Help
Been working on tool lately, and I would like to call the internal function NtOpenProcess. However, to do so, I need to use Run-Time-Dynamic-Linking, described in this article:
http://msdn.microsoft.com/en-us/library/ms686944(VS.85).aspx
My problem lies in creating the function pointer. Here's my declaration:
typedef NTSTATUS (NTAPI *_NtOpenProcess) (
OUT PHANDLE,
IN ACCESS_MASK,
IN POBJECT_ATTRIBUTES,
IN PCLIENT_ID OPTIONAL);
class procManager
{
HINSTANCE hNTDLL;
public:
procManager()
{
hNTDLL = LoadLibrary(L"ntdll.dll");
if (!hNTDLL)
throw std::runtime_error("NTDLL.DLL failure.");
_NtOpenProcess NtOpenProcess;
NtOpenProcess = reinterpret_cast <_NtOpenProcess> (GetProcAddress(hNTDLL, L"NtOpenProcess"));
if (!NtOpenProcess)
throw std::runtime_error("NtOpenProcess not found.");
//Use NTOpenProcess for stuff here
};
~procManager()
{
FreeLibrary(hNTDLL);
};
};The compiler error is:
Quote
error C2059: syntax error : '__stdcall'
__stdcall is what the macro NTAPI resolves to. If I remove NTAPI from the declaration, here's the error I get:
Quote
error C2065: '_NtOpenProcess' : undeclared identifier
At which point, I'm saying, "Well duh! That's why it's a TYPEDEF!!" I'm DECLARING it!
Anyone have any ideas on my syntax error here?
Billy3
Back to top
