experience in C++ development, but not with COM or Firefox,
  • experience with debugging Intel assembler code,
  • a code license which does not prohibit disassembling the DLL,

I would like to do this: Load the DLL into some C++ code, and step on CPU level into the code of the function to find out what it exactly does.

Can you give me any hint on where to start and how get this done? I guess the DLL may need some Firefox-specific initialization before I can call the function which I would like to debug. Could this be done with the Firefox SDK, without source code and debug info for the DLL? Or may I succeed in "nakedly" loading the DLL, finding the entry point of the - rather simple - function (how?) and calling it?

Thanks for any hints.

following
  • 137
  • 2
  • 7
  • No source code would have limitations if you debug the dll file just with the PDB file even if you could also get some debug information: https://www.codeproject.com/questions/287477/debug-the-reference-dll-without-source-code-in-sol and https://msdn.microsoft.com/en-us/library/ms241613.aspx?f=255&MSPPError=-2147217396 – Jack Zhai Dec 05 '16 at 07:48
  • any update? Would you please let me know the latest information about this issue? – Jack Zhai Dec 07 '16 at 09:49
  • As I wrote above, there is no debug info (e.g. PDB file) available for the DLL. Just the symbol tables etc. that are directly exported from the DLL. – following Dec 07 '16 at 14:58
  • If also no pdb file, it really has a limitation. Like the document in my previous comment: If you want to debug code outside your project source code, such as the Windows or third-party code your project calls, you have to specify the location of the .pdb (and optionally, the source files of the external code) and those files need to exactly match the build of the executables. – Jack Zhai Dec 08 '16 at 12:28
  • Any DLL which can be executed can also be low-level debugged. At least the DLL can be loaded via LoadLibrary(), and then the data exported from the DLL (see above) needs to be parsed to find the entry point of the function to debug. This entry point address then is written to a C function pointer variable, and then stepped-into by the debugger. But I don't know the details especially for the second step (determining the entry point; that what I am looking help for. It definitly CAN be don, but I don't know the details how to do it. – following Dec 09 '16 at 00:03

1 Answers1

0

If no pdb file or source code, it is hard for you to debug the dll file, since the debugger loads debugging information from the PDB file and uses it to locate symbols or relate current execution state of a program source code. Visual Studio uses PDB files as its primary file format for debugging information during debugging. If no those files, you couldn't debug that library.

Update:

We are dynamically loading a dll to one project using LoadLibrary() function, but if you want to step into your dll file, it really require the pdb file. A simple sample is that you could create and place one pdb file in the same folder as one simple custom dll library project located. I think Visual Studio will automatically search the directory and load them, you could find the information in your Debug modules windows.

The following case is not the same issue as yours, but it also shared us that it would load the pdb file if the dll file was really called by one project/process:

Does winbase::LoadLibrary() load .pdbs?

Community
  • 1
  • 1
Jack Zhai
  • 6,230
  • 1
  • 12
  • 20
  • The relocation information as well as the entry point symbols are not in the PDB but in the DLL (otherwise the DLL would not be usable at all! Windows needs both information to run the DLL code). It _is_ possible to low-level debug any DLL without PDB file - see my last comment above -, I could do it with a "plain DLL", but I don't know the details on how to do it with a COM DLL. That's what my question here is about. – following Dec 09 '16 at 00:08
  • @ following, I just provide some information in my previous answer, but if you really want to step into the dll file, it would require the pdb file. – Jack Zhai Dec 12 '16 at 11:16
  • In the disassembly view it is possible to step into any code, without any PDB file. – following Dec 12 '16 at 15:58
  • So you want to get the information of the address-level debugging, am I right? https://msdn.microsoft.com/en-us/library/a3cwf295.aspx. If so, sorry for that I didn't think about this path before without the symbols and source code before. But thanks for your sharing. – Jack Zhai Dec 13 '16 at 06:05
  • Thanks. I perfectly know how to use the VS debugger and disassembly. ;-) The problem is to find out the entry point address of the function that I want to call and step into. I only know the name of the method, and it's within a COM (Component Object Model) DLL, or more precise: a firefox plugin DLL. I don't know how a COM DLLs works and how it exports symbols. That's where I need help. – following Dec 13 '16 at 13:32