How to call a function located in an executable file from a loaded DLL?

I found a function inside the executable that I would like to call from my DLL. The address of this address will be 0x0090DE00 according to OllyDbg. I tried calling it directly:

 luaL__openlib *f = ((luaL__openlib*)(module_handle + 0x0090DE00)); 

but also with the addition of a module descriptor base to it, as suggested here :

 uint8_t * module_handle = (uint8_t *)GetModuleHandle(L"ForgedAlliance1.exe"); luaL__openlib *f = ((luaL__openlib*)(module_handle + 0x0090DE00)); 

It doesn't seem to work as I get access violation exceptions - it looks like the pointer is invalid.

So: how can I call this function using its address?

I just inserted a simple RET instruction into 0x00C0B530 . Now my code is as follows:

 typedef void (*test) (); EXTERN_DLL_EXPORT void initialize(lua_State *L) { // Adding this should not be necessary. I get 0x00C0B530 from // OllyDbg where the offset 0x00401000 is included uint8_t * module_handle = (uint8_t *)GetModuleHandle(L"ForgedAlliance1.exe"); test *f = NULL; f = ((test*)(0x00C0B530)); (*f)(); // Crashing } 

I don't quite understand why I get a different address in the exception message:

An exception was 0x909090C3 at 0x909090C3 in ForgedAlliance1.exe: 0xC0000005 : violation of access to execution location 0x909090C3 .

UPDATE: I just realized that 0x909090C3 is not just a pointer here, it's the code itself

 90 | NOP 90 | NOP 90 | NOP C3 | RETN 

It seems like I'm joking with pointers. Why is he trying to execute "location" 0x909090C3 . This is not the place.