Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/taviso/loadlibrary.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorCube <alessandro.devito91@gmail.com>2021-01-06 22:35:55 +0300
committerCube <alessandro.devito91@gmail.com>2021-01-06 22:35:55 +0300
commit95c74311f24ef0c524a78f679dd895d4ce7b662b (patch)
treed7a67b5f9148ad5c1819129fd8f0317fc496ea24
parent4da63119a52a6d8ed7c48f40cbc8389faf382ef5 (diff)
Fixed LdrLoadDll and added LdrUnloadDll. Improved LdrGetProcedureAddress.
Diffstat
-rw-r--r--peloader/winapi/Internal.c30
1 files changed, 24 insertions, 6 deletions
diff --git a/peloader/winapi/Internal.c b/peloader/winapi/Internal.c
index 92f446c..3fde525 100644
--- a/peloader/winapi/Internal.c
+++ b/peloader/winapi/Internal.c
@@ -50,10 +50,10 @@ ULONG WINAPI EtwEventWrite(HANDLE RegHAndle, PVOID EventDescriptor, ULONG UserDa
return 0;
}
-static HANDLE WINAPI LdrLoadDll(PWCHAR PathToFile,
- ULONG Flags,
- PUNICODE_STRING ModuleFilename,
- PHANDLE ModuleHandle)
+static NTSTATUS WINAPI LdrLoadDll(PWCHAR PathToFile,
+ ULONG Flags,
+ PUNICODE_STRING ModuleFilename,
+ PHANDLE ModuleHandle)
{
char *PathToFileA = CreateAnsiFromWide(PathToFile);
@@ -61,10 +61,16 @@ static HANDLE WINAPI LdrLoadDll(PWCHAR PathToFile,
free(PathToFileA);
- return (HANDLE) 'LOAD';
+ return 0;
+}
+
+static NTSTATUS WINAPI LdrUnloadDll(HANDLE ModuleHandle) {
+ DebugLog("%p", ModuleHandle);
+
+ return 0;
}
-NTSTATUS WINAPI LdrGetProcedureAddress(HMODULE Module,
+static NTSTATUS WINAPI LdrGetProcedureAddress(HMODULE Module,
PANSI_STRING Name,
WORD Ordinal,
PVOID *Address)
@@ -74,6 +80,17 @@ NTSTATUS WINAPI LdrGetProcedureAddress(HMODULE Module,
// Recognizable value to crash on.
*Address = (PVOID) 'LDRZ';
+ // Search if the requested function has been already exported.
+
+ ENTRY e = { Name->buf, NULL }, *ep;
+ hsearch_r(e, FIND, &ep, &crtexports);
+
+ // If found, store the pointer and return.
+ if (ep != NULL) {
+ *Address = ep->data;
+ return 0;
+ }
+
if (strcmp(Name->buf, "EtwEventRegister") == 0) {
*Address = EtwRegister;
}
@@ -91,4 +108,5 @@ DECLARE_CRT_EXPORT("RtlAcquirePebLock", RtlAcquirePebLock);
DECLARE_CRT_EXPORT("RtlReleasePebLock", RtlReleasePebLock);
DECLARE_CRT_EXPORT("LdrGetDllHandle", LdrGetDllHandle);
DECLARE_CRT_EXPORT("LdrLoadDll", LdrLoadDll);
+DECLARE_CRT_EXPORT("LdrUnloadDll", LdrUnloadDll);
DECLARE_CRT_EXPORT("LdrGetProcedureAddress", LdrGetProcedureAddress);
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-17 14:21:05 +0300