Hello, I have recently worked on a project that required creating a remote thread in another Process. The thread is injected by allocating memory in the target process and copying my thread as well as some data. This thread surely needs to call Windows APIs, but curiously direct calls to kernel32.dll APIs as declared in the Windows unit don't work, but if I get the address of the function in my main program and pass it to the remote thread then it can call it.
This isn't really a problem, because I had read that this is indeed the case in C too, I am just wondering why does this happen. I mean, I don't see the difference between calling the function from the Windows unit and the one loaded with GetProcAddress from the remote thread, I would imagine that both just end up calling the same address? Note that the subtle thing here is that on Windows the functions from kernel32.dll are guaranteed to be on the same address in every application, and that's why I can get the address in the main application and use it in the remote thread. Or else this thread would be unable to call APIs. In pseudo code what mean is: This crashes: function MyRemoteThread(param: PRemoteData): DWord; stdcall; begin lib := Windows.LoadLibrary(some params); end; But this works: function MyRemoteThread(param: PRemoteData): DWord; stdcall; begin lib := param^.vLoadLibrary(some params); end; And vLoadLibrary was filled using GetProcAdress thanks, -- Felipe Monteiro de Carvalho _______________________________________________ fpc-pascal maillist - fpc-pascal@lists.freepascal.org http://lists.freepascal.org/mailman/listinfo/fpc-pascal
