0

Recently I've been working on writing a compressor for graphing calculator programs, where space is minimal and the calculator OS doesn't care if you set the instruction pointer to an arbitrary address.

I implemented the basic DEFLATE and then tried to google for compression algorithms which might work better on executable code.

But here's my question: wouldn't any modern OS with DEP disallow a program to execute extracted code (at least not directly). So are all "packed executables" limited to unzipping data, or having an uncompressed interpreter run the extracted code, or something in between?

Akababa
  • 327
  • 3
  • 21
  • 1
    Normally self-extracting archives dump out their code on disk, then run that as a separate program. Extracting and executing code in the main process is, to say the least, problematic. It's the sort of thing malware and viruses do. – tadman Nov 07 '17 at 02:56

1 Answers1

2

wouldn't any modern OS with DEP disallow a program to execute extracted code (at least not directly)

Less-directly there is of course no problem. Even with W^X, the unpacker can simply write the code to writable memory, and only then turn it into executable memory.

Though on many operating systems, even with DEP support, a program is allowed to allocate memory that is both writable and executable. DEP does not stop you from doing things that you have the permission to do.

harold
  • 61,398
  • 6
  • 86
  • 164