It is possible to figure out a C function signature by analysing beginnig of its disassembly. The function arguments will be on the stack and the function will do some "pops" to read them in reverse order. You will not find the argument names, but you should be able to find out their number and the types. Things may get more difficult with return value - it may be via 'eax' register or via a special pointer passed to the function as the last pseudo-argument (on the top of the stack).

可以通过分析其反汇编的开始来找出 C 函数签名。函数参数将在堆栈上，函数将执行一些“弹出”操作以相反的顺序读取它们。您不会找到参数名称，但您应该能够找到它们的编号和类型。返回值可能会变得更加困难 - 它可能通过“eax”寄存器或通过作为最后一个伪参数（在堆栈顶部）传递给函数的特殊指针。

If the function is a C++ one, you may be able to derive the function signature from the mangled name. Dependency Walkeris one tool that will do this for you. However, if the DLL was created with C linkage (Dependency Walker will tell you this), then you are out of luck.

如果该函数是 C++ 函数，则您可以从损坏的名称中导出函数签名。Dependency Walker是一种可以为您执行此操作的工具。但是，如果 DLL 是使用 C 链接创建的（Dependency Walker 会告诉您这一点），那么您就不走运了。

The C++ language does not know anything about dlls.

C++ 语言对 dll 一无所知。

Is this on Windows? One way would be to:

这是在 Windows 上吗？一种方法是：

• open the dll up in depends.exeshipped with (Visual Studio)
• verify the signature of the function you want to call
• use LoadLibrary()to get load this dll (be careful about the path)
• use GetProcAddress()to get a pointer to the function you want to call
• use this pointer-to-function to make a call with valid arguments
• use FreeLibrary()to release the handle

• 在depends.exe(Visual Studio) 中打开 dll
• 验证要调用的函数的签名
• 使用LoadLibrary()得到加载这个DLL（小心的路径）
• 用于GetProcAddress()获取指向要调用的函数的指针
• 使用此函数指针以有效参数进行调用
• 用于FreeLibrary()释放手柄

BTW: This method is also commonly referred to as runtime dynamic linking as opposed to compile-time dynamic linking where you compile your sources with the associated libfile.

顺便说一句：此方法通常也称为运行时动态链接，而不是编译时动态链接，您可以在其中使用关联lib文件编译源代码。

There exists some similar mechanism for *nixes with dlopen, but my memory starts to fail after that. Something called objdumpor nmshould get you started with inspecting the function(s).

*nixes with 存在一些类似的机制dlopen，但在那之后我的记忆开始失败。调用objdump或nm应该让您开始检查函数的东西。

As you have found, the exports list in a DLL only stores names, not signatures. If your DLL exports C functions, you will probably have to disassemble and reverse engineer the functions to determine method signatures. However, C++ encodes the method signature in the export name. This process of combining the method name and signature is called "name mangling". This Stackoverflow questionhas a reference for determining the method signature from the mangled export name.

如您所见，DLL 中的导出列表仅存储名称，而不存储签名。如果您的 DLL 导出 C 函数，您可能需要对这些函数进行反汇编和逆向工程以确定方法签名。但是，C++ 在导出名称中对方法签名进行编码。这种将方法名称和签名组合在一起的过程称为“名称修改”。 这个 Stackoverflow 问题有一个参考，用于从损坏的导出名称确定方法签名。

Try the free "Dependency Walker" (a.k.a. "depends")utility. The "Undecorate C++ Functions" option should determine the signature of a C++ method.

试用免费的“Dependency Walker”（又名“depends”）实用程序。“Undecorate C++ Functions”选项应确定 C++ 方法的签名。

Calling non-external functions is a great way to have your program break whenever the 3rd party DLL is updated.

调用非外部函数是让您的程序在 3rd 方 DLL 更新时中断的好方法。

That said, the undnameutility may also be helpful.

也就是说，undname实用程序也可能会有所帮助。

If you indeed know or strongly suspect the function is there, you can dynamically load the DLL with loadLibrary and get a pointer to the function with getProcAddress. See MSDN

如果您确实知道或强烈怀疑该函数存在，则可以使用 loadLibrary 动态加载 DLL，并使用 getProcAddress 获取指向该函数的指针。见MSDN

Note that this is a manual, dynamic way to load the library; you'll still have to know the correct function signature to map to the function pointer in order to use it. AFAIK there is no way to use the dll in a load-time capability and use the functions without a header file.

请注意，这是一种手动、动态加载库的方式；您仍然必须知道正确的函数签名才能映射到函数指针才能使用它。AFAIK 无法在加载时功能中使用 dll 并使用没有头文件的函数。