CHAPTER 68. WINDOWS NT CHAPTER 68. WINDOWS NT
ASSERT( !NT_SUCCESS(*ExceptionCode) );return EXCEPTION_EXECUTE_HANDLER;
}
Internally, SEH is an extension of the OS-supported exceptions. But the handler function is_except_handler3(for SEH3)
or_except_handler4(for SEH4). The code of this handler is MSVC-related, it is located in its libraries, or in msvcr*.dll.
It is very important to know that SEH is a MSVC thing. Other win32-compilers may offer something completely different.
SEH3
SEH3 has_except_handler3 as a handler function, and extends the_EXCEPTION_REGISTRATIONtable, adding a
pointer to thescope tableandprevious try levelvariable. SEH4 extends thescope table by 4 values for buffer overflow pro-
tection.
Thescope tableis a table that consists of pointers to the filter and handler code blocks, for each nested level oftry/except.
FS:0 +0: __except_list+4: ...+8: ...TIB...Prev=0xFFFFFFFFHandle...PrevHandle...PrevHandlescope tableprevious try levelEBPhandler functionhandler function_except_handler3...Stack0xFFFFFFFF (-1)filter functionhandler/finally function0filter functionhandler/finally function1filter functionhandler/finally function...more entries...information about first
try/except blockinformation about sec-
ond try/except blockinformation about
third try/except blockscope tableAgain, it is very important to understand that theOStakes care only of theprev/handlefields, and nothing more. It is the job
of the_except_handler3function to read the other fields andscope table, and decide which handler to execute and when.
The source code of the_except_handler3function is closed. However, Sanos OS, which has a win32 compatibility layer,
has the same functions reimplemented, which are somewhat equivalent to those in Windows^35. Another reimplementation
is present in Wine^36 and ReactOS^37.
(^35) http://go.yurichev.com/17058
(^36) GitHub
(^37) http://go.yurichev.com/17060