Assembly Language for Beginners

(Jeff_L) #1

6.5. WINDOWS NT


FS:0 +0: __except_list

+4: ...

+8: ...

TIB

...

Prev=0xFFFFFFFF

Handle

...

Prev

Handle

...

Prev

Handle

scope table

previous try level

EBP

handler function

handler function

_except_handler3

...

Stack

0xFFFFFFFF (-1)

filter function

handler/finally function

0

filter function

handler/finally function

1

filter function

handler/finally function

... more entries ...

information about
first try/except
block

information about
second try/except
block

information about
third try/except
block

scope table

Again, it is very important to understand that theOStakes care only of theprev/handlefields, and nothing
more.
It is the job of the_except_handler3function to read the other fields andscope table, and decide which
handler to execute and when.


The source code of the_except_handler3function is closed.

However, Sanos OS, which has a win32 compatibility layer, has the same functions reimplemented, which
are somewhat equivalent to those in Windows^46. Another reimplementation is present in Wine^47 and
ReactOS^48.


If thefilterpointer is NULL, thehandlerpointer is the pointer to thefinallycode block.


During execution, theprevious try levelvalue in the stack changes, so_except_handler3can get in-
formation about the current level of nestedness, in order to know whichscope tableentry to use.


SEH3: one try/except block example


#include <stdio.h>
#include <windows.h>
#include <excpt.h>


int main()
{
int* p = NULL;


(^46) http://go.yurichev.com/17058
(^47) GitHub
(^48) http://go.yurichev.com/17060

Free download pdf