Re: Jumping into middle of instruction

On Thu, 28 Feb 2008 15:59:56 +0100, "Wolfgang Kern"
<spamtrap@xxxxxxxxxx> wrote:


Bob Masta wrote:

mybwpp asked:

Can we categorize this technique of jumping into middle of
instructions, as 'self modifying code'?
No, SMC is a different story.
start:
; this works only in true RealMode!
cmp al,80h
jns L1:
mov word CS:[L2],9090h ;two NOPs
L1:
... ;put some code in here to avoid prefetched remains
mov ax...
add ax,cx
L2:
JC L3 ;this two bytes may become NOPS
...

How does Real Mode make a difference here?

You can't direct write to CodeSeg in protected mode.

That may be true in some sense, but not as a practical
matter... it is easy to create apps with combined code+data
that allow you to write anywhere in your own program space.
I use a .data? (BSS) section for uninitialized data and a
...code section for everything else. The linker needs to have
/SECTION:.text,ERW to handle this properly.

Self-modifying code seems to have a bad name, but it
shouldn't. Think about how you would do self-decryption
without it!

Best regards,


Bob Masta

DAQARTA v3.50
Data AcQuisition And Real-Time Analysis
www.daqarta.com
Scope, Spectrum, Spectrogram, FREE Signal Generator
Science with your sound card!

.