benefits of using EncodePointer/DecodePointer

Question

What is the benefits of using EncodePointer / DecodePointer in Windows?

MSDN say:
Encoding globally available pointers helps protect them from being exploited. The EncodePointer function obfuscates the pointer value with a secret so that it cannot be predicted by an external agent. The secret used EncodePointer is different for each process.

Now question is: If the attacker is outside of my program, then its address space is different from my address space, so an address in my app is not usable for it. and if it can execute a code in my address space it can call DecodePointer and use that address to call encoded pointer.

So what is the usage of this functions and how they help me with increased security?

Answer 1

You are missing the intention, EncodePointer() protects against malicious data. Before malicious code can become harmful it needs to start running first. Basic ways to get that done is by overwriting the return address of a function call or by overwriting a function pointer. The program itself now activates the code by respectively returning from the function or calling through the function pointer. EncodePointer protects a function pointer, there isn't any way for the attacker to guess how to encode the data he writes so that after the program's DecodePointer() call it still points to his code.

Data cannot call EncodePointer.