flat assembler
Message board for the users of flat assembler.

Index > Windows > SEH in a kernel mode driver?

Author
Thread Post new topic Reply to topic
yoshimitsu



Joined: 07 Jul 2011
Posts: 96
yoshimitsu 05 Sep 2011, 15:32
Hey,
as I don't have any VM installed and as I'm not experienced with neither the kernel mode nor SEH, either, I thought it'd be easier to just ask here.

I've read somewhere you could normally use SEH in a kernel mode driver.
But I get a BSoD when executing the following code:
Code:
        push    exception_handler
        push    dword [fs:0]
        mov     [fs:0],esp
        mov     [0],eax
        jmp     skip
    exception_handler:
        mov     esp,[esp+8]
    skip:
        pop     dword [fs:0]
        add     esp,4    
Post 05 Sep 2011, 15:32
View user's profile Send private message Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4624
Location: Argentina
LocoDelAssembly 05 Sep 2011, 16:12
http://flatassembler.net/examples/seh_example.zip
http://www.microsoft.com/msj/0197/exception/exception.aspx

But in short, I think you are doing wrong in trying to continue instead of having a exception_handler procedure which returns to its real caller (and adjust CONTEXT.EIP to bypass the buggy instruction).
Post 05 Sep 2011, 16:12
View user's profile Send private message Reply with quote
yoshimitsu



Joined: 07 Jul 2011
Posts: 96
yoshimitsu 05 Sep 2011, 19:45
in ring3 it works as after reaching the faulty code execution continues at exception_handler where the stack gets corrected which is why execution goes on normally
Post 05 Sep 2011, 19:45
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.