Can you directly write machine code into the code segment of a running application?

not under windows, i don't know if it works under linux

Why?

You can in windows. I think the 2.6 Linux kernel has an option to disallow it, but in windows you can. It's done when hooking API calls - you actually replace a piece of code from the windows DLLs.

Now the application change its own code... :)

When I last tried it under W2K, he didn't allow it... how do you do it?

Oops. I just checked my previous post. It really should be:


Now can the application change its own code...

If not, you can always allocate some memory with execute rights using VirtualAlloc and write your code there.

I am using NASM, and I do not have VirtualAlloc. Where can I get that macro (or call or whatever) from?

It's a WinAPI call in kernel32.dll.

If you're programming for DOS, you'll have to look up the various INT21h functions to find out how to allocate memory. DOS gives no restrictions at all on what code is accessible how.

In UNIX, you'll have to look it up too.

Excuse my ignorance, but is that the same dll that is included in MSVC++?

It's one of the core dlls of windows, so it doesn't need to come with MSVC++.

Where could I find information on kernel32.dll?

In the SDK docs and with Dependency Viewer (a tool that comes with the SDK and is AFAIK also on the WinXP CD).