A word of warning, this is purely an “FYI” post that has very little to do with SDL policy!

I get this question, “How do I call various SDL-mandated APIs before my code starts?” about once a month, so I decided to write about it so I don’t have keep dragging up the same email over and over! The question roughly translates into “Can I call some setup code before main() starts?”

The answer is ‘yes’! But why would you want to do it? One reason is perhaps you want to call the SetProcessDEPPolicy API because you don’t have access to a compiler with the /NXCOMPAT option, or perhaps you want to call HeapSetInformation very early in your code because main() handles untrusted data. Or perhaps you want to create a library for your developers to link with and not require them to add new API calls to their code. But probably the most important reason is if you want to update many EXEs but don’t want to change the code, all you need to do is link with the OBJ file. That’s it!

Visual C++ allows you to define your own code sections that are called by the C startup runtime code prior to calling main(). The following code snippet could be compiled to a .OBJ and then linked with your C or C++ project and will call the SetProcessDEPPolicy API to set the NX bit on your process. You can add most any API in here.

static int __cdecl SDLSetup(void) {

 

       HeapSetInformation(NULL, HeapEnableTerminationOnCorruption, NULL, 0);

 

      

 

       HMODULE hmodKernel32 = GetModuleHandleW(L“KERNEL32.DLL”);

 

       BOOL (WINAPI *pfnSetProcessDEPPolicy)(DWORD);

 

       *(FARPROC *) &pfnSetProcessDEPPolicy

 

         = GetProcAddress(hmodKernel32, “SetProcessDEPPolicy”);

 

       if (pfnSetProcessDEPPolicy != 0)

 

         (*pfnSetProcessDEPPolicy)

 

              (PROCESS_DEP_ENABLE | PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION);

 

   return(0);

 

}

 

static __declspec(allocate(“.CRT$XIAA”)) int (__cdecl *pfnSDLSetup)(void)
       = &SDLSetup;