ancev
December 12th, 2005, 23:04
hi guys,
i am resolving imports from kernel32, using my own routine (that scan dll export table, in the classical and tested way), but i am getting weird results with some APIs...
for example, when trying to get the address of HeapAlloc, i get a address... but in this address, isnt function code, but a string: NTDLL.HeapAllocate
the same happen with others APIs, like RtlUnwind
anybody know whats happening? i am using xp sp2, and i already coded that dll export scan routine 100 times, and it always worked
thanks in advance,
ancev
i am resolving imports from kernel32, using my own routine (that scan dll export table, in the classical and tested way), but i am getting weird results with some APIs...
for example, when trying to get the address of HeapAlloc, i get a address... but in this address, isnt function code, but a string: NTDLL.HeapAllocate
the same happen with others APIs, like RtlUnwind
anybody know whats happening? i am using xp sp2, and i already coded that dll export scan routine 100 times, and it always worked
thanks in advance,
ancev