View Full Version : Anyone do Pascal?

13th June 2003, 01:25
If you do, I'd be grateful if you could let us know how & why this works:

Program SelfModify;

AnzNOPs = 10;

TTestProc = Procedure;

code : Pointer;
Run : TTestProc;
pb : ^Byte;
pw : ^Word Absolute pb;
i : LongInt;

GetMem(code, AnzNOPs + 7); {7 Bytes For proc header & end}
pb := code; {pb = ^start of routine to build}

pb^ := $55;
INC(pb); {push bp}
pw^ := $E589;
INC(pw); {mov bp,sp}
For i := 1 to AnzNOPs DO
pb^ := $90;
INC(pb); {nop's}
pb^ := $5D;
INC(pb); {pop bp}
pb^ := $CA;
pw^ := $0000; {retf 0}

WriteLN('Protected Mode');
code:= Ptr(Seg(code) + SelectorInc, Ofs(code)); {alias-selector}
WriteLN('Real Mode');

Run := TTestProc(code); {that's a Type-cast!}
Run; {call routine}

FreeMem(code, AnzNOPs + 7);
WriteLN('Alive and kicking!');

Mark Snowdon
13th June 2003, 16:13
I dont see why the pascal is important, this could be done in many languages. Is this turbo pascal / delphi ? I seem to remember that Borland used TT.... for their object model stuff but I dont know what other people used.

he is dynamically allocating memory, writing code into it (plus the return info) and then executing the code.

// alloc AnzNOPs + 7 bytes of memory and set ptr code to point to it
GetMem(code, AnzNOPs + 7); {7 Bytes For proc header & end

then a chunk of machine code gets written into the memory you just allocated. his comments tell you what the hex will actually do. bp is a pointer to byte, he steps through the memory a byte at a time (inc bp) writting values bp^=...

the real/dpmi mode is the processor/memory mode real is effectivly dos 640k etc protected mode is giving access to extended memory like any thing since the 286
pointers are different

think of Run as a pointer to a function, so cast code into a pointer to a fn, then call the function.

finally free the memory

13th June 2003, 18:27
cheers Mark. they dont make programming languages like they used to. try doing that in Java..hehe

13th June 2003, 20:30
I hate pascal.

This is not feature of Pascal but feature of assembly - they just patch up their own code with assembly that does nothing then returns. These days code segments are often read only and you can't overwrite it. It also degrades performance a lot, I dont know if you remember Wolf 3D but it run better on 286 than 386 specifically due to self modifiying code (textures were all converted into code) and this was not nice thing for 386.

anyway, Mark beaten me to it.