Extra space at the beginning/end of .text section

问题

I'm looking for a way to reserve some extra space at the begining/end of the .text section from C/C++ using Visual Studio compiler.

I've only found one solution on how to reserve some extra space in code section in Visual Studio: PE File .text Section Size

#pragma optimize( "", off )
#define NOP __asm { NOP } ;
#define NOP8 NOP NOP NOP NOP NOP NOP NOP NOP
#define NOP64 NOP8 NOP8 NOP8 NOP8 NOP8 NOP8 NOP8 NOP8 
#define NOP512 NOP64 NOP64 NOP64 NOP64 NOP64 NOP64 NOP64 NOP64
#define NOP4096 NOP512 NOP512 NOP512 NOP512 NOP512 NOP512 NOP512 NOP512
#define NOP32768 NOP4096 NOP4096 NOP4096 NOP4096 NOP4096 NOP4096 NOP4096 NOP4096
void unused_global() { NOP32768 }
#pragma optimize( "", on )

int main() {
   [...]
   unused_global(); // <-- Without this call, compiler doesn't include `unused_global` inside .text section
}

The problems with this solution are:

It requires a direct call to this function. This of course will break the application logic.
It doesn't guarantee that unused_global function will be placed at the end/beginning of the .text section.
It is quite aweful so I would love to hear a cleaner solution

Update

I've found a solution for 1) problem. Again it is an awefull hack:

int main() {
    volatile bool force_false = false;
    if (force_false) unused_global();
}

回答1:

With VS 2019 the following reserves 4K at the beginning and end of the code segment, respectively.

#pragma section(".constext", read)
#pragma section(".xonstext", read)
#pragma comment(linker, "/merge:.constext=.text")
#pragma comment(linker, "/merge:.xonstext=.text")

extern "C" __declspec(allocate(".constext")) const char before[0x1000]{ __COUNTER__ };
extern "C" __declspec(allocate(".xonstext")) const char after[0x1000] { __COUNTER__ };

int main()
{
    return before[0] + after[0] - 1;
}

The mapfile confirms the placement.

Preferred load address is 00400000

Start         Length     Name                   Class
0001:00000000 00001000H .constext               CODE
0001:00001000 00000bc8H .text$mn                CODE
0001:00001bc8 00001000H .xonstext               CODE
0002:00000000 000000b4H .idata$5                DATA
[...]

 Address         Publics by Value              Rva+Base       Lib:Object
[...]
0001:00000000       _before                    00401000     constext.obj
0001:00001000       _main                      00402000 f   constext.obj
[...]
0001:00001bc8       _after                     00402bc8     constext.obj
0002:00000000       __imp__SetUnhandledExceptionFilter@4 00404000     kernel32:KERNEL32.dll
[...]

Rather curiously, the optimized compile recognizes the return from main as a plain 0 but does not cause the dummy arrays references to be optimized away.

PUBLIC  _main
;       COMDAT  _main
_TEXT   SEGMENT
_main   PROC    ; COMDAT
; 14   :        return before[0] + after[0] - 1;
        xor     eax, eax
; 15   : }
        ret 0
_main   ENDP
_TEXT   ENDS

来源：https://stackoverflow.com/questions/61990687/extra-space-at-the-beginning-end-of-text-section

标签

c++

visual-studio

code-injection

portable-executable

sections