People have always asked me is the programming that college teachers teach enough for us.

Here is the answer

it never ends.....

Any executable in order to work needs some functions to implement its features.these functions are called API.

It stands for application programming interface.

An api is set of functions that help in developement of various applications for a specific platform . These functions may provide the functionality ranging from the most basic mouse movement to the advanced process spawning tasks.Consider them just to be your normal c style functions (like add()) that are provided by the vendor or may be user defined.

dll::

dynamic linked libraries are nothing but binary files containing the definitons of the various API's.

example::

void func(){};

void main()

{

func();

}

In the function above we can also give the defintion of func() in another .c source file and then that file be included by defining the func() function in a separate file and using the directive::

#include "name of file"

before the main() function.

example::

#include "f.c"

//contents of f.c::

//void func(){}

void main()

{

func();

}

Same is the case with dlls.

For example in order to use the API MessageBox() we may use the windows.h header file which will cause the dll associated with the MessageBox API(user32.dll in this case ) to be loaded automatically at the run time by the linker(or operating system ,for simplicity). dll files contain the DllMain function (which is called at the time the dlla are initialized ) besides the usual function to export to the applicaions.

Why we add the name dynamic to them ? well the reason is that they are loaded at the runtime

(ie loaded dynamically) by the operating system into the process address space(ie the region where executable is mapped in the primary memory of the system)

What is the structure of the process like?

The PE file::

windows conforms to the pe(portable execuatble) /coff(common object file format) that defines how the executable image(file) should be laid out in the memory.

One of the main features of the pe file format is that it starts with the typical dos stub that contains the initials MZ(Mark Zbikowski)

that means if you were to open any .exe,or .dll or .sys file in notepad you would surely find these initials at the beginning...

nice alternative of checking extensions if someone has disabled the extensions isn't it! :)

there are various sections inside a pe file .these sections are .text(contains the code),.data(contains the initialized data),.rsrc section(conatins resources bitmap,cursor etc.) and there are few others.

The windows loader reads the information contained in the pe file located on the disc and uses it to construct fully working process loaded in the ram...

this is how everything works underneath an application without you even knowing it!

Posted by:

Cr4nk