📄 mdx86.c
字号:
FxArea->RegisterArea[i*BYTES_PER_FX_REGISTER+j] =
lpContext->FloatSave.RegisterArea[i*BYTES_PER_FP_REGISTER+j];
}
}
} else {
*(PTH_TO_FLTSAVEAREAPTR(pth)) = lpContext->FloatSave;
}
}
if ((lpContext->ContextFlags & CONTEXT_DEBUG_REGISTERS) ==
CONTEXT_DEBUG_REGISTERS) {
}
}
SETCURKEY(ulOldKey);
return TRUE;
}
#pragma warning(disable:4035)
//------------------------------------------------------------------------------
//
// ExecuteHandler is the common tail for RtlpExecuteHandlerForException
// and RtlpExecuteHandlerForUnwind.
//
// (edx) = handler (Exception or Unwind) address
//
///ExceptionRecord equ [ebp+8]
///EstablisherFrame equ [ebp+12]
///ContextRecord equ [ebp+16]
///DispatcherContext equ [ebp+20]
///ExceptionRoutine equ [ebp+24]
///pcstk equ [ebp+28]
///ExceptionMode equ [ebp+32]
//
//------------------------------------------------------------------------------
EXCEPTION_DISPOSITION __declspec(naked)
ExecuteHandler(
IN PEXCEPTION_RECORD ExceptionRecord,
IN PVOID EstablisherFrame,
IN OUT PCONTEXT ContextRecord,
IN OUT PDISPATCHER_CONTEXT DispatcherContext,
IN PEXCEPTION_ROUTINE ExceptionRoutine,
IN OUT PCALLSTACK pcstk,
IN ULONG ExceptionMode
)
{
__asm {
push ebp
mov ebp, esp
mov ecx, [pcstk] // callstack structre for calling handler
push EstablisherFrame // Save context of exception handler
// that we're about to call.
push edx // Set Handler address
push dword ptr fs:[0] // Set next pointer
mov dword ptr fs:[0], esp // Link us on
//
// Call the specified exception handler.
//
push DispatcherContext
push ContextRecord
push EstablisherFrame
push ExceptionRecord
cmp [ExceptionMode], KERNEL_MODE
jne short EhInUMode
call [ExceptionRoutine]
EhRtnAddr:
// Don't clean stack here, code in front of ret will restore initial state
// Disposition is in eax, so all we do is deregister handler and return
mov esp, dword ptr fs:[0]
pop dword ptr fs:[0]
mov esp, ebp
pop ebp
ret
EhInUMode:
// (ecx) == pcstk
lea edx, EhRtnAddr // (edx) = return address
mov [ecx].retAddr, edx // pcstk->retAddr = [EhRtnAddr]
// save the registration pointer in callstack
mov edx, dword ptr fs:[0]
mov dword ptr [ecx].extra, edx // pcstk->extra == fs:[0]
mov dword ptr fs:[0], -2 // mark PSL boundary
push SYSCALL_RETURN // return address is a trap
// link pcstk into pCurThread's callstack
mov edx, PtrCurThd // (edx) = pCurThread
mov dword ptr [edx].pcstkTop, ecx // pCurThread->pcstkTop = pcstk
mov edx, esp
push KGDT_R3_DATA | 3 // SS of ring 3
push edx // target ESP
push KGDT_R3_CODE | 3 // CS of ring 3
push [ExceptionRoutine] // function to call
// return to user code
retf
}
}
//------------------------------------------------------------------------------
//
// EXCEPTION_DISPOSITION
// ExceptionHandler (
// IN PEXCEPTION_RECORD ExceptionRecord,
// IN PVOID EstablisherFrame,
// IN OUT PCONTEXT ContextRecord,
// IN OUT PVOID DispatcherContext
// )
//
// Routine Description:
//
// This function is called when a nested exception occurs. Its function
// is to retrieve the establisher frame pointer and handler address from
// its establisher's call frame, store this information in the dispatcher
// context record, and return a disposition value of nested exception.
//
// Arguments:
//
// ExceptionRecord (exp+4) - Supplies a pointer to an exception record.
//
// EstablisherFrame (esp+8) - Supplies the frame pointer of the establisher
// of this exception handler.
//
// ContextRecord (esp+12) - Supplies a pointer to a context record.
//
// DispatcherContext (esp+16) - Supplies a pointer to the dispatcher context
// record.
//
// Return Value:
//
// A disposition value ExceptionNestedException is returned if an unwind
// is not in progress. Otherwise a value of ExceptionContinueSearch is
// returned.
//
//------------------------------------------------------------------------------
Naked
ExceptionHandler(void)
{
__asm {
mov ecx, dword ptr [esp+4] // (ecx) -> ExceptionRecord
test dword ptr [ecx.ExceptionFlags], EXCEPTION_UNWINDING
mov eax, ExceptionContinueSearch // Assume unwind
jnz eh10 // unwind, go return
//
// Unwind is not in progress - return nested exception disposition.
//
mov ecx,[esp+8] // (ecx) -> EstablisherFrame
mov edx,[esp+16] // (edx) -> DispatcherContext
mov eax,[ecx+8] // (eax) -> EstablisherFrame for the
// handler active when we
// nested.
mov [edx], eax // Set DispatcherContext field.
mov eax, ExceptionNestedException
eh10: ret
}
}
//------------------------------------------------------------------------------
//
// EXCEPTION_DISPOSITION
// RtlpExecuteHandlerForException (
// IN PEXCEPTION_RECORD ExceptionRecord,
// IN PVOID EstablisherFrame,
// IN OUT PCONTEXT ContextRecord,
// IN OUT PVOID DispatcherContext,
// IN PEXCEPTION_ROUTINE ExceptionRoutine,
// IN OUT PCALLSTACK pcstk,
// IN BOOL ExceptionMode
// )
//
// Routine Description:
//
// This function allocates a call frame, stores the handler address and
// establisher frame pointer in the frame, establishes an exception
// handler, and then calls the specified exception handler as an exception
// handler. If a nested exception occurs, then the exception handler of
// of this function is called and the handler address and establisher
// frame pointer are returned to the exception dispatcher via the dispatcher
// context parameter. If control is returned to this routine, then the
// frame is deallocated and the disposition status is returned to the
// exception dispatcher.
//
// Arguments:
//
// ExceptionRecord (ebp+8) - Supplies a pointer to an exception record.
//
// EstablisherFrame (ebp+12) - Supplies the frame pointer of the establisher
// of the exception handler that is to be called.
//
// ContextRecord (ebp+16) - Supplies a pointer to a context record.
//
// DispatcherContext (ebp+20) - Supplies a pointer to the dispatcher context
// record.
//
// ExceptionRoutine (ebp+24) - supplies a pointer to the exception handler
// that is to be called.
//
// pcstk (ebp+28) - callstack for user-mode handler
//
// ExceptionMode (ebp+32) - Mode to call into
//
// Return Value:
//
// The disposition value returned by the specified exception handler is
// returned as the function value.
//
//------------------------------------------------------------------------------
EXCEPTION_DISPOSITION __declspec(naked)
RtlpExecuteHandlerForException(
IN PEXCEPTION_RECORD ExceptionRecord,
IN PVOID EstablisherFrame,
IN OUT PCONTEXT ContextRecord,
IN OUT PDISPATCHER_CONTEXT DispatcherContext,
IN PEXCEPTION_ROUTINE ExceptionRoutine,
IN OUT PCALLSTACK pcstk,
IN ULONG ExceptionMode
)
{
__asm {
mov edx,offset ExceptionHandler // Set who to register
jmp ExecuteHandler // jump to common code
}
}
//------------------------------------------------------------------------------
//
// EXCEPTION_DISPOSITION
// UnwindHandler(
// IN PEXCEPTION_RECORD ExceptionRecord,
// IN PVOID EstablisherFrame,
// IN OUT PCONTEXT ContextRecord,
// IN OUT PVOID DispatcherContext)
//
// Routine Description:
// This function is called when a collided unwind occurs. Its function
// is to retrieve the establisher frame pointer and handler address from
// its establisher's call frame, store this information in the dispatcher
// context record, and return a disposition value of nested unwind.
//
// Arguments:
// ExceptionRecord (esp+4) - Supplies a pointer to an exception record.
//
// EstablisherFrame (esp+8) - Supplies the frame pointer of the establisher
// of this exception handler.
//
// ContextRecord (esp+12) - Supplies a pointer to a context record.
//
// DispatcherContext (esp+16) - Supplies a pointer to the dispatcher context
// record.
//
// Return Value:
// A disposition value ExceptionCollidedUnwind is returned if an unwind is
// in progress. Otherwise a value of ExceptionContinueSearch is returned.
//
//------------------------------------------------------------------------------
Naked
UnwindHandler(void)
{
__asm {
mov ecx,dword ptr [esp+4] // (ecx) -> ExceptionRecord
test dword ptr [ecx.ExceptionFlags], EXCEPTION_UNWINDING
mov eax,ExceptionContinueSearch // Assume NOT unwind
jz uh10 // not unwind, go return
// Unwind is in progress - return collided unwind disposition.
mov ecx,[esp+8] // (ecx) -> EstablisherFrame
mov edx,[esp+16] // (edx) -> DispatcherContext
mov eax,[ecx+8] // (eax) -> EstablisherFrame for the
// handler active when we
// nested.
mov [edx],eax // Set DispatcherContext field.
mov eax,ExceptionCollidedUnwind
uh10: ret
}
}
//------------------------------------------------------------------------------
//
// EXCEPTION_DISPOSITION
// RtlpExecuteHandlerForUnwind (
// IN PEXCEPTION_RECORD ExceptionRecord,
// IN PVOID EstablisherFrame,
// IN OUT PCONTEXT ContextRecord,
// IN OUT PVOID DispatcherContext,
// IN PEXCEPTION_ROUTINE ExceptionRoutine,
// IN OUT PCALLSTACK pcstk,
// IN BOOL ExceptionMode
// )
//
// Routine Description:
//
// This function allocates a call frame, stores the handler address and
// establisher frame pointer in the frame, establishes an exception
// handler, and then calls the specified exception handler as an unwind
// handler. If a collided unwind occurs, then the exception handler of
// of this function is called and the handler address and establisher
// frame pointer are returned to the unwind dispatcher via the dispatcher
// context parameter. If control is returned to this routine, then the
// frame is deallocated and the disposition status is returned to the
// unwind dispatcher.
//
// Arguments:
//
// ExceptionRecord (ebp+8) - Supplies a pointer to an exception record.
//
// EstablisherFrame (ebp+12) - Supplies the frame pointer of the establisher
// of the exception handler that is to be called.
//
// ContextRecord (ebp+16) - Supplies a pointer to a context record.
//
// DispatcherContext (ebp+20) - Supplies a pointer to the dispatcher context
// record.
//
// ExceptionRoutine (ebp+24) - supplies a pointer to the exception handler
// that is to be called.
//
// pcstk (ebp+28) - callstack for user-mode handler
//
// ExceptionMode (ebp+32) - Mode to call into
//
// Return Value:
//
// The disposition value returned by the specified exception handler is
// returned as the function value.
//
//------------------------------------------------------------------------------
EXCEPTION_DISPOSITION __declspec(naked)
RtlpExecuteHandlerForUnwind(
IN PEXCEPTION_RECORD ExceptionRecord,
IN PVOID EstablisherFrame,
IN OUT PCONTEXT ContextRecord,
IN OUT PDISPATCHER_CONTEXT DispatcherContext,
IN PEXCEPTION_ROUTINE ExceptionRoutine,
IN OUT PCALLSTACK pcstk,
IN ULONG ExceptionMode
)
{
__asm {
mov edx,offset UnwindHandler
jmp ExecuteHandler // jump to common code
}
}
#pragma warning(default:4035 4733)
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -