Hello forks,

Please tell me how to modify myself by myself when running.
And I have related questions.

Q1. In a following code fragment, p is not equal to func while ps is. Why?
Q2. On a third line of the code, an access violation occurs. How one can accomplish this, i.e. modify a part of code?

Thank you.
uwata

# I use Visual C++ 6.0, Windows 2000 and XP


static void sfunc()
{
}

void func()
{
}

void test()
{
    BYTE *ps = (BYTE*)sfunc;
    BYTE *p = (BYTE*)func;
    ps[0] = 0;
    p[0] = 0;
}

Posted on 2006-03-07 23:09:11 by uwata
If you mean "how to allow code to modify itself" then look at the function called VirtualProtect. The code segment has been marked in memory (during loading) as being "executable and readable, but not writable". You need to change the 'page permissions' for the region of memory you wanna be able to Write to..

As for the C question, you are defining Pointers (indicated by the *) to the two Functions, but you are then attempting to store those Pointers in BYTE variables.
Know that Pointers are 32bits in size, and will require DWORD sized variables to hold them.

What's happening at the moment is that you are trying to fit two dwords into a place big enough for two bytes.. not only are we writing to memory outside of our defined space, but the second Pointer is overwriting the first one.

Posted on 2006-03-07 23:49:18 by Homer
Thank you for your advice.


You need to change the 'page permissions' for the region of memory you wanna be able to Write to..

Currently, I have no skill around this matter. Is there any good book for me to do this?


As for the C question, you are defining Pointers (indicated by the *) to the two Functions, but you are then attempting to store those Pointers in BYTE variables.

I think both "ps" and "p" are 32 bit pointer variables pointing to 8 bit variables.   
Posted on 2006-03-08 00:26:16 by uwata
Look up the Win32 api function called "VirtualProtect", you use this function to change page permissions. Hand it the address of (ie a pointer to) the beginning of the code target area, and tell it how much memory to unprotect. Usually I just change the page protection to READ/WRITE/EXECUTE.
I'm not a C coder, but I thought when you specify a type before a variable name that you are typecasting the variable. It looks to me like you are recasting the bytepointer variable as being of byte size itself :)
Posted on 2006-03-08 01:20:42 by Homer
Thank you for your advice.


Look up the Win32 api function called "VirtualProtect", you use this function to change page permissions.


Your advice was very usefull for me. The bothering problem has been solved perfectly.


static void sfunc()
{
}

void test()
{
    BYTE *ps = (BYTE*)sfunc;

    DWORD flNewProtect = PAGE_EXECUTE_READWRITE; // ?????????????
    DWORD OldProtect = 0;
    BOOL b = ::VirtualProtect(ps, 1024, flNewProtect, &OldProtect);

    ps[0] = 0;

    if( b )
    {
        DWORD OldProtect2 = 0;
        b = ::VirtualProtect(ps, 1024, OldProtect, &OldProtect2);
    }
}

Posted on 2006-03-08 10:50:43 by uwata
If you do a lot of modification, you can also mark your code sections (usually .text) as writable when you link - "link blabla /section:.text,rew" (read, execute, write). If you just need a few modifications, VirtualProtect is cleaner - especially if you remove Writable after you're done writing.
Posted on 2006-03-16 06:55:09 by f0dder
Oh, thank you for your advice.
It becomes my new usefull knowledge.


... when you link - "link blabla /section:.text,rew" (read, execute, write).


Posted on 2006-03-19 07:18:41 by uwata
The casting is correct. C just needs to know what the pointer is pointing to; as soon as there is a '*' in the type it becomes a pointer type (32-bits for 32 bit system) ;)
Posted on 2006-03-25 23:04:42 by zooba