| Off Topic > Off Topic |
| Programming Megathread |
| << < (217/241) > >> |
| Nickelob Ultra:
|
| IkeTheGeneric:
Sounds about right |
| Metario:
yfw ProjectileData::onExplode keeps gunking up the project ur working on yfw badspot made the function so complicated it takes a lingustics major in gibberish just to understand it |
| FelipeO_O_:
--- Quote from: Metario on February 04, 2017, 05:04:58 PM ---yfw ProjectileData::onExplode keeps gunking up the project ur working on yfw badspot made the function so complicated it takes a lingustics major in gibberish just to understand it --- End quote --- for your sake bump |
| Meldaril:
A question about Windows ASLR for executables modules. Is the base address computed at module initialisation and cached? On a reboot will a new base address be computed for the module - again at initialisation? Or Is the base address hashed based on module attributes found in the PE header and the filesize? So that on a reboot, the base address is constant. My observation so far: Writing to an executable causes a new base address to be computed. This small position-independent assembly fragment jumps to the original entry point of an exectuble and solves ASLR. I wrote this originally in C++ and inline assembly but now it's an MASM file on its own. It's a nasty hackjob that I'm in the process of replacing with a runtime assembler engine. The stack stuff and conditional jumping was done in C++. It accesses the process-entry-block (PEB) via the file segment (FS) register. The PEB contains a linked list of all the loaded modules for a given process. It iterates through the loaded modules and compares each base address with a constant written into the assembly at runtime (the original entry point offset found within the PE header). I avoided using functions calls to any API to avoid having to rebuild the PE import table. Another terrible hack is the function pointer arithmetic I did to copy that entire procedure into an array. Using two functions pointers, you can get the size in bytes of function 'A' by subtracting the succeeding function, 'B'. Undefined/Unreliable compiler behavior at its best. --- Code: --- --- End code --- |
| Navigation |
| Message Index |
| Next page |
| Previous page |