1. WinXP SP2 and inline machine code calling

I  haven't  tried  SP2, and possibly never, but SP2 has Data Execution
Prevention http://fype.com/sp2dep

Will it be preventing this kind of code execution?
(because the code will be executed from data area, CMIIW)


(taken from bit.e)
poke(SHL_SPACE, {
     -- first int argument is at stack offset +4, 2nd int is at +8
     -- returns a *signed* 32-bit number
     #8B, #44, #24, #04,      -- mov  eax, [esp+4]
     #8A, #4C, #24, #08,      -- mov  cl,  [esp+8]
     #D3, #E0,                -- shl  eax, cl
     #C2, #08, #00            -- ret  8  -- pop 8 bytes off the stack
    })

SHIFT_LEFT = define_c_func("", SHL_SPACE, {C_INT, C_INT}, C_INT)

new topic     » topic index » view message » categorize

2. Re: WinXP SP2 and inline machine code calling

unknown wrote:
> I  haven't  tried  SP2, and possibly never, but SP2 has Data Execution
> Prevention <a href="http://fype.com/sp2dep">http://fype.com/sp2dep</a>
> 
> Will it be preventing this kind of code execution?
> (because the code will be executed from data area, CMIIW)
> 
> 
> (taken from bit.e)
> poke(SHL_SPACE, {
>      -- first int argument is at stack offset +4, 2nd int is at +8
>      -- returns a *signed* 32-bit number
>      #8B, #44, #24, #04,      -- mov  eax, [esp+4]
>      #8A, #4C, #24, #08,      -- mov  cl,  [esp+8]
>      #D3, #E0,                -- shl  eax, cl
>      #C2, #08, #00            -- ret  8  -- pop 8 bytes off the stack
>     })
> 
> SHIFT_LEFT = define_c_func("", SHL_SPACE, {C_INT, C_INT}, C_INT)

Only if your CPU has a mechanism to block execution from a data area. And only
the very recent CPUs have such a mechanism. But that's an interesting and perhaps
disturbing thought, given your example.

--
tommy online: http://users.telenet.be/tommycarlier
tommy.blog: http://tommycarlier.blogspot.com
Euphoria Message Board: http://uboard.proboards32.com

new topic     » goto parent     » topic index » view message » categorize

3. Re: WinXP SP2 and inline machine code calling

Tommy Carlier wrote:
> 
> unknown wrote:
> > I  haven't  tried  SP2, and possibly never, but SP2 has Data Execution
> > Prevention <a href="http://fype.com/sp2dep">http://fype.com/sp2dep</a>
> > 
> > Will it be preventing this kind of code execution?
> > (because the code will be executed from data area, CMIIW)
> > 
> > 
> > (taken from bit.e)
> > poke(SHL_SPACE, {
> >      -- first int argument is at stack offset +4, 2nd int is at +8
> >      -- returns a *signed* 32-bit number
> >      #8B, #44, #24, #04,      -- mov  eax, [esp+4]
> >      #8A, #4C, #24, #08,      -- mov  cl,  [esp+8]
> >      #D3, #E0,                -- shl  eax, cl
> >      #C2, #08, #00            -- ret  8  -- pop 8 bytes off the stack
> >     })
> > 
> > SHIFT_LEFT = define_c_func("", SHL_SPACE, {C_INT, C_INT}, C_INT)
> 
> Only if your CPU has a mechanism to block execution from a data area. And only
> the
> very recent CPUs

I am getting a computer with one of these
(a replacement for my old laptop that ignited and HP won't fix it),
I'll test it.
Should be here early next month.

> have such a mechanism. But that's an interesting and perhaps disturbing
> thought, given your example.
> 
> --
> tommy online: <a
> href="http://users.telenet.be/tommycarlier">http://users.telenet.be/tommycarlier</a>
> tommy.blog: <a
> href="http://tommycarlier.blogspot.com">http://tommycarlier.blogspot.com</a>
> Euphoria Message Board: <a
> href="http://uboard.proboards32.com">http://uboard.proboards32.com</a>
>

new topic     » goto parent     » topic index » view message » categorize

Search



Quick Links

User menu

Not signed in.

Misc Menu