We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you two Citrix podcasts. Learn about 2020 trends and get answers to your biggest Citrix questions!Listen Now

x

Self-modifying code in Win32

Shrif
Shrif asked
on
Medium Priority
1,002 Views
Last Modified: 2013-12-03
In Win16, one used PrestoChangoSelector() to convert a DS segment into a CS segment and then run code that's constructed at runtime.  This was done by loader applications that: 1) allocated memory, 2) loaded a binary image into the memory, and 3) executed the contents of the memory.  How does one do something like this from a Win32 program.I'm trying to do the following.  I have an application which has a scripting subsystem.  I want to add the functionality of Visual Basic's "AddressOf" operator -- basically on-the-floy Callback's.  AddressOf is a function returns a "void*" to a newly defined callback.  I basically need to be able to create a "Thunk" the way MakeProcInstance worked in Win16.Anyone have a clue on how to do this from a straight Win32program?
Comment
Watch Question

Have you tried using a function referance to a memoty area that was new'd (malloc'ed) and in which you have constructed/loaded the binary code?

The pointer referance could be defined as a Callback function pointer to this memory area.
Commented:
Here's a way:
1. use VirtualAlloc to allocate memory
2. load your code image into this memory
3. patch your code
4. use VirtualProtect to change memory to executable
5. call FlushInstructionCache(). I think this step is optional
6. run your code

Sadly, Win95 doesn't support writable-and-runnable memory block at the same time. This means your code cannot modify
itself when it's running. You must exit from it, call VirtualProtect(), then repeat step 3-6.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
byang, if what you say works, then I will accept the answer.However, before I give you the A grade, could you explain something to me that you said in your answer that I do not understand.  "Sadly, Win95 doesn't support writable-and-runnable memory block at the same time. This means your code cannot modify
itself when it's running. You must exit from it, call VirtualProtect(), then repeat step 3-6.
"What do you mean by I must exit from "it".  What is "it"?  Exit Windows 95?  Exit my application?Can you give me the steps that I should do in Windows 95?  

Commented:
By "it" I mean the block of code you want to modify. It cannot modify itself in Win95. In DOS, you can do something like this:

label0: mov ax,1234h ;will be self-modified here
           ;... more code
           mov word ptr cs:[label0+1],bx ;self-modify
           loop label0

This is not possible (at least not easily possible) in Win95. To do it, the cs segment must be readable, writable, and executable. Win95 does not support all three attribute at the same time. So the code above would cause an access violation.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.