3 files changed, 12 insertions, 5 deletions

diff --git a/sandbox/src/interception.cc b/sandbox/src/interception.cc
index 8ee56f4..621a27d 100644
--- a/sandbox/src/interception.cc
+++ b/sandbox/src/interception.cc
@@ -12,6 +12,7 @@
 #include "base/logging.h"
 #include "base/scoped_ptr.h"
 #include "sandbox/src/interception_internal.h"
+#include "sandbox/src/pe_image.h"
 #include "sandbox/src/sandbox.h"
 #include "sandbox/src/sandbox_utils.h"
 #include "sandbox/src/service_resolver.h"
@@ -400,9 +401,11 @@ bool InterceptionManager::PatchClientFunctions(DllInterceptionData* thunks,
   if (!ntdll_base)
     return false;
 
+  PEImage ntdll_image(ntdll_base);
+
   // Bypass purify's interception.
   wchar_t* loader_get = reinterpret_cast<wchar_t*>(
-                            ::GetProcAddress(ntdll_base, "LdrGetDllHandle"));
+                            ntdll_image.GetProcAddress("LdrGetDllHandle"));
   if (loader_get) {
     if (!GetModuleHandleHelper(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS |
                                    GET_MODULE_HANDLE_EX_FLAG_UNCHANGED_REFCOUNT,
diff --git a/sandbox/src/policy_broker.cc b/sandbox/src/policy_broker.cc
index 82bc300..6e9073a 100644
--- a/sandbox/src/policy_broker.cc
+++ b/sandbox/src/policy_broker.cc
@@ -9,6 +9,7 @@
 #include "base/logging.h"
 #include "base/win_util.h"
 #include "sandbox/src/interception.h"
+#include "sandbox/src/pe_image.h"
 #include "sandbox/src/policy_target.h"
 #include "sandbox/src/process_thread_interception.h"
 #include "sandbox/src/sandbox.h"
@@ -27,22 +28,23 @@ SANDBOX_INTERCEPT NtExports g_nt;
 
 #define INIT_GLOBAL_NT(member) \
   g_nt.##member = reinterpret_cast<Nt##member##Function>( \
-                      ::GetProcAddress(ntdll, "Nt" #member)); \
+                      ntdll_image.GetProcAddress("Nt" #member)); \
   if (NULL == g_nt.##member) \
     return false
 
 #define INIT_GLOBAL_RTL(member) \
   g_nt.##member = reinterpret_cast<##member##Function>( \
-                      ::GetProcAddress(ntdll, #member)); \
+                      ntdll_image.GetProcAddress(#member)); \
   if (NULL == g_nt.##member) \
     return false
 
 bool SetupNtdllImports(TargetProcess *child) {
   HMODULE ntdll = ::GetModuleHandle(kNtdllName);
+  PEImage ntdll_image(ntdll);
 
   // Bypass purify's interception.
   wchar_t* loader_get = reinterpret_cast<wchar_t*>(
-                            ::GetProcAddress(ntdll, "LdrGetDllHandle"));
+                            ntdll_image.GetProcAddress("LdrGetDllHandle"));
   if (loader_get) {
     GetModuleHandleHelper(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS |
                               GET_MODULE_HANDLE_EX_FLAG_UNCHANGED_REFCOUNT,
diff --git a/sandbox/src/service_resolver.cc b/sandbox/src/service_resolver.cc
index 97cb205..6491138 100644
--- a/sandbox/src/service_resolver.cc
+++ b/sandbox/src/service_resolver.cc
@@ -5,6 +5,7 @@
 #include "sandbox/src/service_resolver.h"
 
 #include "base/logging.h"
+#include "sandbox/src/pe_image.h"
 #include "sandbox/src/sandbox_types.h"
 #include "sandbox/src/sandbox_utils.h"
 
@@ -157,7 +158,8 @@ NTSTATUS ServiceResolverThunk::ResolveTarget(const void* module,
   if (NULL == module)
     return STATUS_UNSUCCESSFUL;
 
-  *address = ::GetProcAddress(bit_cast<HMODULE>(module), function_name);
+  PEImage module_image(module);
+  *address = module_image.GetProcAddress(function_name);
 
   if (NULL == *address)
     return STATUS_UNSUCCESSFUL;