-
-
[旧帖]
[求助]关于模拟VC _TRY异常处理的问题
0.00雪花
-
发表于:
2009-8-8 10:51
2922
-
[旧帖] [求助]关于模拟VC _TRY异常处理的问题
0.00雪花
碰到了个问题,在模拟的过程中打印各个VC_EXCEPTION_REGISTRATION成员时出现了错误异常
后来跟踪发现了问题的所在,是因为在构建VC_EXCEPTION_REGISTRATION的时候其中的成员SCOPETABLE里的成员没有任何数值导致的
我不明白为什么,出现问题的地方我已经注释出了,我现在帖上完整代码,希望各位大牛帮我看看:
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#include <stdio.h>
#include <iostream>
#pragma hdrstop
#ifndef _MSC_VER
#error Visual C++ Required( Visual C++ specific information is displayed )
#endif
using namespace std;
struct EXCEPTION_REGISTRATION
{
EXCEPTION_REGISTRATION * prev;
FARPROC handler;
};
struct scopetable_entry
{
DWORD previousTryLevel;
FARPROC lpfnFilter;
FARPROC lpfnHandler;
};
struct VC_EXCEPTION_REGISTRATION:EXCEPTION_REGISTRATION
{
scopetable_entry * scopetable;
int trylevel;
int _ebp;
};
extern "C" int _except_handler3( PEXCEPTION_RECORD, EXCEPTION_REGISTRATION *, PCONTEXT, PEXCEPTION_RECORD );
void ShowSEHFrame( VC_EXCEPTION_REGISTRATION * pVCExcReg)
{
printf( "Frame:%08x Handler:08%x Prev:%08x scopetable:%08x\n ", pVCExcReg, pVCExcReg->handler, pVCExcReg->prev,
pVCExcReg->scopetable );
scopetable_entry * pScopeTableEntry = pVCExcReg->scopetable;
for ( unsigned i = 0; i<= pVCExcReg->trylevel; ++i )
{
// printf( " scopetable[%u] PreTryLevel:%08X" " Filter:%08X _except:%08X\n", i, pScopeTableEntry->previousTryLevel,
// pScopeTableEntry->lpfnFilter, pScopeTableEntry->lpfnHandler );
/*cout << "scopetable[" << i << "]" << pScopeTableEntry->previousTryLevel << pScopeTableEntry->lpfnFilter <<pScopeTableEntry->lpfnHandler <<endl;*/
printf( "%08x",pScopeTableEntry->previousTryLevel);
pScopeTableEntry++;
}
printf( "\n" );
}
void WalkSEHFrame( void )
{
VC_EXCEPTION_REGISTRATION * pVCExcReg;
printf( "_except_handler3 is at address:%08x\n", _except_handler3 );
printf( "\n" );
_asm mov eax, fs:[0];
_asm mov [pVCExcReg], eax; //问题出在这,模拟VC挂接的表头里的scopetable结构成员都没有值,导致在后面的SHOWSEH中打印出错
while ( 0xFFFFFFFF != ( unsigned ) pVCExcReg )
{
ShowSEHFrame( pVCExcReg );
pVCExcReg = ( VC_EXCEPTION_REGISTRATION * )( pVCExcReg->prev );
}
}
void function1( void )
{
_try
{
_try
{
_try
{
WalkSEHFrame();
}
_except ( EXCEPTION_CONTINUE_SEARCH )
{}
}
_except ( EXCEPTION_CONTINUE_SEARCH )
{}
}
_except ( EXCEPTION_CONTINUE_SEARCH )
{}
}
int main()
{
int i;
_try
{
i = 0x1234;
}
_except ( EXCEPTION_CONTINUE_SEARCH )
{
i = 0x4321;
}
_try
{
function1();
}
_except ( EXCEPTION_EXECUTE_HANDLER )
{
printf ( "Caught Exception in main\n " );
}
cin.get();
return 0;
}
实际的SCOPETABLE_ENTRY地址是已经有了,而每个_TRY都有对应的SCOPETABLE_ENTRY这样的结构,那么按理这个结构里的成员在构造后了该结构后就应该有值了
[课程]Android-CTF解题方法汇总!
