On Tue, 31 Aug 1999 17:13:21 -0000, Crispin Cowan <crispinat_private> said: > Tobias Haustein wrote: > > I was about to write a > > binary translator, that reads an executeable, locates every function > > prolog and epilog, adds the nescessary code to detect buffer > > overflows, and writes a new version of the executeable. > > How do you make room for the extra code in prolog & epilog without re-linking > the entire program? The old-time IBM mainframe people would consider it a "piece of cake". Basically, you replace one instruction with a branch to your code stored someplace else, which would do your added code, then execute the replaced instruction, then branch back to the next original opcode. For example: old code: STM R2,R12,12(R13) L R5,24(,R1) ST R6,20(,R1) new code: STM R2,R12,12(R13) B 2400(,R15) -----> SR R2,R5 ST R6,20(,R1) <---+ MVI 36(R3),C'+' | L R5,24(,R1) +-- B 8(,R15) You get the idea. Of course, quite often you had to first perform *one* 'zap' to free up space inside the 4K-per-base-register restriction, and then a second 'zap' to put code into there. I've personally hacked up HMASPZAP jobs that would end up replacing 5 or 6 different patches of code, 20 to 30 bytes at a stretch. You would quite often find a string of 16 to 32 bytes of zeros at the end of a module, specifically intended for patch space. Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:03:41 PDT