The Win32 Rundll and Rundll32 Interface Related Topics

Microsoft Knowledge Base Article Q164787

 

Applies to: Windows95, Windows 98, Windows NT4

 

Summary

Win32 contains two command-line utility programs named Rundll.exe and Rundll32.exe that allow you to invoke a function exported from a DLL, either 16-bit or 32-bit. However, Rundll and Rundll32 programs do not allow you to call any exported function from any DLL. For example, you can not use these utility programs to call the Win32 API (Application Programming Interface) calls exported from the system DLLs. The programs only allow you to call functions from a DLL that are explicitly written to be called by them. This article provides more details on the use of Rundll and Rundll32 programs under Windows NT and Windows 95/98. The Rundll and Rundll32 utility programs were originally designed only for internal use at Microsoft. But the functionality provided by them is sufficiently generic that they are now available for general use. Note that Windows NT 4.0 ships only with the Rundll32 utility program and supports only Rundll32.

 

More Information

Rundll vs. Rundll32

Rundll loads and runs 16-bit DLLs, whereas Rundll32 loads and runs 32-bit DLLs. If you pass the wrong type of DLL to Rundll or Rundll32, it may fail to run without indicating any error messages.

 

Rundll Command Line

The command line for Rundll is as follows:

RUNDLL.EXE <dllname>,<entrypoint> <optional arguments>

An example is as follows:

RUNDLL.EXE SETUPX.DLL,InstallHinfSection 132 C:.INF

There are 3 issues to consider carefully in the above command line:

Rundll or Rundll32 search for the given DLL filename in the standard places (see the documentation for the LoadLibrary() function for details). It is recommended that you provide a full path to the DLL to ensure that the correct one is found. For best results, use the short file name instead of the long file name to ensure that no illegal characters will appear. Note in particular that this means a DLL in the "C:Files" folder should be converted to its short name.

The may not contain any spaces or commas or quotation marks. This is a limitation in the Rundll command line parser.

In the above command line, the comma (,) between the <dllname> and the <entrypoint> function name is extremely important. If the comma separator is missing, Rundll or Rundll32 will fail without indicating any errors. In addition, there cannot be any white spaces in between the <dllname>, the comma, and the <entrypoint> function.

 

How Rundll Works

Rundll performs the following steps:

It parses the command line.

It loads the specified DLL via LoadLibrary().

It obtains the address of the <entrypoint> function via GetProcAddress().

It calls the <entrypoint> function, passing the command line tail which is the <optional arguments>.

When the <entrypoint> function returns, Rundll.exe unloads the DLL and exits.

 

How to Write Your DLL

In your DLL, write the function with the following prototype:

16-bit DLL:

void FAR PASCAL __loadds

EntryPoint(HWND hwnd, HINSTANCE hinst, LPSTR lpszCmdLine, int nCmdShow);

32-bit DLL:

void CALLBACK

EntryPoint(HWND hwnd, HINSTANCE hinst, LPSTR lpszCmdLine, int nCmdShow);

Again, there are 3 issues to consider with the EntryPoint function:

Obviously, the name "EntryPoint" should be replaced with the actual name of your entry point function. Note that the Rundll32's entry point is completely unrelated to the DllEntryPoint function in a 32-bit DLL which handles process and thread attach/detach notifications.

The entry point function for Rundll32 must be defined with the _stdcall calling convention (CALLBACK defaults to using the _stdcall attribute). If the _stdcall attribute is missing, then the function defaults to _cdecl calling convention and then Rundll32 will terminate abnormally after calling the function.

Since you must declare the function with _stdcall calling convention as described above, it follows that the Visual C++ compiler will actually export it as _EntryPoint@16 if the DLL is written in C or will use further name decoration if the DLL is written in C++. So, be careful to use the correctly exported name in the command line for Rundll or Rundll32. If you want to avoid using decorated names, use a .def file and export the entry point function by name. Please refer to the product documentation and the following article for further information on name decoration when using Visual C++ compilers:

ARTICLE ID: Q140485

TITLE : Exporting PASCAL-Like Symbols in 32-bit DLLs

The parameters to the Rundll entry point are as follows:

hwnd - window handle that should be used as the owner window for any windows your DLL creates

hinst - your DLL's instance handle

lpszCmdLine - ASCIIZ command line your DLL should parse

nCmdShow - describes how your DLL's windows should be displayed.

In the following example:

RUNDLL.EXE SETUPX.DLL,InstallHinfSection 132 C:.INF

Rundll would call the InstallHinfSection() entrypoint function in Setupx.dll and pass it the following parameters:

hwnd = (parent window handle)

hinst = HINSTANCE of SETUPX.DLL

lpszCmdLine = "132 C:.INF"

nCmdShow = (whatever the nCmdShow was passed to CreateProcess)

Note that it is the function (or InstallHinfSection() in the above example) that has to parse its own command line (the lpszCmdLine parameter above) and use the individual parameters as necessary. Rundll.exe parses only up to the optional arguments passed to its command line. The rest of the parsing is up to the function.

 

Special Notes On Differences Between Windows 95 And Windows NT

On Windows NT, the behavior of Rundll32.exe is slightly different, in order to accommodate UNICODE command lines.

Windows NT first attempts to GetProcAddress for <EntryPoint>W. If this entry point is found, then the prototype is assumed to be:

void CALLBACK

EntryPointW(HWND hwnd, HINSTANCE hinst, LPWSTR lpszCmdLine, int nCmdShow);

This is the same as the ANSI EntryPoint, except that the lpszCmdLine parameter is now a UNICODE string.

If the <EntryPoint>W entry point is not found, then Windows NT will GetProcAddress for <entrypoint>A and for <entrypoint>. If either is found, then it is considered an ANSI entry point and is treated the same way as Windows 95. Therefore, if you want your DLL to run on Windows 95 with ANSI support and on Windows NT with UNICODE support, you should export two functions: EntryPointW and EntryPoint. On Windows NT, the EntryPointW function will be called with a UNICODE command line; on Windows 95, the EntryPoint function will be called with an ANSI Command line.

The Win32 Rundll and Rundll32 Interface Related Topics的更多相关文章

  1. Microsoft Win32 to Microsoft .NET Framework API Map

    Microsoft Win32 to Microsoft .NET Framework API Map .NET Development (General) Technical Articles   ...

  2. Win32 多线程的创建方法和基本使用

    Win32多线程的创建方法主要有: (1)CreateThread() (2)_beginthread()&&_beginthreadex() (3)AfxBeginThread() ...

  3. DLL Dynamic-Link Library Search Order

    http://msdn.microsoft.com/en-us/library/windows/desktop/ms682586(v=vs.85).aspx A system can contain ...

  4. 命令安装VS

     Installing Visual Studio Visual Studio 2015   Other Versions Visual Studio 2013 Visual Studio 2010 ...

  5. Optimizing Performance: Data Binding(zz)

    Optimizing Performance: Data Binding .NET Framework 4.5 Other Versions   Windows Presentation Founda ...

  6. (转) Deep Reinforcement Learning: Playing a Racing Game

    Byte Tank Posts Archive Deep Reinforcement Learning: Playing a Racing Game OCT 6TH, 2016 Agent playi ...

  7. [ZZ] cbuffer和tbuffer

    http://blog.chinaunix.net/uid-20235103-id-2578297.html Shader Model 4支持的新东西,通过打包数据可以获得更好的性能.原文转发:Sha ...

  8. 【转】 Build a RESTful Web service using Jersey and Apache Tomcat 2009

    Build a RESTful Web service using Jersey and Apache Tomcat Yi Ming Huang with Dong Fei Wu, Qing GuoP ...

  9. debugging books

    https://blogs.msdn.microsoft.com/debuggingtoolbox/2007/06/08/recommended-books-how-to-acquire-or-imp ...

随机推荐

  1. Explain EV in /proc/bus/input/devices data【转】

    转自:https://unix.stackexchange.com/questions/74903/explain-ev-in-proc-bus-input-devices-data It repre ...

  2. OpenWRT开发之——对C++的支持(解决库依赖问题)【转】

    转自:https://my.oschina.net/hevakelcj/blog/411944 摘要: 本文尝试用C++来开发一个cpp-demo包 遇到打包库依赖的问题,分析打包过程并解决了这个问题 ...

  3. Git GUI可视化操作教程

    1.在本地新建版本库 首先,我们打开Git GUI是这样的一个界面,选择第一项,新建版本库.  然后选择你需要进行版本管理的项目路径,我选择了一个LoginDemo的项目.  当你创建了版本库的时候, ...

  4. 使用管道和cronolog切割日志

    安装cronolog git clone https://github.com/fordmason/cronolog ./configure make && make install ...

  5. Google-Guice入门介绍

    原地址:http://blog.csdn.net/derekjiang/article/details/7231490 一. 概述 Guice是一个轻量级的DI框架.本文对Guice的基本用法作以介绍 ...

  6. 数组用console.log输出

    输出的时候,如果前面有字符串,那么输出的就是整个字符串

  7. C++ Primer读书笔记(2)

    getline(cin,string s)可以读取一整行,包括空白符.使用ctrl+Z结束 字符串字面值与string是不同的类型.两个字符串字面值不能直接相加. 处理string对象中的字符时,C+ ...

  8. ConvertUtils.register的作用

    BeanUtils的populate方法或者getProperty,setProperty方法其实都会调用convert进行转换 但Converter只支持一些基本的类型,甚至连Java.util.D ...

  9. Linux学习笔记:常用命令grep、iconv、cp、mv、rm

    本篇记录一些近期常用的命令. 一.grep过滤 grep过滤 不包含某些字符串 cat test.txt | grep -v '.jpg' 过滤jpg结尾的图片 cat test.txt | grep ...

  10. Servlet发送Http请求

    今日遇到一个需求,android注册,短信验证码功能. android请求我服务端,我请求tosms.cn发送验证码短信给android,于是需要在Servlet中发送Http请求 package o ...