Set PE flags
You can use {$SetPEOptFlags $40} to set the DEP flag, and {$SetPEOptFlags $100} to set the ASLR flag. To set both use {$SetPEOptFlags $140}.
If you have a version of Delphi with the necessary definitions in the Windows.pas unit you can use the much more readable:
{$SetPEOptFlags IMAGE_DLLCHARACTERISTICS_NX_COMPAT or
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE }
Typically you include the $SetPEOptFlags setting in the .dpr file. And so you need to make sure that Windows is in the .dpr file uses clause for these IMAGE_XXX constants to be available.
Set DEP policy at runtime
For versions that don't support PE flag based approaches you can call this function early in your app's initialization:
procedure EnableDEP;
const
PROCESS_DEP_ENABLE: DWORD=$00000001;
var
SetProcessDEPPolicy: function(dwFlags: DWORD): BOOL; stdcall;
begin
SetProcessDEPPolicy := GetProcAddress(GetModuleHandle(kernel32),
'SetProcessDEPPolicy');
if Assigned(SetProcessDEPPolicy) then begin
//don't bother checking for errors since we don't need to know if it fails
SetProcessDEPPolicy(PROCESS_DEP_ENABLE);
end;
end;
This will work for any version of Delphi.
You cannot set the ASLR flag at runtime since it influences how the module is loaded. So ASLR can only be set using PE flags.
Modifying PE flags for very old versions of Delphi
Older versions of Delphi do not support $SetPEFlags and $SetPEOptFlags. For such versions you need to use an external tool to modify the executable post-build. When I originally wrote this answer I assumed that EDITBIN from the MS toolchain would do the job. For DEP it will suffice, using the /NXCOMPAT option. For ASLR you will need to use a different PE flag editor. My websearch revealed peflags from cygwin.
peflags --dynamicbase=true --nxcompat=true MyApp.exe
I'm sure there are other PE flag editing options available.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
