Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Simple Data Execution Prevention example code for Delphi

Tags:

delphi

data-execution-prevention

For a test 'crash' I need a small piece of Delphi code to see how the operating system logs the DEP violation in the event log.

I have found many sources around activating DEP but not about how to 'trigger' a DEP violation.

Do you have an example?

Related question: https://serverfault.com/questions/130716/if-dep-has-stopped-an-app-is-there-a-possibility-to-see-this-events-in-a-log

Shows how a DEP vialotion should look like in the log

like image 265
mjn Avatar asked Jun 21 '12 08:06

mjn

People also ask

Should I turn on DEP for all programs?

Turning off the DEP is not recommended. DEP automatically monitors essential Windows programs and services. You can increase your protection by having DEP monitor all programs. First, see if a DEP-compatible version of the program is available by visiting the software publisher's website.

Does DEP affect performance?

It means that the majority of your programs will be ignored by DEP. But if DEP helps protect the computer and it doesn't have a performance hit, you may want to select Turn on DEP for all programs except those that I select. Then if you find a program that has a problem with DEP, we can add it as an exception.

1 Answers

This code gets the job done:

procedure DoJump(Address: Pointer);
asm
  JMP    Address
end;

const
  X: Byte=$C3;//RET op code

procedure TriggerDEP;
begin
  DoJump(@X);
end;

In the generated executable, the location where X is stored is treated as data. As an alternative you could try executing code located on the stack:

procedure DoJump(Address: Pointer);
asm
  JMP    Address
end;

procedure TriggerDEP;
var
  X: Byte;
begin
  X := $C3;
  DoJump(@X);
end;

Both of these raise access violation exceptions when DEP is active.

If you need to make sure that DEP is active, for example from a 32 bit process where it is optional, call this function:

procedure EnableDEP;
const
  PROCESS_DEP_ENABLE: DWORD=$00000001;
var
  SetProcessDEPPolicy: function(dwFlags: DWORD): BOOL; stdcall;
begin
  SetProcessDEPPolicy := GetProcAddress(GetModuleHandle(kernel32), 'SetProcessDEPPolicy');
  if Assigned(SetProcessDEPPolicy) then begin
    SetProcessDEPPolicy(PROCESS_DEP_ENABLE);
  end;
end;
like image 146
David Heffernan Avatar answered Sep 29 '22 11:09

David Heffernan
Sign in to Comment

Related questions

How can I sort a TList in Delphi on an arbitrary property of the objects it contains?
Example of Delphi refactoring involving data aware controls and datamodules with direct access to db tables
Cyrillic domain name
Is it possible to debug a C++builder dll from Delphi if I have the dll sourcecode?
A kinder way than TerminateProcess?
How to Remove exponent from formatted float in Delphi
Delphi SOAP arrays problem
How to turn on/off the monitor(s)?
Firemonkey - use HD or 3D?
How do I make a StringGrid's columns fit the grid's width?
In Delphi XE2 FireMonkey - How do i change the color of a button after pressing it
How to get current bandwidth (download) speed ?
Code against an interface with TStrings and TStringList
Can I directly add record as object in stringlist?
How can you get hints for cells in a TStringGrid appearing more smoothly?
Converting a GCC inline assembler to delphi inline assembler
Using WebKit (Safari compatible) in delphi to simulate iPhone mobile
Using the TEdit context menu for TRichEdit
Delphi: JSON array
Should instance/class fields be prefixed in Delphi? [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!