From a43f4054452e6c412b92959528d2e46440a65533 Mon Sep 17 00:00:00 2001
From: rkbennett <r.k.bennett@hotmail.com>
Date: Sat, 7 Jan 2023 11:14:05 -0600
Subject: [PATCH] fixes invalid ordlookup function reference, adds
 compatibility for py veunicode strings and nd LPCSTR ord cast

---
 pythonmemorymodule/__init__.py | 7 +++++--
 pythonmemorymodule/pefile.py   | 2 +-
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/pythonmemorymodule/__init__.py b/pythonmemorymodule/__init__.py
index 7197c84..f788af1 100644
--- a/pythonmemorymodule/__init__.py
+++ b/pythonmemorymodule/__init__.py
@@ -768,9 +768,12 @@ def build_import_table(self, dlopen = LoadLibraryW):
 			
 				funcref = cast(funcrefaddr, PFARPROC)
 				if entry_imports[j].import_by_ordinal == True: 
-					importordinal= entry_imports[j].ordinal.decode('utf-8')  
+					if 'decode' in dir(entry_imports[j].ordinal):
+						importordinal= entry_imports[j].ordinal.decode('utf-8')
+					else:
+						importordinal= entry_imports[j].ordinal
 					self.dbg('Found import ordinal entry, %s', cast(importordinal, LPCSTR))
-					funcref.contents = GetProcAddress(hmod, importordinal)
+					funcref.contents = GetProcAddress(hmod, cast(importordinal, LPCSTR))
 				else:
 					importname= entry_imports[j].name.decode('utf-8') 
 					self.dbg('Found import by name entry %s , at address 0x%x', importname, entry_imports[j].address)
diff --git a/pythonmemorymodule/pefile.py b/pythonmemorymodule/pefile.py
index 1665ade..f68aac4 100644
--- a/pythonmemorymodule/pefile.py
+++ b/pythonmemorymodule/pefile.py
@@ -38,7 +38,7 @@
 import functools
 import copy as copymod
 
-import pythonmemorymodule.ordlookup
+import pythonmemorymodule.ordlookup as ordlookup
 
 codecs.register_error("backslashreplace_", codecs.lookup_error("backslashreplace"))