如何编写自修改代码ic C? [英] How can I write a Self-Modifying code ic C?

问题描述

我需要一个用C语言编写的示例自我修改"代码，您可以在此链接中找到有关自我修改"的更多说明:
http://en.wikipedia.org/wiki/Self-modifying_code [

I need a sample "Self-Modifying" code in C language, you can find more description about "Self-Modifying" in this link:
http://en.wikipedia.org/wiki/Self-modifying_code[^]

推荐答案

为什么你想要?通常这是一个非常糟糕的主意-我只能想到三种情况，当我编写过自我修改的代码，而事实证明，在维护这些代码时，它们都不值得他们节省下来的钱.所有这些都在汇编器中.
在C语言中，要做起来要困难得多:大多数编译器将代码加载到程序段中，这是只读的，因此无法进行自我修改.另外，您可能(可能)必须以机器代码的形式修改代码(以使您可以随意更改编译器)或作为C源代码进行重新编译和重新加载.讨厌.

除非有很好的理由(我怀疑没有理由)，否则不要这样做.

Why would you want to? It is generally a very bad idea - I can only think of three occasions when I have ever written self-modifying code and they have all proved to be not worth the savings they made, when it came to maintaining them. All of these were in assembler.
In C it is a lot harder to do: the code is loaded into a program segement by most compilers, which is read-only so self-modification is not possible. In addition, you would (probably) have to either modify the code in machine code form (so you are at the mercy of compiler changes) or as C source and re-compile and reload. Nasty.

Unless there is a very good reason (and I suspect there isn''t) don''t do it.

我们知道什么是自修改代码，不是在C中可能.

0)每个编译器都会生成稍微不同的源代码二进制表示形式(即使在同一编译器的版本之间也是如此).

1)您将不得不在内存中反汇编代码，然后修改汇编代码，然后以某种方式将其注入到正在运行的应用程序中，然后在适当的位置跳转到新代码.

2)函数指针是您所希望的最好的指针，即使在编译代码后，它们也是静态的.我想您可以创建一个函数指针，该函数指针跳到当前代码之外，并在当前正在运行的应用程序之外执行其他代码，但这太接近了以至于故意损害所讨论系统的安全性，这就是我所怀疑的您正在尝试完成.

We know what self-modifying code is, and it''s not possible in C.

0) Each compiler generates a slightly different binary representation of the source code (even between versions of the same compiler).

1) You would have to disassemble the code - in memory - and then modify the assembly code, and then somehow inject it back into the running application, and then jump to the new code at the appropriate position.

2) Function pointers is the best you can hope for, and even those are static once you compile the code. I suppose you could create a function pointer that jumps outside of the current code and executes other code outside of the currently running application, but that''s too close to deliberate comprimise of the security of the system in question, which is what I suspect you''re trying to accomplish.

这取决于您所说的"C".如果您指的是它的任何具体实现，则其中的相关部分是内联汇编程序.如果您指的是标准C或语言方言的任何其他常见子集，并指的是便携式代码，那么内联汇编程序和我的其余帖子当然是无关紧要的..

使用其称为内联汇编器的功能( http://en.wikipedia.org/wiki /Inline_assembly [ ^ ]).

就像汇编语言一样，任何人都可以尝试纠正CPU可以完成的任何事情，问题就变成了问题:原则上编写自修改代码是可能的.

答案是:这取决于CPU和操作系统内核的类型.

要查看此活动的一些示例: http://stackoverflow. com/questions/4812869/how-to-write-self-modifying-code-in-x86-assembly [ http://asm.sourceforge.net/articles/smc.html [ ^ ]， http://www.programmingforums.org/post205520.html [< ^ ].

我曾经使用内联汇编器(以及独立的汇编器)在MS-DOS中编写自修改代码，没有很多问题.该系统使用x86 CPU的实模式(或原则上不具有保护模式的CPU). Windows 95/98也有可能.

借助英特尔CPU的实模式，可以防止某些代码段永远永久地写入内部CPU保护环中的代码.通过在外环中运行的代码来保护所有可执行段不被写入变得更加容易.这样，只有系统内核才能创建和/或修改内存的可执行段.

坦率地说，现有的现代操作系统的现实情况仍然对我开放.

我已经尝试在现代的基于NT的Windows或Linux中执行此操作.我只是尝试对真正存在的功能所占用的内存进行幼稚的写操作.如我所料，它将导致异常访问冲突写入位置…".但是，这不是访问内存的唯一方法.更高级的方法是尝试创建一个指向相同线性内存位置的 alias 存储段，并为其提供读/写访问权限.在OS API级别上，可能的利用之一可能是将具有I/O访问映射的文件写入到受保护的内存位置.可以将操作系统设计为完全不受所有此类攻击的侵害. 我没有关于现实情况的可靠信息.即使开发商用OS的团队可以知道这种漏洞，但我还是希望将其作为最高机密. br/>
关于自我修改代码，请阅读 http://en.wikipedia.org/wiki/Self-modifying_code#Operating_systems [^ ].

在保护模式下，请参见 http://en.wikipedia.org/wiki/Protected_mode [

It depends what you call "C". If you mean any of its concrete implementation, a relevant part of it is inline assembler. If you mean standard C or any other common sub-set of the language dialects and mean portable code, inline assembler and the rest of my post is of course irrelevant.

Writing a self-modification code in C would be quite possible using its feature called inline assembler (http://en.wikipedia.org/wiki/Inline_assembly[^]).

As with assembly language anyone can try to right anything which can be done with the CPU, the question is reduced to the question: is writing a self-modifying code possible in principle.

The answer is: it depends on the type of the CPU and operating system kernel.

To see some examples of this activity: http://stackoverflow.com/questions/4812869/how-to-write-self-modifying-code-in-x86-assembly[^], http://asm.sourceforge.net/articles/smc.html[^], http://www.programmingforums.org/post205520.html[^].

I used to write self-modifying code in MS-DOS using inline assembler (as well as the stand-along Assembler) without much problems. This system uses real-mode of x86 CPUs (or CPUs not having protected mode in principle). It was also possible with Windows 95/98.

With the real-mode of Intel CPU, it is possible to guard some segment of code from writing forever, oven for the code in inner CPU protection ring. It''s even easier to protect all executable segments from writing by the code running in outer rings. In this way, only the system kernel can create and/or modify executable segments of memory.

Franky, the real-life situation with existing modern operating systems remains open to me.

I''ve tryied to do this in modern NT-based Windows or Linux. I just tried a naive write into a memory occupied by really existing function. As I much expected, it causes exception "Access violation writing location…". However, this is not the only way to access memory. More advanced way is an attempt to create an alias memory segment pointing to the same linear memory location and give it read/write access. At the level of OS API, one of the possible exploits can be writing a file with I/O access mapping to the protected memory location. The OS could be designed totally protected from all such exploits. I don''t have reliable information on the real-life situation. Even if vulnerability of this kind could be known to the team developing a commercial OS, I would expect it is kept as top secret.

About self-modifying code, read http://en.wikipedia.org/wiki/Self-modifying_code#Operating_systems[^].

On protected mode, see http://en.wikipedia.org/wiki/Protected_mode[^].

I agree with Griff and John on the practical applicability of the concept of self-modifying code. I think OS should provide 100% protection (for the CPU allowing such protection) from any attempts to modify executable code in memory and leave no back doors for any code.

—SA

这篇关于如何编写自修改代码ic C?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！