OpenEuphoria

1. Re[2]: WinXP SP2 and inline machine code calling

• Posted by akusaya at gmx.net Sep 15, 2004
• 411 views

However on the MS site it says:

Software-enforced DEP

An additional set of data execution prevention security checks have
been added to Windows XP SP2. These checks, known as software-enforced
DEP, are designed to mitigate exploits of exception handling
mechanisms in Windows. Software-enforced DEP runs on any processor
which is capable of running Windows XP SP2. By default,
software-enforced DEP only protects limited system binaries,
regardless of the hardware-enforced DEP capabilities of the processor.


So without the new CPU, just using winxpsp2 it will be blocked?

How is it, Rob?

T> posted by: Tommy Carlier <tommy.carlier at telenet.be>

T> unknown wrote:
>> I  haven't  tried  SP2, and possibly never, but SP2 has Data Execution
>> Prevention <a
>> href="http://fype.com/sp2dep">http://fype.com/sp2dep</a>
>> 
>> Will it be preventing this kind of code execution?
>> (because the code will be executed from data area, CMIIW)
>> 
>> 
>> (taken from bit.e)
>> poke(SHL_SPACE, {
>>      -- first int argument is at stack offset +4, 2nd int is at +8
>>      -- returns a *signed* 32-bit number
>>      #8B, #44, #24, #04,      -- mov  eax, [esp+4]
>>      #8A, #4C, #24, #08,      -- mov  cl,  [esp+8]
>>      #D3, #E0,                -- shl  eax, cl
>>      #C2, #08, #00            -- ret  8  -- pop 8 bytes off the stack
>>     })
>> 
>> SHIFT_LEFT = define_c_func("", SHL_SPACE, {C_INT, C_INT}, C_INT)

T> Only if your CPU has a mechanism to block execution from a data
T> area. And only the very recent CPUs have such a mechanism. But
T> that's an interesting and perhaps disturbing thought, given your
T> example.