Page 1 of 1

PE chapter

PostPosted: Fri May 13, 2011 5:30 am
by Warsome
I have been working through the PE specifications defined here and at Microsoft and I have all the structs defined correctly, I have been trying to create a loader using the code below from the tutoral as a guide.

Code: Select all
//! loadedProgram is where the image was loaded to
IMAGE_DOS_HEADER* pImage = (IMAGE_DOS_HEADER*) loadedProgram;

//! go to NT HEADERS
IMAGE_NT_HEADERS* pHeaders = (IMAGE_NT_HEADERS*)(loadedProgram + pImage->e_lfanew);

//! get image base and entry point address from optional header
int base = pHeaders->OptionalHeader.ImageBase;
int entryPoint = pHeaders->OptionalHeader.AddressOfEntryPoint;

//! entry point function is at base+entryPoint
void (*entryFunction) () = (entryPoint + base);

//! call program entry point
entryFunction();


But the above code from the tutorial generates this error in VS 2010

'initializing' : cannot convert from 'int' to 'void (__cdecl *)(void)'
Conversion from integral type to pointer type requires reinterpret_cast, C-style cast or function-style cast

Code: Select all
void (*entryFunction) () = (entryPoint + base); // <- generates error C2440


Can someone please help correcting this because I am lost.

Re: PE chapter

PostPosted: Fri May 13, 2011 7:57 am
by Andyhhp
You want something like:

Code: Select all
typedef void (*entryFunction)(void);
entryFunction myentry = ((entryFunction)(entryPoint + base));
myentry();


Life gets a whole lot easier if you have a typedef in there

~Andrew

Re: PE chapter

PostPosted: Fri May 13, 2011 8:53 pm
by Warsome
thank you, your a star