Why execution of a portion of code loaded from an external file is not halted by DEP?

Question

I've harnessed a project released on internet a long time ago. Here comes the details, all irrelevant things being stripped off for sake of concision and clarity.

---

A binary file whose content is descibed below

HEX DUMP:

55 89 E5 83 EC 08 C7 45 FC 00 00 00 00 8B 45 FC 
3B 45 10 72 02 EB 19 8B 45 FC 8B 55 0C 01 C2 8B 
45 FC 03 45 08 8A 00 88 02 8D 45 FC FF 00 EB DD 
C6 45 FA 00 83 7D 10 01 76 6C 80 7D FA 00 74 02 
EB 64 C6 45 FA 01 C7 45 FC 00 00 00 00 8B 45 10 
48 39 45 FC 72 02 EB E2 8B 45 FC 8B 4D 0C 01 C1 
8B 45 FC 03 45 0C 8D 50 01 8A 01 3A 02 73 30 8B 
45 FC 03 45 0C 8A 00 88 45 FB 8B 45 FC 8B 55 0C 
01 C2 8B 45 FC 03 45 0C 40 8A 00 88 02 8B 45 FC 
03 45 0C 8D 50 01 8A 45 FB 88 02 C6 45 FA 00 8D 
45 FC FF 00 EB A7 C9 C2 0C 00 90 90 90 90 90 90

is loaded into memory and executed using the following method snippet

var
  MySrcArray,
  MyDestArray: array [1 .. 15] of Byte;

  // ...

  MyBuffer: Pointer;

  TheProc: procedure;
  SortIt: procedure(ASrc, ADest: Pointer; ASize: LongWord); stdcall;
begin
  // Initialization of MySrcArray with random Bytes and display here ...

  // Instructions of loading of the binary file into MyBuffer using merely **GetMem** here ...

  @SortIt := MyBuffer;

  try
      SortIt(@MySrcArray, @MyDestArray, 15);

      // Display of MyDestArray (The outcome of the processing !)
  except
    // Invalid code error handling
  end;

  // Cleaning code here ...  
end;

works like a charm on my box.

---

My Question:

How comes it works without using VirtualAlloc and/or VirtualProtect?

Answer 1

I'm assuming you are asking why this works without being stopped by Data Execute Prevention? For 32-bit programs DEP is opt-in by default meaning that the application must explicitly enable it.

If you change the DEP setting to "Turn on DEP for all programs and services except those I select" then your application will trigger a DEP warning and crash.