[C] Custom GetProcAddress

[G36KV]

Sollte selbst erklärend sein... funktioniert genauso wie die Windows API

Code:

/************************************************************************/
/* Custom GetProcAddress function, x86 and x64 compatible               */
/************************************************************************/
DWORD customGetProcAddress(HMODULE hModule, const char *lpProcName)
{
	PIMAGE_DOS_HEADER pDosHeader = (PIMAGE_DOS_HEADER)hModule;
	PIMAGE_NT_HEADERS pNtHeader = 0;
	PIMAGE_EXPORT_DIRECTORY pExportDir = 0;
	DWORD i;
	DWORD ordinal;
	DWORD * addressOfFunctionsArray;
	DWORD * addressOfNamesArray;
	WORD * addressOfNameOrdinalsArray;
	char * functionName;

	if (!lpProcName)
		return 0;

	if (!pDosHeader || pDosHeader->e_magic != IMAGE_DOS_SIGNATURE)
		return 0;

	pNtHeader = (PIMAGE_NT_HEADERS)((DWORD)hModule + (DWORD)pDosHeader->e_lfanew);

	if (pNtHeader->Signature != IMAGE_NT_SIGNATURE)
		return 0;

	pExportDir = (PIMAGE_EXPORT_DIRECTORY)((DWORD)hModule + (DWORD)pNtHeader->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress);
	
	addressOfFunctionsArray = (DWORD *)((DWORD)pExportDir->AddressOfFunctions + (DWORD)hModule);
	addressOfNamesArray = (DWORD *)((DWORD)pExportDir->AddressOfNames + (DWORD)hModule);
	addressOfNameOrdinalsArray = (WORD *)((DWORD)pExportDir->AddressOfNameOrdinals + (DWORD)hModule);


	if (IsBadReadPtr(lpProcName,sizeof(char)))
	{
		//by ordinal
		ordinal = (DWORD)lpProcName - (DWORD)pExportDir->Base;

		if (ordinal > pExportDir->NumberOfFunctions)
		{
			return 0;
		}
		else
		{
			return ((DWORD)hModule + addressOfFunctionsArray[ordinal]);
		}
	}
	else 
	{
		//by function name
		for (i = 0; i < pExportDir->NumberOfNames; i++)
		{
			functionName = (char*)(addressOfNamesArray[i] + (DWORD)hModule);

			if (_stricmp(lpProcName,functionName) == 0) //case insensitive
			{
				return ((DWORD)hModule + addressOfFunctionsArray[addressOfNameOrdinalsArray[i]]);
			}
		}
		return 0;
	}
}