Self modifying code

[tekhead009]

Being my first post, I'll double this as as my introduction. I'm not sure if I should include some background information here, so I won't.

I had the idea create a program that modifies it's self while executing in memory. Unfortunetly, it crashes. I am programming in 32-bit / protected-mode, and I understand that if accessing memory outside of my allocated space I'll get a GPF. I am able to read the memory containing my executable code, but why am I not able to write if my program owns it?

Does anybdoy know the proper way to go about doing this?


Code Dump:                               (please excuse the goofy characters and spacing. It didn't copy-paste over well)

Code Select Expand


mov ECX,2
mov EDI,OFFSET loop1
mov ESI,0

loop1: mov AL,05h ;000000B0h,  00000005h
mov AL,BYTE PTR [EDI + ESI] ;Get the first byte
call WriteHex
inc ESI ;Get next byte
loop loop1

mov AL,BYTE PTR [EDI + 1] ;Get 05h
inc AL ;Increment it
mov BYTE PTR [EDI + 1],AL ;Place it back (CRASHING!)


[petezl]

I couldn't completely understand your code. If your trying to write to the code section then you need to CHMOD it to 777. Ie. RWE.
Peter.

[Mirno]

It's basic memory access protection under windows.
You need to either use VirtualProtect to allow write access, or to link specifying the code section as writeable.

Mirno

[sluggy]

tekhead009tekhead009,
can you tell us *why* you want to self modify your code?

[tekhead009]

Coolbeans, thanks. I'm under Windows so VirtualProtect should work.
If I were under a *nix CHMOD would only allow me to modify the file, not memory; correct?

"Can you tell us *why* you want to self modify your code?"

Yes, I wanted to know if it would work. When it didn't I was troubled. I might never have a reason to actually write a program which modifies itself; but "If a program can't rewrite its own code, what good is it?"

[Jimg]

Don't forget to do a FlushInstructionCache after the VirtualProtect.

As a soapbox item, I've always felt the difference between a real computer and a programmable calculator is the ability to change it's own code.  Often it's the only way to make the fastest, smallest code based on the conditions found.  And it's a lot of fun!

[P1]

"Can you tell us *why* you want to self modify your code?"

Yes, I wanted to know if it would work. When it didn't I was troubled. I might never have a reason to actually write a program which modifies itself; but "If a program can't rewrite its own code, what good is it?"

Not very much, with SP2 on XP, M$ took away a lot of techniques that virus writers used to compromise M$ software.

Did you know that, we have a lot of first time posters, who ask hacker/virus related questions, then just go away? 

I do hope you stick around.  It's funny to consider all the software I have written, I have never needed SMC to get anything done.  Though, I have seen one or two good uses, that I did not need.

Regards,  P1  :8)

[petezl]

Code Select Expand

If I were under a *nix CHMOD would only allow me to modify the file, not memory; correct?
Yes, of course, your absolutely right,  I do mix up sometimes... As Mirno said:

Code Select Expand

link specifying the code section as RWE
Peter.

[tekhead009]

I think I'll stick around for a little while, you people seem alright. Rarely have I posted to a coding fourm and recieved a quick, concise answer to my question much less had anybody stick around and post after I was satisfied with the answer given or figured things out on my own.

I am positive that I won't ever need to self-modify my code, but knowledge for the sake of knowledge never hurt. It was primarily a novel idea; especially since I've come to ASM from a VB world. I'm hitting that point in my self-study where I am able to try waundering outside of the books suggested workshops.

[P1]

TI glad you have decided to stick around.  We have something in common.  VB is the 'offical' company language of choice.  With me using ASM to solve other issues that are clumsy in VB.  Beside the bloatware issue that come with VB.

Regards,  P1  :8)