Page 1 of 1

List all functions from an executable

PostPosted: Mon Nov 17, 2008 10:33 am
by Keiner

is it possible to list all functions of an executable? Can ParseFunction return a pointer to the next function?

take care, keiner

PostPosted: Mon Nov 17, 2008 10:40 am
by Nico Bendlin
Compilers are free to overlap any code sequences. So there might be no "next" function. Another problem are function "tails" (code fragments of a function outside of the function’s main "body" - e.g. MSVC’s PGO).

PostPosted: Mon Nov 17, 2008 11:05 am
by Keiner
How does IDA/OllyDBG handle those problems? I mean the results aren't 100% correct but at least its a point where i can start.

PostPosted: Mon Nov 17, 2008 2:16 pm
by Nico Bendlin
Well, for ParseFunction one needs the entry point of the function (your task). This implies, that it is intended to analyze one function - not the whole program control flow (a job for IDA). The analyzed function could be followed by anything (e.g. hundreds and thousands of data bytes).

topic: Back to your initial question: TFunctionInfo.CodeLen

PostPosted: Mon Dec 01, 2008 7:57 pm
by madshi
Nico is right, of course.

One option would be to disassemble the EXE's entry point function plus every exported function. Then for every disassembled function you can enumerate the call instructions. You can then disassemble the call targets. This will again give you a new list of call instructions. You can do this recursively. That will probably not result in a full disassembly of the whole EXE, but it might cover the majority of functions. Of course there are problems: E.g. some calls are hard to trace. And if a thread is created, you will probably miss the thread function and all functions it calls inside etc...

Re: List all functions from an executable

PostPosted: Wed Jul 11, 2018 12:49 pm
by _NN_
I understand there still is no available lib for madDisAsm, right ?

Re: List all functions from an executable

PostPosted: Wed Jul 11, 2018 1:04 pm
by madshi
It's kind of part of the madCodeHook32/64.lib file, but there's no way to access the disasm functionality atm.