The Unofficial TypeLib Data Format Specification

The Unofficial TypeLib Data Format Specification

by TheirCorp

This version details the majority of the "MSFT" sub-format Windows uses to connect COM objects. The accuracy of the information has been verified by writing a companion program that disassembles TypeLib data according to this specification (the program and (PowerBASIC) source code can be downloaded below).

Last update of the files: September 15, 2008
Previous update: September 14, 2008

Here is the file in three formats: TXT, ZIP and 7Z
TypeLib.txt (93.4 KB)
TypeLib.zip (15.1 KB)
TypeLib.7z (14.2 KB)

TheirCorp's Type Library Dumper
DisTypeLib.zip (68 KB)
"Type Library Dumper" displays detailed information about the contents of TypeLib data (TypeLib data is what tells an operating system how to link up COM objects).
It was written to determine the TypeLib format so the format could be documented, and also to give "bep" (Bin Edit Plus) the ability to decompile TypeLib data.
It is based largely on studies of code from the ReactOS project at:
http://www./en/index.html
The primary source file used was:
..\reactos\dll\win32\oleaut32\typelib.c

Features:

• Extracts TypeLib data from the resource sections of PE format files (EXE, DLL, OCX, OCA...) and also from TLB files, of course.
• Automatic handling of files based on internal format regardless of file extensions
• Drag-and-drop operation (puts the file's path into the textbox)
• Commandline operation
• It can open EXE's even while they're running
• A "Study Mode" to help learn more details of the TypeLib format (see below).

The file is a zipped folder containing:

1. The compiled EXE
2. All source files
3. A sample ODL file (Object Definition Language)
4. A sample TLB file (TypeLib)
5. A sample dump file (plain text)

About the "Study Mode" Feature

• Study Mode can be enabled with the "%Study" equate.
• It provides for logging occurrences of any type of content encountered
• It alerts the user of the first item of interest it finds with a messagebox.
• Just add code as needed to identify values or flags bits that you want
  to research. Place the code between "#If %Def(%Study)" and "#EndIf" statements. Example:
• If %Def(%Study)
  Note "3 Array(s) found"
• EndIf
• You can also set a minimum alert priority with the "%Priority" equate. It will only respond to log messages prefixed with a digit equal or above that priority. For example, in: Note "4(FuncRec.FKCCIC And &H040000) <> 0"
  ...the prefix "4" is the message's priority level.
• It marks the output file with whatever is assigned to the "$StudyMark" equate to help locate any discovered items. The default value is "@@@: ".

Last modified at: 10:38:21 AM on December, 07 2010



Disclaimer