//从内存中加载DLL DELPHI版  unit MemLibrary;interfaceusesWindows;function memLoadLibrary(pLib: Pointer): DWord;function memGetProcAddress(dwLibHandle: DWord; pFunctionName: PChar): Pointer; stdcall;function memFreeLibrary(dwHandle: DWord): Boolean;implementationprocedure ChangeReloc(baseorgp, basedllp, relocp: pointer; size: cardinal);type    TRelocblock = record        vaddress: integer;        size: integer;    end;    PRelocblock = ^TRelocblock;var    myreloc: PRelocblock;    reloccount: integer;    startp: ^word;    i: cardinal;    p: ^cardinal;    dif: cardinal;begin    myreloc := relocp;    dif := cardinal(basedllp)-cardinal(baseorgp);    startp := pointer(cardinal(relocp)+8);    while myreloc^.vaddress <> 0 do    begin      reloccount := (myreloc^.size-8) div sizeof(word);      for i := 0 to reloccount-1 do      begin        if (startp^ xor $3000 < $1000) then        begin          p := pointer(myreloc^.vaddress+startp^ mod $3000+integer(basedllp));          p^ := p^+dif;        end;        startp := pointer(cardinal(startp)+sizeof(word));      end;      myreloc := pointer(startp);      startp := pointer(cardinal(startp)+8);    end;end;procedure CreateImportTable(dllbasep, importp: pointer); stdcall;type    timportblock = record          Characteristics: cardinal;          TimeDateStamp: cardinal;          ForwarderChain: cardinal;          Name: pchar;          FirstThunk: pointer;    end;    pimportblock = ^timportblock;var    myimport: pimportblock;    thunksread, thunkswrite: ^pointer;    dllname: pchar;    dllh: thandle;    old: cardinal;begin    myimport := importp;    while (myimport^.FirstThunk <> nil) and (myimport^.Name <> nil) do    begin      dllname := pointer(integer(dllbasep)+integer(myimport^.name));      dllh := LoadLibrary(dllname);      thunksread := pointer(integer(myimport^.FirstThunk)+integer(dllbasep));      thunkswrite := thunksread;      if integer(myimport^.TimeDateStamp) = -1 then        thunksread := pointer(integer(myimport^.Characteristics)+integer(dllbasep));      while (thunksread^ <> nil) do      begin        if VirtualProtect(thunkswrite,4,PAGE_EXECUTE_READWRITE,old) then        begin          if (cardinal(thunksread^) and $80000000 <> 0) then          thunkswrite^ := GetProcAddress(dllh,pchar(cardinal(thunksread^) and $FFFF)) else          thunkswrite^ := GetProcAddress(dllh,pchar(integer(dllbasep)+integer(thunksread^)+2));          VirtualProtect(thunkswrite,4,old,old);        end;        inc(thunksread,1);        inc(thunkswrite,1);      end;      myimport := pointer(integer(myimport)+sizeof(timportblock));    end;end;function memLoadLibrary(pLib: Pointer): DWord;varDllMain    : function (dwHandle, dwReason, dwReserved: DWord): DWord; stdcall;IDH        : PImageDosHeader;INH        : PImageNtHeaders;SEC        : PImageSectionHeader;dwSecCount : DWord;dwLen      : DWord;dwmemsize : DWord;i          : Integer;pAll       : Pointer;beginResult := 0;IDH := pLib;if isBadReadPtr(IDH, SizeOf(TImageDosHeader)) or (IDH^.e_magic <> IMAGE_DOS_SIGNATURE) then    Exit;INH := pointer(cardinal(pLib)+cardinal(IDH^._lfanew));if isBadReadPtr(INH, SizeOf(TImageNtHeaders)) or (INH^.Signature <> IMAGE_NT_SIGNATURE) then    Exit;// if (pReserved <> nil) then//    dwLen := Length(pReserved)+1// else    dwLen := 0;SEC := Pointer(Integer(INH)+SizeOf(TImageNtHeaders));dwMemSize := INH^.OptionalHeader.SizeOfImage;if (dwMemSize = 0) then Exit;pAll := VirtualAlloc(nil,dwMemSize+dwLen,MEM_COMMIT or MEM_RESERVE,PAGE_EXECUTE_READWRITE);if (pAll = nil) then Exit;dwSecCount := INH^.FileHeader.NumberOfSections;CopyMemory(pAll,IDH,DWord(SEC)-DWord(IDH)+dwSecCount*SizeOf(TImageSectionHeader));// CopyMemory(Pointer(DWord(pAll) + dwMemSize),pReserved,dwLen-1);CopyMemory(Pointer(DWord(pAll) + dwMemSize),nil,dwLen-1);for i := 0 to dwSecCount-1 dobegin    CopyMemory(Pointer(DWord(pAll)+SEC^.VirtualAddress),          Pointer(DWord(pLib)+DWord(SEC^.PointerToRawData)),          SEC^.SizeOfRawData);    SEC := Pointer(Integer(SEC)+SizeOf(TImageSectionHeader));end;if (INH^.OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].VirtualAddress <> 0) then    ChangeReloc(Pointer(INH^.OptionalHeader.ImageBase),          pAll,          Pointer(DWord(pAll)+INH^.OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].VirtualAddress),          INH^.OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].Size);CreateImportTable(pAll, Pointer(DWord(pAll)+INH^.OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress));@DllMain := Pointer(INH^.OptionalHeader.AddressOfEntryPoint+DWord(pAll));// if (INH^.OptionalHeader.AddressOfEntryPoint <> 0) and (bDllMain) thenif INH^.OptionalHeader.AddressOfEntryPoint <> 0 thenbegin    try//      if (pReserved <> nil) then//        DllMain(DWord(pAll),DLL_PROCESS_ATTACH,DWord(pAll)+dwMemSize)//      else        DllMain(DWord(pAll),DLL_PROCESS_ATTACH,0);    except    end;end;Result := DWord(pAll);end;function memFreeLibrary(dwHandle: DWord): Boolean;varIDH: PImageDosHeader;INH: PImageNTHeaders;beginResult := false;if (dwHandle = 0) then    Exit;IDH := Pointer(dwHandle);if (IDH^.e_magic <> IMAGE_DOS_SIGNATURE) then    Exit;INH := Pointer(DWord(IDH^._lfanew)+DWord(IDH));if (INH^.Signature <> IMAGE_NT_SIGNATURE) then    Exit;if VirtualFree(Pointer(dwHandle),INH^.OptionalHeader.SizeOfImage,MEM_DECOMMIT) then    Result := True;end;function memGetProcAddress(dwLibHandle: DWord; pFunctionName: PChar): Pointer; stdcall;varNtHeader          : PImageNtHeaders;DosHeader          : PImageDosHeader;DataDirectory      : PImageDataDirectory;ExportDirectory    : PImageExportDirectory;i          : Integer;iExportOrdinal     : Integer;ExportName         : String;dwPosDot          : DWord;dwNewmodule        : DWord;pFirstExportName   : Pointer;pFirstExportAddress: Pointer;pFirstExportOrdinal: Pointer;pExportAddr        : PDWord;pExportNameNow     : PDWord;pExportOrdinalNow : PWord;beginResult := nil;if pFunctionName = nil then Exit;DosHeader := Pointer(dwLibHandle);if isBadReadPtr(DosHeader,sizeof(TImageDosHeader)) or (DosHeader^.e_magic <> IMAGE_DOS_SIGNATURE) then    Exit; {
    Wrong PE (DOS) Header}NtHeader := Pointer(DWord(DosHeader^._lfanew)+DWord(DosHeader));if isBadReadPtr(NtHeader, sizeof(TImageNTHeaders)) or (NtHeader^.Signature <> IMAGE_NT_SIGNATURE) then    Exit; {
    Wrong PW (NT) Header}DataDirectory := @NtHeader^.OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT];if (DataDirectory = nil) or (DataDirectory^.VirtualAddress = 0) then    Exit; {
    Library has no exporttable}ExportDirectory := Pointer(DWord(DosHeader) + DWord(DataDirectory^.VirtualAddress));if isBadReadPtr(ExportDirectory,SizeOf(TImageExportDirectory)) then    Exit;pFirstExportName := Pointer(DWord(ExportDirectory^.AddressOfNames)+DWord(DosHeader));pFirstExportOrdinal := Pointer(DWord(ExportDirectory^.AddressOfNameOrdinals)+DWord(DosHeader));pFirstExportAddress := Pointer(DWord(ExportDirectory^.AddressOfFunctions)+DWord(DosHeader));if (integer(pFunctionName) > $FFFF) then {
    is FunctionName a PChar?}begin    iExportOrdinal := -1;          {
    if we dont find the correct ExportOrdinal}    for i := 0 to ExportDirectory^.NumberOfNames-1 do {
    for each export do}    begin      pExportNameNow := Pointer(Integer(pFirstExportName)+SizeOf(Pointer)*i);      if (not isBadReadPtr(pExportNameNow,SizeOf(DWord))) then      begin        ExportName := PChar(pExportNameNow^+ DWord(DosHeader));        if (ExportName = pFunctionName) then {
    is it the export we search? Calculate the ordinal.}        begin          pExportOrdinalNow := Pointer(Integer(pFirstExportOrdinal)+SizeOf(Word)*i);          if (not isBadReadPtr(pExportOrdinalNow,SizeOf(Word))) then          iExportOrdinal := pExportOrdinalNow^;        end;      end;    end;end else{
    no PChar, calculate the ordinal directly}    iExportOrdinal := DWord(pFunctionName)-DWord(ExportDirectory^.Base);if (iExportOrdinal < 0) or (iExportOrdinal > Integer(ExportDirectory^.NumberOfFunctions)) then    Exit; {
    havent found the ordinal}pExportAddr := Pointer(iExportOrdinal*4+Integer(pFirstExportAddress));if (isBadReadPtr(pExportAddr,SizeOf(DWord))) then    Exit;{
    Is the Export outside the ExportSection? If not its NT spezific forwared function}if (pExportAddr^ < DWord(DataDirectory^.VirtualAddress)) or     (pExportAddr^ > DWord(DataDirectory^.VirtualAddress+DataDirectory^.Size)) thenbegin    if (pExportAddr^ <> 0) then {
    calculate export address}      Result := Pointer(pExportAddr^+DWord(DosHeader));endelsebegin {
    forwarded function (like kernel32.EnterCriticalSection -> NTDLL.RtlEnterCriticalSection)}    ExportName := PChar(dwLibHandle+pExportAddr^);    dwPosDot := Pos('.',ExportName);    if (dwPosDot > 0) then    begin      dwNewModule := GetModuleHandle(PChar(Copy(ExportName,1,dwPosDot-1)));      if (dwNewModule = 0) then        dwNewModule := LoadLibrary(PChar(Copy(ExportName,1,dwPosDot-1)));      if (dwNewModule <> 0) then        result := GetProcAddressX(dwNewModule,PChar(Copy(ExportName,dwPosDot+1,Length(ExportName))));    end;end;end;end.