Handmade Hero » Forums » Code » [b]How to use some C standard function without use C, C++ runtime.[/b]
BlackHatIsMe
3 posts
#16087 [b]How to use some C standard function without use C, C++ runtime.[/b]
3 weeks, 5 days ago Edited by BlackHatIsMe on Aug. 25, 2018, 1:20 a.m.

- Well, I was read this article and think I should share something to you guys:
[url=]https://hero.handmade.network/for...to_avoid_c_c++_runtime_on_windows[/url]
- When I was a system programmer, I hate so much to use the C, C++ runtime library because it's make users must be installed "Microsoft Visual C++ Redistributable Package" or I will need to ship with that dlls in my program, it's huge enough and make program slower. It's stupid because I known when they develop the OS they maybe have some stuff like C standard functions or at least something like that.
- So at that time I decided to go inside the OS and look at something I need. I reverse some dlls (ntdll.dll, ntoskrnl.exe) and see what's happening inside the OS. They have all the basic functions I need and the some C, C++ runtime actually call it.
- You can just look the export functions inside dlls and don't need to reverse it with command on cmd like this:
1
dumpbin /exports C:\Windows\System32\ntdll.dll

1
dumpbin /exports C:\Windows\System32\ntoskrnl.exe

- The only one thing we need to do is get the ntdll.lib and ntoskrnl.lib. Windows SDK for windows 7 doens't ship with both, you can download WDK 7.1 and use that library. On newer Windows SDK, it has ntdll.lib but not ntoskrnl.lib, so you can maybe install newer WDK for get that lib or it can be found on the internet without others stub(I guess).
- You can also found on the internet or github some header files used with the Windows SDK to exploited the Native(NT OS) power concurrently with the Win32 API.
- The last thing but I think it's most important thing when you use ntdll, ntoskrnl on the user space:
+ Always put ntdll.lib before ntoskrnl.lib in the libs list when you link objects, the ntoskrnl linked to ntoskrnl.exe and it has many privilege cannot run in user mode so you should make sure the program go to call ntdll.dll as many as possible but some stub is not in the ntdll so as I mentioned you need both lib files, example:
1
link $(LFLAGS) $(OBJECTS) ntdll.lib ntoskrnl.lib kernel32.lib user32.lib gdi32.lib opengl32.lib MyLibD.lib

+ On 64 bit, you can get whatever WDK versions you want and use it. BUT on the 32 bit program, you must download WDK 7.1 or below that versions and use exactly the ntoskrnl.lib for winxp:
1
C:\WinDDK\7600.16385.1\lib\wxp\i386\ntoskrnl.lib

if you don't use that lib your program will fall down privilege instruction only can be use in the kernel mode.

- Well, honestly my English is not good for write article. the NT OS has many interested things but I don't have enough time to talk to you all of that. So hope you enjoy and see later!
mmozeiko
Mārtiņš Možeiko
1789 posts / 1 project
#16088 [b]How to use some C standard function without use C, C++ runtime.[/b]
3 weeks, 5 days ago Edited by Mārtiņš Možeiko on Aug. 25, 2018, 1:12 a.m.

hate so much to use the C, C++ runtime library because it's make users must be installed "Microsoft Visual C++ Redistributable Package" or I will need to ship with that dlls in my program, it's huge enough and make program slower.

Or you know - link statically to runtime libraries. Nothing to install or ship afterwards.

Anyways, I would strongly suggest avoiding using ntdll.dll & ntoskrnl.exe exported functions in real shipping product. Unless it is for fun.

If you need parts of C runtime and don't want to use Visual Studio provided ones, then link to msvcrt.dll. This dll file is present in all Windows'es by default and does not need to be installed. It is used by Windows many dll files (like dinput8.dll, dsound.dll, etc...). Actually MinGW compiled C code links to this .dll file for C runtime functionality.

You can generate import .lib file for it by using pexports.exe and lib.exe.
BlackHatIsMe
3 posts
#16089 [b]How to use some C standard function without use C, C++ runtime.[/b]
3 weeks, 5 days ago

- Thanks, I known all of that things, but really, it's eventually called to the ntdll.dll or ntoskrnl.exe. I'm not make program for fun, my program work so well with that stub.
- But anyway, it's painful at the first time I work with ntdll and ntoskrnl. So that's your choice.