[unilynx]

Cool solution, but I'd assume/hope Windows currently has sufficient memory protections to not allow applications to rewrite their own memory - especially if the function was already in a DLL to begin with and not JIT-generated code?

[TonyTrapp]

Code segments are not writeble by default on Windows, like on any modern OS, but you can make any memory segment in your own process writable using VirtualProtect. That is not unique to Windows as well, on Linux you could achieve the same with mprotect.

[dwattttt]

As sibling notes, executable memory is not by default writable. If desired, you can also further disallow any executable memory to me allocated or modified by your process, even via the normal APIs, by calling SetProcessMitigationPolicy with ProcessDynamicCodePolicy.

https://learn.microsoft.com/en-us/windows/win32/api/processt...

[p_ing]

The exception to this is if you're leveraging large-page support. Large pages are always read/write (and nonpageable).

But that's a rare edge case.

[timewizard]

Which is why the code in the article changes memory protections from read+execute to read+write and then back again after modifying the code.