Validating c++ member function pointer?

[Randor]

Hi,

Is there any concievable way to verify a pointer to a member function by inspecting the instructions NEAR the pointer address using inline assembly? The only other way I can think of is to check the address for a PAGE_EXECUTE or derivatives using VirtualQueryEx, but I would like to do some additional checking.

[Tedd]

Apart from checking that the memory page has exec access (which doesn't actually prove anything) there's little you can do to tell the difference.
The first instruction of many functions tends to be "push ebp" (55h), but it's by no means necessary -- finding one means it probably is the start of a valid function (given further checks to make sure,) but not finding one doesn't mean it isn't.
The first instruction of a function could conceivably be anything, which means almost any single byte, and then any bytes following that depending what that first instruction is. Even if you manage to write a full cpu simulator - how could you possibly tell the difference between valid code and data? There are odd tricks you could use to identify some cases where it most likely isn't, but I doubt you'd ever get it right every time (or even more often than simple checking for 55h)
You could try measuring the entropy of the first n bytes of the 'function' and see if that's within empirical limits, but that would probably still accept a large amount of organised data.