summaryrefslogtreecommitdiffhomepage
path: root/src/modules/pe_get_ntdll_module_handle.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/modules/pe_get_ntdll_module_handle.c')
-rw-r--r--src/modules/pe_get_ntdll_module_handle.c27
1 files changed, 27 insertions, 0 deletions
diff --git a/src/modules/pe_get_ntdll_module_handle.c b/src/modules/pe_get_ntdll_module_handle.c
new file mode 100644
index 0000000..72f81ec
--- /dev/null
+++ b/src/modules/pe_get_ntdll_module_handle.c
@@ -0,0 +1,27 @@
+/*****************************************************************************/
+/* pemagination: a (virtual) tour into portable bits and executable bytes */
+/* Copyright (C) 2013,2014,2015 Z. Gilboa */
+/* Released under GPLv2 and GPLv3; see COPYING.PEMAGINE. */
+/*****************************************************************************/
+
+#include <psxtypes/psxtypes.h>
+#include <pemagine/pe_consts.h>
+#include <pemagine/pe_structs.h>
+#include <pemagine/pemagine.h>
+#include "pe_impl.h"
+
+pe_api
+void * pe_get_ntdll_module_handle(void)
+{
+ struct pe_peb_ldr_data * peb_ldr_data;
+ struct pe_list_entry * peb_list_entry;
+ intptr_t peb_tbl_addr;
+ struct pe_ldr_tbl_entry * peb_ldr_tbl_entry;
+
+ peb_ldr_data = (struct pe_peb_ldr_data *)pe_get_peb_ldr_data_address();
+ peb_list_entry = peb_ldr_data->in_init_order_module_list.flink;
+ peb_tbl_addr = (intptr_t)peb_list_entry - IN_INITIALIZATION_ORDER_MODULE_LIST_OFFSET;
+ peb_ldr_tbl_entry = (struct pe_ldr_tbl_entry *)peb_tbl_addr;
+
+ return peb_ldr_tbl_entry->dll_base;
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-20 21:36:00 +0000