When std::cout is called what external API is used? (Windows)

Question

This is a reverse engineering question.

On Windows 7 with a binary compiled using Microsoft Visual C++ 2008, when std::cout is called. Internally, what API is used to write the data? WriteFile, fwrite, ConsoleOut? I am aiming to set a breakpoint on std::cout where no source or debugging symbols are available.

You may want to try to redirect `std::cout` into an `std::stringstream` instead. This is very suitable for debugging. Check [this question](http://stackoverflow.com/questions/5419356/) for info on how to do it. — Björn Pollex, Apr 11 '11 at 06:42
@Space_C0wb0y the binary in question is machine code. There is no such thing as std::cout or std::stringstream at this point. This is a hacking / reversing question. — unixman83, Apr 11 '11 at 06:49
Just use the debugger to walk through the process of outputting a single character. Should be very informative. Edit: Use the debugger on a test program to learn about the underlying process, of course. — Potatoswatter, Apr 11 '11 at 06:50

score 3 · Accepted Answer · answered Apr 11 '11 at 07:09

3

I believe it'll end up using WriteFile. It you compile a simple hello world:

#include <iostream>
int main(int argc, char **argv)
{
  std::cout << "Hello" << std::endl;
  return (0);
}

...and then do dumpbin /imports hello.exe, you get a list of the external functions it uses, you'll find that it imports both WriteFile and WriteConsoleW, but if memory serves, the latter is only used for printing some standard library error messages, not for standard output.

answered Apr 11 '11 at 07:09

Jerry Coffin

476,176
80
629
1,111

Wow, this is horrible. It looks as if it is writing out a byte at a time! – unixman83 Apr 11 '11 at 07:31
@MSalters no. I did find out that WriteFile was called however. – unixman83 Apr 11 '11 at 09:43

When std::cout is called what external API is used? (Windows)

1 Answers1