Can I code in the data segment ?

[maurizio]

I'd like to write statements in the .data portion of the program
(self modifying program)
but masm32 refuses to compile it

it complains with error A2006: undefined symbol : d1
BTW, where are documented the error codes ?
Regards
Maurizio

this is just a test :

.386

.model   flat, stdcall
option   casemap:none

include      windows.inc
include      kernel32.inc
include      user32.inc

includelib   user32.lib
includelib   kernel32.lib 

   .code
start:
   jmp   d1

stop:   push   0
   call    ExitProcess
   
   end    start
   
   
   .data
d1:   jmp   stop

[dedndave]

if you want to do it that way, you can probably get the address of the label in register, then "JMP reg" or "CALL reg" - never tried that
it is better to leave it in the code segment and get windows to let you modify it
one way is to create a thread - windows seems to allow modifying code in the thread, because your proc is the parent (i think that's right)
another way is to use VirtualProtect to change permission for the stretch of code you want to modify
still another way is to modify the segment attributes in the PE header, but that's not a very clean or secure method

[ToutEnMasm]

end    start     
    .data
d1:   jmp   stop

You can't add anything after "end start",there is no compile after that.
  :bg
Perhaps do you thing that nobodies view that you write code in data ?
recents modifies ,delet those littles things (not allowed to modify data in code)

[dedndave]

here's a working example...

http://www.masm32.com/board/index.php?topic=11541.120

[hutch--]

maurizio,

It can be done so the code actually is assembled into the data section but you cannot add it as mnemonics, you have to code it in hex then try and run it from the data label address. Now it used to work but DEP on later OS versions excluded code that is not in the code section and the exe/dll will not run. This was done to prevent stack buffer overrun exploits.

Where you use the .CODE or .DATA directives in MASM, everything is placed by the assembler in the appropriate section, even if they alternate back and forth.

[maurizio]

Thanks to all.
I'm just experimenting the idea of writing a forth-like elementary language.
My program should be able to generate and write executable instructions in the data segment,
and then execute them.
Would be helpful if part of such instructions (the fixed core) could be written directly as mnemonics
but this seems not possible.
However,this seems not entirely true
in the following program the compiler does not complains about mov eax,12345678h
but gives and error only on the SECOND Jump instruction (jmp l2)

error A2107: cannot have implicit far jump or call to near label

The first one (in the code section) is accepted.
If I comment the second jump instruction and I follow it with the debugger, I see that the jump
take place and the move instruction is executed.
(I have to compile with the /w option)

.386
.model   flat, stdcall
option   casemap:none

include      windows.inc
include      kernel32.inc

includelib   kernel32.lib

   .code
start:
   jmp   l1

l2:   invoke ExitProcess,NULL


   .data
l1   equ   $   
   mov   eax,12345678h
   jmp   l2


end   start

So this make me think that is possible to use mnemonics, but that jumps and calls
must be treated in some special ways.
about DEP, as default Window Xp protects only the system programs, and anyway there is the possibility
to add any program to an exception list.

Regards
Maurizio

[dedndave]

well, you need to select some better label names - lol
but, i don't understand why the code must be in the data segment

on a side-note, i was playing with some imperative type code also
the windows invoke convention may lend itself nicely in some cases
it gets a bit messy when using stored values as parameters, however

[japheth]

So this make me think that is possible to use mnemonics, but that jumps and calls
must be treated in some special ways.

Not really. It's kind of a Masm bug, but you can convince it to accept your code

Code Select Expand


   .code
start:
   jmp   l1

l2:   invoke ExitProcess,NULL


   .data
   assume cs:nothing
l1:
   mov   eax,12345678h
   jmp   near ptr l2



[dedndave]

but, does it actually put the code in the data segment ?

[maurizio]

I need to put the code in the data segment, because (apart a small 'core')
it must be generate dynamically.
I could reserve a big space in the code segment, But I think is better to allocate space dynamically
in medium-sized chunks, using VirtualAlloc and this is returned the data segment.

Thanks for the suggestions.

Regards.
Maurizio.

[hutch--]

Dynamic memory allocation and the use of VirtualProtect() to make that memory executable will solve that problem. Dynamically writing code has nothing to do with the .DATA section, it has to do with executing code that is placed in executable memory. DEP was designed to stop stack exploits which pushed code onto the stack then executed the stack address.

[dedndave]

yes VirtualProtect is what you need
i think i would use the HeapAlloc functions instead of the VirtualAlloc ones
VirtualAlloc clears the requested memory - slower

so basically:
allocate some memory
use VirtualProtect to set the attributes
write your code there
use CALL reg or JMP reg for direct branch
or use CALL [addr], JMP [addr] for indirect

VirtualProtect:
http://msdn.microsoft.com/en-us/library/aa366898(VS.85).aspx

protection constants (attributes):
http://msdn.microsoft.com/en-us/library/aa366786(VS.85).aspx

[Jimg]

wait...

It looks to me like he want to write masm code, not machine code into memory, expecting it to run.
Like an interpreter rather than an assembler/compiler.
I could be misinterpreting this however.

[dedndave]

yes - i got that impression, also
but, he really only provided "example" code
so, i didn't pursue it

in days of old, i mainly used self-modifying code to reduce size
in some instances, it can be used to enhance speed
with the size of memory and drives today, only the later justifies it now, i think
it is good to know how to do it, nonetheless