Inside com Reading Notes-servers in exe

1. Different Processes

Each EXE file runs in different processes, and each process has its own process space. The physical address corresponding to the logical address 0x0000abba in a process space is different from the physical address corresponding to the same logical address in another process. Therefore, if a process transmits the address 0x0000abba to another process, the logical unit accessed by the latter will not be expected by the previous process.

Different from each EXE, the DLL maps to the process space linking their EXE files. Therefore, the DLL is also called a process server, EXE is called an out-of-process server. In some cases, EXE is also called a local server.

Consider the following excuses for cross-process boundary:

• A process needs to be able to call functions in another process
• One process needs to be able to pass data to another process
• The customer does not need to care whether the server he accesses is an in-process server or an out-of-process server.

 

Local process call

There are several different methods for inter-process communication, such as Dynamic Data Exchange (DDE), named pipelines, and shared memory. The method used by COM is a local process call (LPC ). LPC is a method for communication between different processes on the same machine. How does LPC work? They are implemented by the operating system. Because the operating system knows that the logical address space of each process is directed to the corresponding physical address, the operating system can call any function of any process.

 

Adjustment

Calling the function in EXE is only the first step. In addition, we also need a method to transfer the function call parameters from one process space to the address space of another process. This method is called "adjustment ". LPC technology can copy data from one process to another. It requires additional information to package parameters and pass them to other processes. For example, the processing of pointers will be different from the processing of integers, and the structure referenced by pointers will be assigned to another process.

 

Proxy/stub DLL

When a Win32 function is called, The system calls a DLL function, which calls the actual code in windows through LPC. This structure can isolate user processes from Windows code.

The structure used by COM is similar to that used by the customer to communicate with the DLL of the same imitation component. This dll can adjust parameters and call LPC for the customer. A proxy is a component with the same behavior as another component. The proxy must be in the DLL format because they need to access the address space of the client process to adjust the data transmitted to the interface function, the component also needs a DLL called a stub to reverse adjust the data sent from the customer.

 

2. Introduction to IDL/midl

With IDL (Interface Definition Language), you can write an interface description, and then use the midl compiler to generate a proxy and a stub DLL.

 

IDL Interface Description Example

// Interface isum

[

Object,

UUID (B3B82DE4-4EA0-475F-A386-22C5DF7DC213 ),

Helpstring ("iprimeinterface "),

Oleautomation

]

Interface isum: iunknown

{

Hresultsum (int x,
Inty, [out, retval] int *
Retval );

}

 

The IDL syntax is not much different from that of C ++. The object indicates that the defined interface is a COM interface, and the keyword object is an extension of Microsoft for IDL, the second keyword UUID is the IID of the corresponding interface. The third keyword is used to put a help string into a Type Library,

• Pointer_default keyword

The purpose of using IDL is to provide sufficient information so that function parameters can be adjusted. The pointer_default keyword has three different options.

I. Ref --- treat the pointer as a reference, which indicates that the pointer always points to a valid address and can be referenced back. Cannot be blank. They will point to the same memory address before and after adjustment.

Ii. Unique --- these pointers can be null and their values can be modified in the function. But you cannot specify an alias for it.

Iii. PTR --- this option specifies that the corresponding pointer is a C pointer, which can be an alias, can be null, and its value can be modified.

• Input and Output Parameters in IDL

Midl can use the in and out parameter attributes to further optimize the proxy and stub code. For a parameter marked as in, midl only needs to pass this parameter to the component from the customer, and the stub Code does not need to return any value. The out keyword tells midl that the corresponding parameter is only used to send data from the component to the customer. The agent does not need to adjust the output parameters or send this value to the component.

• Strings in IDL

The standard convention for strings in COM is to use Unicode characters and wchar_t.

• Import keyword in IDL

Import is used to include definitions in other IDL files to the current file, which is similar to the pre-processing command # include command in C ++,

 

Midl Editor

You can use the following command to compile the IDL file:

Midl Foo. IDL

The IDL file has a library statement that generates a Type Library.

 

Proxy/stub Registration

3. Local server implementation

EXE cannot output functions. All the output functions that the server depends on in the process:

Dllgetclassobjectprivate

Dllregisterserverprivate

Dllunregisterserverprivate

Dllcanunloadnow private

It is very easy to replace dllcanunloadnow. EXE is not passive and can control its life cycle. Dllregisterserver and dllunregisterserver can directly provide the corresponding command line parameters through the EXE file to complete self-registration.

 

Start of category Factory

Com maintains an internal table about the registered class factory. When the customer calls cogetclassobject with a proper parameter, com will first check this private table about the class factory, the class factory that has obtained the CLSID corresponding to the customer's request. If yes, the EXE will be searched and started. EXE can call the com function coregisterclassobject to complete the class Factory Registration. You only need to create a corresponding class factory and pass its interface pointer to coregisterclassobject.

• Coregisterclassobject

The first parameter is the CLSID of the registered class. The second and third parameters are used together. The fourth parameter indicates whether a single instance of EXE can support multiple instances of one component, it provides a single component, regcls_singleuser and clsctx_local_server, and supports multiple component instances, regcls_multi_separate.

 

Coregisterclassobject (_ in refclsid rclsid,

_ Inlpunknown punk,

_ Indword dwclscontext,

_ Indword flags,

_ Outlpdword lpdwregister

);

• Release of category Factory

When the server is shut down, he must delete the corresponding class factory from the internal table and use com kudd corevokeclassobject.

 

Lockserver Modification

The server in the process outputs the dllcanunloadnow function, which is used to determine whether the server can be detached from the memory. For local servers, lockserver needs to be modified because DLL cannot control their lifecycles and their loading and uninstallation are completed by other EXE files. However, the EXE itself can be controlled. When you exit, you can send the Exit message. The standard entry point for C and C ++ programs is main. The execution of the program starts from the main function. When the main function exits, the program is terminated. The windows program does not exit the EXE by introducing the Windows message loop through the entry function winmain,