I read that on Windows, the dll code segment is split between several processes, matching the same physical address with the virtual addresses of different processes. So I'm a little confused about what exactly happens when you do the inline binding. For example, Kernel32.dll is loaded by almost every process, so if I change the first bytes of ShellExecute in one process, it should affect all other processes that load this dll. But this does not seem to be happening. My question is: does Windows use something like a write-to-write mechanism when dealing with such situations, or does it just not split the code segment?
Thanks!
source
share