Windows Driver Kit: Driver Development Tools
Data Execution Prevention Demo Program
The Data Execution Prevention (DEP) demo program enables you to test if DEP is enabled and supported on the host system and to test various DEP configuration mechanisms..
The DEP demo program does not test system DEP configuration. The DEP demo program simply calls code from a non-executable location so that the Microsoft Windows operating system closes the DEP demo program and displays a DEP error message.
Additionally, the DEP demo tool accepts a single command-line parameter (/sw) to simulate a software-enforced DEP problem. When the DEP demo program is run with the /sw parameter, Windows will close the DEP demo program and display an error message. (Note, software-enforced DEP does not have specific processor requirements.)
You can enable DEP on the Windows operating system by setting the Boot parameters for your computer. For information, see Boot Parameters to Configure DEP and PAE.
Or, you can double-click System in Control Panel, click the Advanced tab, or click Advanced system settings under Tasks (Windows Vista), click Settings in the Performance area, and then click the Data Execution Prevention tab.
The DEP demo program uses the support for DEP in the Windows operating system by calling code from a non-executable memory allocation.
The DEP demo program has the application name and publisher resources correctly integrated into the executable binary. This integration enables users to view the DEP application termination experience within Windows with an application at fault that correctly identifies itself and its publisher.
To simulate a hardware-enforced DEP problem (the default method of operation), the DEP demo allocates memory without the PAGE_EXECUTE attribute. The DEP demo then generates executable code and places it within the memory allocation. Finally, the DEP demo attempts to call the generated code from the non-executable memory allocation. On a system with a processor capable of hardware-enforced DEP and if the Windows operating system is configured to apply DEP to the DEP demo executable, the DEP demo program will be closed by Windows. When the DEP demo program is closed by Windows, an error will be displayed that indicates that the Data Execution Prevention Demo program encountered a problem with DEP. The publisher, "Microsoft Corporation", will be clearly identified.
To simulate a software-enforced DEP failure, DEP demo creates an exception handler in a non-executable memory region and ensures that the exception handler is attempted to be executed. When Windows attempts to execute the non-executable exception handler, the DEP demo program will be closed and the same message will be displayed as in the hardware-enforced DEP case.
To run the DEP demo program
- Open a Command Prompt window and navigate to the <WDKPath>\tools\nxdemo\<cpu> directory.
Replace <WDKPath> with the path to the WDK on your computer and <cpu> with the computer’s processor architecture (x86 or amd64).
- To simulate a hardware-enforced DEP problem, type the following command:
nxdemo.exe
To simulate a software-enforced DEP problem, type the following command:
nxdemo.exe /sw
A warning message appears if DEP is enabled for all applications and services and the system has a processor that is capable of hardware-enforced DEP.
For more information about the DEP demo requirements, see DEP Demo Requirements.