#include <windows.h>
#include <stdlib.h>

void *SefGetProcAddress(HMODULE module, const char *proc_name)
{
	char *modb = (char *)module;

	IMAGE_DOS_HEADER *dos_header = (IMAGE_DOS_HEADER *)modb;
	IMAGE_NT_HEADERS *nt_headers = (IMAGE_NT_HEADERS *)(modb + dos_header->e_lfanew);
	IMAGE_OPTIONAL_HEADER *opt_header = &nt_headers->OptionalHeader;
	IMAGE_DATA_DIRECTORY *exp_entry = (IMAGE_DATA_DIRECTORY *)
	(&opt_header->DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT]);
	IMAGE_EXPORT_DIRECTORY *exp_dir = (IMAGE_EXPORT_DIRECTORY *)(modb + exp_entry->VirtualAddress);
	void **func_table = (void **)(modb + exp_dir->AddressOfFunctions);
	WORD *ord_table = (WORD *)(modb + exp_dir->AddressOfNameOrdinals);
	char **name_table = (char **)(modb + exp_dir->AddressOfNames);
	void *address = NULL;

	DWORD i;

	/* is ordinal? */
	if (((DWORD)proc_name >> 16) == 0) {
		WORD ordinal = LOWORD(proc_name);
		DWORD ord_base = exp_dir->Base;
		/* is valid ordinal? */
		if (ordinal < ord_base || ordinal > ord_base + exp_dir->NumberOfFunctions)
			return NULL;

		/* taking ordinal base into consideration */
		address = (void *)(modb + (DWORD)func_table[ordinal - ord_base]);
	} else {
		/* import by name */
		for (i = 0; i < exp_dir->NumberOfNames; i++) {
			/* name table pointers are rvas */
			if (strcmp(proc_name, modb + (DWORD)name_table[i]) == 0)
			address = (void *)(modb + (DWORD)func_table[ord_table[i]]);
		}
	}
	/* is forwarded? */
	if ((char *)address >= (char *)exp_dir &&
		(char *)address < (char *)exp_dir + exp_entry->Size) {
		char *dll_name, *func_name;
		HMODULE frwd_module;
		dll_name = strdup((char *)address);
		if (!dll_name)
			return NULL;
		address = NULL;
		func_name = strchr(dll_name, '.');
		*func_name++ = 0;

		/* is already loaded? */
		frwd_module = GetModuleHandle(dll_name);
		if (!frwd_module)
			frwd_module = LoadLibrary(dll_name);

		if (frwd_module)
			address = get_proc_address(frwd_module, func_name);

		free(dll_name);
	}
	return address;
}