OpenEuphoria

1. RE: Re[2]: WinXP SP2 and inline machine code calling

• Posted by Brian Broker <bkb at cnw.com> Sep 15, 2004
• 398 views

akusaya wrote:
> 
> 
> However on the MS site it says:
> 
> Software-enforced DEP
> 
> An additional set of data execution prevention security checks have
> been added to Windows XP SP2. These checks, known as software-enforced
> DEP, are designed to mitigate exploits of exception handling
> mechanisms in Windows. Software-enforced DEP runs on any processor
> which is capable of running Windows XP SP2. By default,
> software-enforced DEP only protects limited system binaries,
> regardless of the hardware-enforced DEP capabilities of the processor.
> 
> 
> So without the new CPU, just using winxpsp2 it will be blocked?
> 
> How is it, Rob?
> 
> T> posted by: Tommy Carlier <tommy.carlier at telenet.be>
> 
> T> unknown wrote:
> >> I  haven't  tried  SP2, and possibly never, but SP2 has Data Execution
> >> Prevention <a
> >> href="http://fype.com/sp2dep">http://fype.com/sp2dep</a>
> >> 
> >> Will it be preventing this kind of code execution?
> >> (because the code will be executed from data area, CMIIW)
> >> 
> >> 
> >> (taken from bit.e)
> >> poke(SHL_SPACE, {
> >>      -- first int argument is at stack offset +4, 2nd int is at +8
> >>      -- returns a *signed* 32-bit number
> >>      #8B, #44, #24, #04,      -- mov  eax, [esp+4]
> >>      #8A, #4C, #24, #08,      -- mov  cl,  [esp+8]
> >>      #D3, #E0,                -- shl  eax, cl
> >>      #C2, #08, #00            -- ret  8  -- pop 8 bytes off the stack
> >>     })
> >> 
> >> SHIFT_LEFT = define_c_func("", SHL_SPACE, {C_INT, C_INT}, C_INT)
> 
> T> Only if your CPU has a mechanism to block execution from a data
> T> area. And only the very recent CPUs have such a mechanism. But
> T> that's an interesting and perhaps disturbing thought, given your
> T> example.
> 

No need to panic, folks.  This still works just fine...

-- Brian