When i try to use the functions SymbolFromName() e SymbolFromAddress() the return code always return 126 (MODULE_NOT_FOUND), the code is :
#include<dbghelp.h>
#include <iostream>
#include <Windows.h>
#include <windows.h>
#include <debugapi.h>
#include <WinBase.h>
using namespace std;
int main(){
DWORD error;
HANDLE hProcess;
SymSetOptions(SYMOPT_UNDNAME | SYMOPT_DEFERRED_LOADS);
hProcess = GetCurrentProcess();
if (!SymInitialize(hProcess, NULL, TRUE))
{
// SymInitialize failed
error = GetLastError();
cout << "SymInitialize returned error " << error << endl;;
return FALSE;
}}
hProcess = GetCurrentProcess();
SymSetOptions(SYMOPT_UNDNAME | SYMOPT_DEFERRED_LOADS);
SymInitialize(hProcess, NULL, TRUE);
TCHAR szSymbolName[MAX_SYM_NAME];
ULONG64 buffer[(sizeof(SYMBOL_INFOW) +
MAX_SYM_NAME * sizeof(TCHAR) +
sizeof(ULONG64) - 1) /
sizeof(ULONG64)];
PSYMBOL_INFO pSymbol = (PSYMBOL_INFO)buffer;
_tcscpy_s(szSymbolName, MAX_SYM_NAME, TEXT("mainCRTStartup")); // i
know the entrypoint name by using >>nm command in windows for extract
symbol
pSymbol->SizeOfStruct = sizeof(SYMBOL_INFO);
pSymbol->MaxNameLen = MAX_SYM_NAME;
if (SymFromName(hProcess, szSymbolName, pSymbol)){
cout << pSybol->address
} // this return always 126
}
i use VisualStudio and the default debugger for testing it. Part of the code above is taken from MSDN documentation, here.
EDIT : i know the main simbol thanks to nm, that can extract a list of symbols, in my case it contains :
00401300 T _WinMainCRTStartup
00401460 T _main
004012e0 T _mainCRTStartup
I also try to using different symbols name like main, mainCRTStartup, wWinMain, WinMain and so on, without any results