I wonder since when you call a function exported from a dll you are just calling an area where there is a jump

example

myFunction proto

invoke myFunction

Will be calling calling an area that is only a jump to the real function. So I wonder if Its possible to change the address of the jump when the DLL initializes. (To change the function according to processor, availability of extensions, etc.).

If so:
1. How Do I change the security attributes of the segment where the imports are (so I can change the values)

2. How do I do this from the DLL? (since the memory in the executable memory area and not in the DLL memory area).
Posted on 2002-01-16 09:37:40 by dxantos
The dword you'll want to change is in the process' Import Table.
Thus, I think it might be a bit hard (and definitely messy) to get the
DLL to change it. Change memory permissions probably isn't necessary,
I think the IT is usually in read/write memory.

There's a few other way to handle this though. The symbol you
export could be a "NOP buffer" large enough to hold the largest
processor-specific version, and you can then move the right code
in place (with surrounding VirtualProtect to deprotect and reprotect
the area). However, if multiple programs can use your DLL, this can
be a dangerous affair (dunno how this is done on NT with the CopyOnWrite...
I think the DLL will be modifying itself in the context of the process,
so it might not be dangerous after all).

However... why not make it take an extra indirection through a
dword pointing to the processor specific code? Is the little extra
added overhead that much an issue?
Posted on 2002-01-17 06:56:55 by f0dder