Yup, "call dword " will be fixed by PE loader, "call imm32" (relative) won't.
Excellent!
Simply, it seems to me very strange -- we can use 100 'call rel32' (relative) to one 'jmp' -- PE loader will correct only 1 jmp. If we have 100 'call ' -- loader must complete 100 corrections. But, this is more rhetorical question, I think.
Thank you all for answers and patience!
well, in most situations you image won't be rebased and the relocations won't have to take place. There isn't really much reason to use one approach over the other - except that "call rel32" will not need a fixup, and will be a tiny smaller if you call the API many times. The speed difference between the two is almost nonexisting, and if becomes a problem - you're structured your code wrong :)
All in all a very good thread f0dder and Mika0x65, not something that I have ever looked into in any depth but I have learned a bit while exploring the answer, thanks :thumbsup: