Simple code example to prevent data execution for Delphi

Question

Simple code example to prevent data execution for Delphi

For the crash test, I need a small piece of Delphi code to see how the operating system logs a DEP violation in the event log.

I found many sources about DEP activation, but not about how to “initiate” a DEP violation.

Do you have an example?

Related questions: https://serverfault.com/questions/130716/if-dep-has-stopped-an-app-is-there-a-possibility-to-see-this-events-in-a-log

Shows how Vialotion DEP should look in a log

+7

delphi data-execution-prevention

mjn Jun 21 '12 at 8:10

source share

1 answer

David heffernan · Accepted Answer · 2012-06-21T08:20:06+0000

This code does the job:

procedure DoJump(Address: Pointer); asm JMP Address end; const X: Byte=$C3;//RET op code procedure TriggerDEP; begin DoJump(@X); end;

In the generated executable, the place where X is stored is treated as data. Alternatively, you can try executing the code located on the stack:

 procedure DoJump(Address: Pointer); asm JMP Address end; procedure TriggerDEP; var X: Byte; begin X := $C3; DoJump(@X); end;

Both of these exceptions rule out access violation when DEP is active.

If you need to make sure that DEP is active, for example, from a 32-bit process, where it is optional, call this function:

 procedure EnableDEP; const PROCESS_DEP_ENABLE: DWORD=$00000001; var SetProcessDEPPolicy: function(dwFlags: DWORD): BOOL; stdcall; begin SetProcessDEPPolicy := GetProcAddress(GetModuleHandle(kernel32), 'SetProcessDEPPolicy'); if Assigned(SetProcessDEPPolicy) then begin SetProcessDEPPolicy(PROCESS_DEP_ENABLE); end; end;

Simple code example to prevent data execution for Delphi

More articles: