Thread: Arbitrary Code Execution

  1. #1
    Amazingly beautiful user.
    Join Date
    Jul 2005
    Location
    If you knew I'd have to kill you
    Posts
    254

    Arbitrary Code Execution

    I'm not looking to execute arbitrary code in someone else's program. Instead, I'm trying to create a runtime compiler, that generates code, and then transfers execution to it. I'll probably look at various assemblers to figure out what instructions to generate, etc.,
    but once I have everything in memory, is there a way I can transfer execution to the location of a pointer in C or C++?

    Just FYI, I don't care if its x86 specific, because even if the method is not, the code I generate will be.
    Programming Your Mom. http://www.dandongs.com/

  2. #2
    Officially An Architect brewbuck's Avatar
    Join Date
    Mar 2007
    Location
    Portland, OR
    Posts
    7,396
    Quote Originally Posted by CrazyNorman View Post
    I'm not looking to execute arbitrary code in someone else's program. Instead, I'm trying to create a runtime compiler, that generates code, and then transfers execution to it. I'll probably look at various assemblers to figure out what instructions to generate, etc.,
    but once I have everything in memory, is there a way I can transfer execution to the location of a pointer in C or C++?
    Cast the address to an appropriate function type and call through the pointer. The machine code will have to comprehend C calling conventions in order to handle the stack properly.

    Code:
    typedef void (*machine_func)();
    machine_func f = (machine_func)some_address;
    f();

  3. #3
    Amazingly beautiful user.
    Join Date
    Jul 2005
    Location
    If you knew I'd have to kill you
    Posts
    254
    Thanks. Just what I was looking for.
    Programming Your Mom. http://www.dandongs.com/

  4. #4
    Officially An Architect brewbuck's Avatar
    Join Date
    Mar 2007
    Location
    Portland, OR
    Posts
    7,396
    Quote Originally Posted by CrazyNorman View Post
    Thanks. Just what I was looking for.
    Be aware that on many platforms, memory which is marked as "data" is not executable, so your program may crash when you try to call your dynamically generated code. You have to learn how to configure a block of memory to allow execution, however that is done on your particular platform.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Proposal: Code colouring
    By Perspective in forum A Brief History of Cprogramming.com
    Replies: 28
    Last Post: 05-14-2007, 07:23 AM
  2. Values changing without reason?
    By subtled in forum C Programming
    Replies: 2
    Last Post: 04-19-2007, 10:20 AM
  3. Updated sound engine code
    By VirtualAce in forum Game Programming
    Replies: 8
    Last Post: 11-18-2004, 12:38 PM
  4. delay code
    By Grayson_Peddie in forum C# Programming
    Replies: 2
    Last Post: 07-15-2003, 11:02 AM
  5. Interface Question
    By smog890 in forum C Programming
    Replies: 11
    Last Post: 06-03-2002, 05:06 PM