Simple Data Execution Prevention example code for Delphi

Question

For a test 'crash' I need a small piece of Delphi code to see how the operating system logs the DEP violation in the event log.

I have found many sources around activating DEP but not about how to 'trigger' a DEP violation.

Do you have an example?

---

Related question: https://serverfault.com/questions/130716/if-dep-has-stopped-an-app-is-there-a-possibility-to-see-this-events-in-a-log

Shows how a DEP vialotion should look like in the log

Answer 1

This code gets the job done:

procedure DoJump(Address: Pointer);
asm
  JMP    Address
end;

const
  X: Byte=$C3;//RET op code

procedure TriggerDEP;
begin
  DoJump(@X);
end;

In the generated executable, the location where X is stored is treated as data. As an alternative you could try executing code located on the stack:

procedure DoJump(Address: Pointer);
asm
  JMP    Address
end;

procedure TriggerDEP;
var
  X: Byte;
begin
  X := $C3;
  DoJump(@X);
end;

Both of these raise access violation exceptions when DEP is active.

If you need to make sure that DEP is active, for example from a 32 bit process where it is optional, call this function:

procedure EnableDEP;
const
  PROCESS_DEP_ENABLE: DWORD=$00000001;
var
  SetProcessDEPPolicy: function(dwFlags: DWORD): BOOL; stdcall;
begin
  SetProcessDEPPolicy := GetProcAddress(GetModuleHandle(kernel32), 'SetProcessDEPPolicy');
  if Assigned(SetProcessDEPPolicy) then begin
    SetProcessDEPPolicy(PROCESS_DEP_ENABLE);
  end;
end;