|
10-13-2009, 02:00 PM
| #1 |
| Registered User Join Date: Oct 2009
Posts: 8
| relative virtual addresses confusion suppose rva in iat section it uses rva right ? then it uses that address to calculate real content of the file ok so here why doesn't it just jmp at the address of that function directly instead of using a temp like variable ? also as far as i understand it's used for iat tables or it got other uses ? Please someone calarify to me what's it uses in details |
| MrNoobah is offline |  |
|
10-13-2009, 02:28 PM
| #2 | |
| Senior software engineer  Join Date: Mar 2007 Location: Portland, OR
Posts: 5,758
| Quote:
This can reduce the number of fixups by many thousands of times for a complex DLL. And because Windows loads and unloads DLLs like nobody's business, being able to do it quickly is important. There's another ENORMOUS reason why we do not directly modify the code segment. This would prevent us from being able to share code pages between different instances of the DLL. Essentially, it would completely defeat the purpose of having a DLL, which is to allow the same code to be loaded only ONCE into memory. If two processes load the same DLL at different addresses, then they will have different IATs. That's a much smaller impact than having two complete copies of the DLL in memory at the same time.
__________________ "Congratulations on your purchase. To begin using your quantum computer, set the power switch to both off and on simultaneously." -- raftpeople@slashdot Last edited by brewbuck; 10-13-2009 at 02:30 PM. | |
| brewbuck is offline | |
|
10-13-2009, 02:42 PM
| #3 | |
| Registered User Join Date: Oct 2009
Posts: 8
| Quote:
| |
| MrNoobah is offline | |
|
10-13-2009, 02:45 PM
| #4 |
| Senior software engineer Join Date: Mar 2007 Location: Portland, OR
Posts: 5,758
| Can you rephrase the question? I don't understand it.
__________________ "Congratulations on your purchase. To begin using your quantum computer, set the power switch to both off and on simultaneously." -- raftpeople@slashdot |
| brewbuck is offline | |
|
10-13-2009, 02:53 PM
| #5 |
| Registered User Join Date: Oct 2009
Posts: 8
| when rva get's translated to the address of the function let's say printf which is in IAT table of our pe format to get it's address we add rva to load address of it (as msdn specifcation says) which get translated to it's real address wouldn't it be easier to use real address from the begging ? |
| MrNoobah is offline | |
|
10-13-2009, 05:31 PM
| #6 |
| Registered User Join Date: Oct 2009
Posts: 8
| for example to get image base address which is first byte the file was loaded in we add loaded address to rva k but why in we don't load with image base address to begin with instead of all that stuff ? |
| MrNoobah is offline | |
|
10-13-2009, 07:43 PM
| #7 | |
| Senior software engineer Join Date: Mar 2007 Location: Portland, OR
Posts: 5,758
| Quote:
__________________ "Congratulations on your purchase. To begin using your quantum computer, set the power switch to both off and on simultaneously." -- raftpeople@slashdot | |
| brewbuck is offline | |
|
10-13-2009, 08:45 PM
| #8 |
| Registered User Join Date: Oct 2009
Posts: 8
| yes your right i didn't know that windows rebase makes sense lol all that over some simple thing thanks |
| MrNoobah is offline | |
 |
| Thread Tools | |
| Display Modes | |
|
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Virtual Box | ssharish2005 | Tech Board | 3 | 02-12-2009 05:08 AM |
| overhead of virtual functions | coletek | C++ Programming | 4 | 01-12-2009 12:56 PM |
| Abnormal Program Termination when executed from C:\Program Files\... | m37h0d | Windows Programming | 48 | 09-26-2008 03:45 AM |
| C++ XML Class | edwardtisdale | C++ Programming | 0 | 12-10-2001 11:14 PM |
| Exporting Object Hierarchies from a DLL | andy668 | C++ Programming | 0 | 10-20-2001 01:26 PM |
Linear Mode
