Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>If you are following <a href="http://www.rohitab.com/structured-exception-handling-in-assembly-language" rel="nofollow">this article</a>, which it seems you are, then why aren't you properly restoring the stack as shown in the code there?</p> <p>The code in the article:</p> <pre><code>18 NoException&amp;;Handler: ;;No Exception Occured 19 pop dword ptr fs:[0] ;;Restore Old Exception Handler 20 add esp, 32 + 4 ;;ESP value before SEH was set. 32 for pushad and ... 21 ExceptionHandled&amp;;Handler: ;;...4 for push offset Handler. (No Restore State) 22 ;;Exception has been handled, or no exception occured </code></pre> <p>Your code:</p> <pre><code>NoException: pop dword ptr fs:[0] add esp, 8 ExceptionHandled: </code></pre> <p>32 in that code is to undo <code>pushad</code>, 4 is to undo <code>push esi</code>. Why do you have 8? 32 + 4 ≠ 8.</p> <p>If that's how you want to remove <code>u32Param</code> from the stack (in case <code>pFunc</code> doesn't do it for you), then you should do it between these two lines:</p> <pre><code> call pFunc; add esp, 4 jmp NoException </code></pre> <p>My version:</p> <pre><code>// file: tst.c // compile with Open Watcom C/C++ 1.9: wcl386.exe /q /we /wx tst.c // ditto with debug info: wcl386.exe /q /we /wx /d2 tst.c #include &lt;stdio.h&gt; unsigned __stdcall func(volatile unsigned* p) { return *p; } unsigned blah(unsigned (__stdcall *pFunc)(volatile unsigned*), volatile unsigned* u32Param) { unsigned result = 0; __asm { pushad // mov esi, offset Handler // Open Watcom C/C++ says Handler is undefined // push esi // lea eax, blah // add eax, Handler - blah // this difference doesn't come out correct with Open Watcom C/C++ // add eax, 78 // 78 is Handler - blah // this is unreliable // push eax push 0xFDCB4321 jmp GetHandlerAddr GotHandlerAddr: pop eax add esp, 4 push eax push dword ptr fs:[0] mov dword ptr fs:[0], esp push u32Param call dword ptr [pFunc] jmp NoException GetHandlerAddr: call Handler // this will place &amp;Handler on the stack Handler: cmp dword ptr [esp + 4], 0xFDCB4321 je GotHandlerAddr mov esp, [esp + 8] pop dword ptr fs:[0] add esp, 4 popad mov eax, 0x80000000 jmp ExceptionHandled NoException: pop dword ptr fs:[0] add esp, 32 + 4 ExceptionHandled: mov result, eax } return result; } int main(void) { volatile unsigned n = 0x113355AA; printf("%08X\n", func(&amp;n)); printf("%08X\n", blah(&amp;func, &amp;n)); printf("%08X\n", blah(&amp;func, (volatile unsigned*)0)); printf("%08X\n", blah(&amp;func, (volatile unsigned*)0)); return 0; } </code></pre> <p>Output:</p> <pre><code>113355AA 113355AA 80000000 80000000 </code></pre>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload