How do I locate the position in an executable file, where a function resides?

Question

Suppose I compile a C/C++ file to binary. Say, the file defines a function foo().

How would I locate this function in the binary? By locating, I mean find the exact position.

I assume the question depends on whether we are considering Windows or Linux, so lets say the executable is in PE format.

Does the compiler erase all naming, so that locating the function by name is impossible? That is, I must do a pattern search in the binary?

I know that DLL's has an export table, which could help in locating the function within, but executables on Windows do not have such table...

Answer 1

.EXE files can export functions and these functions can be used by .DLLs loaded into that process. This is the best option if you are going to load plug-ins and want to provide some kind of plug-in API/SDK. You can then find functions by doing GetProceAddress(GetModuleHandle(0), "MyFunction") in any code that lives inside the process. .DLLs can also link directly to the functions and the loader will resolve them just as if they were exported in a .DLL.

Another option is to embed symbol/debug information in your .EXE and then use the DbgHelp functions to find the function.

You can also get the linker to generate a .MAP file that lists each function and its address but it is mostly useful when manually debugging a process.