[BUGFIX] Fixed building for 32-bit

run_pe/patch_ntdll.cpp

@@ -1,8 +1,11 @@
 #include "patch_ntdll.h"
 #include <peconv.h>
 
-bool apply_ntdll_patch(HANDLE hProcess, LPVOID module_ptr)
+bool apply_ntdll_patch64(HANDLE hProcess, LPVOID module_ptr)
 {
+#ifndef _WIN64
+    return false;
+#else
     HMODULE hNtdll = GetModuleHandleA("ntdll");
     if (!hNtdll) return false; // should never happen
 
@@ -27,7 +30,7 @@ bool apply_ntdll_patch(HANDLE hProcess, LPVOID module_ptr)
     if (!ReadProcessMemory(hProcess, (LPVOID)stub_ptr, stub_buffer_orig, stub_size, &out_bytes) || out_bytes != stub_size) {
         return false;
     }
-    const BYTE nop_pattern[sizeof(LPVOID)] = {0x0F, 0x1F, 0x84, 0x00, 0x00, 0x00, 0x00, 0x00};
+    const BYTE nop_pattern[] = {0x0F, 0x1F, 0x84, 0x00, 0x00, 0x00, 0x00, 0x00};
     if (::memcmp(stub_buffer_orig, nop_pattern, sizeof(nop_pattern)) != 0) {
         return false;
     }
@@ -91,4 +94,5 @@ bool apply_ntdll_patch(HANDLE hProcess, LPVOID module_ptr)
         return false;
     }
     return true;
+#endif
 }

run_pe/patch_ntdll.h

@@ -2,4 +2,4 @@
 
 #include <windows.h>
 
-bool apply_ntdll_patch(HANDLE hProcess, LPVOID module_ptr);
+bool apply_ntdll_patch64(HANDLE hProcess, LPVOID module_ptr);

run_pe/run_pe.cpp

@@ -231,7 +231,7 @@ bool _run_pe(BYTE *loaded_pe, size_t payloadImageSize, PROCESS_INFORMATION &pi,
         std::cerr << "Redirecting failed!\n";
         return false;
     }
-    if (!is32bit && g_PatchRequired && !apply_ntdll_patch(pi.hProcess, remoteBase)) {
+    if (!is32bit && g_PatchRequired && !apply_ntdll_patch64(pi.hProcess, remoteBase)) {
         std::cout << "ERROR: failed to apply the required patch on NTDLL\n";
     }
     std::cout << "Resuming the process: " << std::dec << pi.dwProcessId << std::endl;