c++ - Get file offset from a loaded DLL's function -

c++ - Get file offset from a loaded DLL's function -

i'd ask, how locate specific (exported) function within dll. illustration i'd locate readprocessmemory within kernel32. wouldn't rely on import table, i'd locate different apis based on addresses custom function.

i tried create little research on va, rva & file offsets, didn't succeed. here's illustration tried, isn't working (returns 0 in cases):

dword rva2offset(dword dwrva, uint_ptr uibaseaddress) { word windex = 0; pimage_section_header psectionheader = null; pimage_nt_headers pntheaders = null; pntheaders = (pimage_nt_headers) (uibaseaddress + ((pimage_dos_header) uibaseaddress)->e_lfanew); psectionheader = (pimage_section_header) ((uint_ptr) (&pntheaders->optionalheader) + pntheaders->fileheader.sizeofoptionalheader); if (dwrva < psectionheader[0].pointertorawdata) homecoming dwrva; (windex = 0; windex < pntheaders->fileheader.numberofsections; windex++) { if (dwrva >= psectionheader[windex].virtualaddress && dwrva < (psectionheader[windex].virtualaddress + psectionheader[windex].sizeofrawdata)) homecoming (dwrva - psectionheader[windex].virtualaddress + psectionheader[windex].pointertorawdata); } homecoming 0; }

could help me how accomplish simple task?

thank you.

p.s.: i'm not sticking function above, both if can point out what's problem, or give improve source awesome.

c++ visual-studio-2013 offset virtual-address-space