[140] | 1 | #include <stdio.h> |
---|
| 2 | #include <stdlib.h> |
---|
| 3 | /* #include <unistd.h> */ |
---|
| 4 | /* #include <sys/mman.h> */ |
---|
| 5 | /* #include <errno.h> */ |
---|
| 6 | /* #include <string.h> */ |
---|
| 7 | |
---|
| 8 | #define SELF_CODE_MODIFYING 1 |
---|
| 9 | #define SELF_CODE_MODIFYING_ADDR 1 |
---|
| 10 | // 0 : with label in function |
---|
| 11 | // 1 : fixed |
---|
| 12 | |
---|
| 13 | |
---|
| 14 | #if SELF_CODE_MODIFYING |
---|
| 15 | static int self_code_modifying_nb_runs; |
---|
| 16 | extern char self_code_modifying_function_destination_start; |
---|
| 17 | extern char self_code_modifying_function_destination_end; |
---|
| 18 | extern char self_code_modifying_function_source_start; |
---|
| 19 | extern char self_code_modifying_function_source_end; |
---|
| 20 | |
---|
| 21 | int self_code_modifying_manage (int nb_runs); |
---|
| 22 | void self_code_modifying_function_source (void); |
---|
| 23 | void self_code_modifying_function_destination(void); |
---|
| 24 | |
---|
| 25 | int self_code_modifying(int nb_runs) |
---|
| 26 | { |
---|
| 27 | return self_code_modifying_manage(nb_runs); |
---|
| 28 | } |
---|
| 29 | |
---|
| 30 | int self_code_modifying_manage(int nb_runs) |
---|
| 31 | { |
---|
| 32 | |
---|
| 33 | // // Change the memory protection |
---|
| 34 | // unsigned page = (unsigned)&self_code_modifying_function_destination_start & ~( getpagesize() - 1 ); |
---|
| 35 | // |
---|
| 36 | // if( mprotect( (char*)page, getpagesize(), PROT_READ | PROT_WRITE | PROT_EXEC ) ) |
---|
| 37 | // { |
---|
| 38 | // perror( "mprotect failed" ); |
---|
| 39 | // exit( errno ); |
---|
| 40 | // } |
---|
| 41 | |
---|
| 42 | // First execution |
---|
| 43 | self_code_modifying_function_destination(); |
---|
| 44 | |
---|
| 45 | |
---|
| 46 | #if (SELF_CODE_MODIFYING_ADDR==0) |
---|
| 47 | int function_source_start = (int)&self_code_modifying_function_source_start ; |
---|
| 48 | int function_source_end = (int)&self_code_modifying_function_source_end ; |
---|
| 49 | int function_destination_start = (int)&self_code_modifying_function_destination_start; |
---|
| 50 | int function_destination_end = (int)&self_code_modifying_function_destination_end ; |
---|
| 51 | #elif (SELF_CODE_MODIFYING_ADDR==1) |
---|
| 52 | int function_source_start = 0x00400330; |
---|
| 53 | int function_source_end = 0x00400358; |
---|
| 54 | int function_destination_start = 0x0040036c; |
---|
| 55 | int function_destination_end = 0x004004d8; |
---|
| 56 | #else |
---|
| 57 | #error "Invalid SELF_CODE_MODIFYING_ADDR." |
---|
| 58 | #endif |
---|
| 59 | |
---|
| 60 | int size_source = function_source_end -function_source_start; |
---|
| 61 | int size_destination = function_destination_end-function_destination_start; |
---|
| 62 | |
---|
| 63 | printf(" * self_code_modifying_function_destination : %x to %x (%d bytes)\n",function_destination_start,function_destination_end,size_destination); |
---|
| 64 | printf(" * self_code_modifying_function_source : %x to %x (%d bytes)\n",function_source_start ,function_source_end ,size_source); |
---|
| 65 | |
---|
| 66 | if (size_destination<size_source) |
---|
| 67 | { |
---|
| 68 | printf("Size of destination is too short\n"); |
---|
| 69 | return 1; |
---|
| 70 | } |
---|
| 71 | |
---|
| 72 | printf(" * memcpy\n"); |
---|
| 73 | memcpy((void*)function_destination_start, (void*)function_source_start, function_source_end - function_source_start ); |
---|
| 74 | |
---|
| 75 | while (self_code_modifying_nb_runs<nb_runs) |
---|
| 76 | { |
---|
| 77 | self_code_modifying_function_destination(); |
---|
| 78 | } |
---|
| 79 | |
---|
| 80 | return 0; |
---|
| 81 | } |
---|
| 82 | |
---|
| 83 | void self_code_modifying_function_source(void) |
---|
| 84 | { |
---|
| 85 | int (*callPrintf )(const char *format, ...); |
---|
| 86 | |
---|
| 87 | asm volatile( "self_code_modifying_function_source_start:" ); |
---|
| 88 | |
---|
| 89 | (*(callPrintf=&printf))( " + self_code_modifying_function_source\n" ); |
---|
| 90 | self_code_modifying_nb_runs++; |
---|
| 91 | (*(callPrintf=&printf))( " + Number of call : %d\n",self_code_modifying_nb_runs); |
---|
| 92 | |
---|
| 93 | asm volatile( "self_code_modifying_function_source_end:"); |
---|
| 94 | } |
---|
| 95 | |
---|
| 96 | void self_code_modifying_function_destination(void) |
---|
| 97 | { |
---|
| 98 | int (*callPrintf )(const char *format, ...); |
---|
| 99 | |
---|
| 100 | asm volatile( "self_code_modifying_function_destination_start:"); |
---|
| 101 | |
---|
| 102 | (*(callPrintf=&printf))( " + self_code_modifying_function_destination\n" ); |
---|
| 103 | |
---|
| 104 | // Padding |
---|
| 105 | asm volatile (//".set push \n\t" |
---|
| 106 | //".set noreorder \n\t" |
---|
| 107 | //".set noat \n\t" |
---|
| 108 | "nop; nop; nop; nop; nop; nop; nop; nop;\n\t" |
---|
| 109 | "nop; nop; nop; nop; nop; nop; nop; nop;\n\t" |
---|
| 110 | "nop; nop; nop; nop; nop; nop; nop; nop;\n\t" |
---|
| 111 | "nop; nop; nop; nop; nop; nop; nop; nop;\n\t" |
---|
| 112 | "nop; nop; nop; nop; nop; nop; nop; nop;\n\t" |
---|
| 113 | "nop; nop; nop; nop; nop; nop; nop; nop;\n\t" |
---|
| 114 | "nop; nop; nop; nop; nop; nop; nop; nop;\n\t" |
---|
| 115 | "nop; nop; nop; nop; nop; nop; nop; nop;\n\t" |
---|
| 116 | "nop; nop; nop; nop; nop; nop; nop; nop;\n\t" |
---|
| 117 | "nop; nop; nop; nop; nop; nop; nop; nop;\n\t" |
---|
| 118 | "nop; nop; nop; nop; nop; nop; nop; nop;\n\t"); |
---|
| 119 | |
---|
| 120 | asm volatile( "self_code_modifying_function_destination_end:"); |
---|
| 121 | } |
---|
| 122 | |
---|
| 123 | #else |
---|
| 124 | |
---|
| 125 | int self_code_modifying(int nb_runs) |
---|
| 126 | { |
---|
| 127 | return 0; |
---|
| 128 | } |
---|
| 129 | |
---|
| 130 | #endif |
---|