Postby Warsome » Fri May 13, 2011 5:30 am

I have been working through the PE specifications defined here and at Microsoft and I have all the structs defined correctly, I have been trying to create a loader using the code below from the tutoral as a guide.

Code: Select all
//! loadedProgram is where the image was loaded to
IMAGE_DOS_HEADER* pImage = (IMAGE_DOS_HEADER*) loadedProgram;

//! go to NT HEADERS
IMAGE_NT_HEADERS* pHeaders = (IMAGE_NT_HEADERS*)(loadedProgram + pImage->e_lfanew);

//! get image base and entry point address from optional header
int base = pHeaders->OptionalHeader.ImageBase;
int entryPoint = pHeaders->OptionalHeader.AddressOfEntryPoint;

//! entry point function is at base+entryPoint
void (*entryFunction) () = (entryPoint + base);

//! call program entry point

But the above code from the tutorial generates this error in VS 2010

'initializing' : cannot convert from 'int' to 'void (__cdecl *)(void)'
Conversion from integral type to pointer type requires reinterpret_cast, C-style cast or function-style cast

Code: Select all
void (*entryFunction) () = (entryPoint + base); // <- generates error C2440

Can someone please help correcting this because I am lost.
Re: PE chapter

Postby Andyhhp » Fri May 13, 2011 7:57 am

You want something like:

Code: Select all
typedef void (*entryFunction)(void);
entryFunction myentry = ((entryFunction)(entryPoint + base));

Life gets a whole lot easier if you have a typedef in there

Re: PE chapter

Postby Warsome » Fri May 13, 2011 8:53 pm

thank you, your a star
