Wikipedia

Microsoft-specific exception handling mechanisms: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
m Reverted edits by Devtechpoint (talk) to last version by Artoria2e5
Monkbot (talk | contribs)
Bots
3,695,952 edits
m Task 18 (cosmetic): eval 17 templates: del empty params (5×); hyphenate params (12×);
Line 1:
[[Microsoft Windows]] OS family employs some [[exception handling]] mechanisms that are based on the [[operating system]] specifics.
== {{Anchor|SEH}}Structured Exception Handling ==
Microsoft Structured Exception Handling is the native exception handling mechanism for Windows and a forerunner technology to [[#Vectored Exception Handling|Vectored Exception Handling]] (VEH).<ref name=devx>{{cite web|url=http://www.devx.com/microsoftISV/Article/15992 |title=Vectored Exception Handling in Windows Server 2003 (Through Internet Archive) |archiveurlarchive-url = https://web.archive.org/web/20080118162324/http://www.devx.com/microsoftISV/Article/15992 |archivedatearchive-date = 2008-01-18}}</ref> It features the <code>finally</code> mechanism not present in standard C++ exceptions (but present in most [[Imperative programming|imperative]] languages introduced later). SEH is set up and handled separately for each [[Thread (computing)|thread of execution]].
 
=== Usage ===
{{see also|Exception handling syntax#Microsoft-specific}}
Microsoft supports SEH as a programming technique at the compiler level only. MS Visual C++ compiler features three non-standard keywords: <code>__try</code>, <code>__except</code> and <code>__finally</code> — for this purpose. Other exception handling aspects are backed by a number of [[Win32 API]] functions,<ref>{{cite web |url=http://msdn.microsoft.com/en-us/library/ms680659%28VS.85%29.aspx |title=Structured Exception Handling Functions |date=2009-11-12 |work=MSDN Library |author=Microsoft Corp. |accessdateaccess-date=2009-11-17 }}</ref> for example, <code>RaiseException</code> to raise SEH exceptions manually.
 
=== Implementation ===
 
==== IA-32 ====
Each [[Thread (computing)|thread of execution]] in Windows [[IA-32]] edition or the [[WoW64]] emulation layer for the [[x86-64]] version has a link to an undocumented _EXCEPTION_REGISTRATION_RECORD [[List (computing)|list]] at the start of its [[Thread Information Block]]. The <code>__try</code> statement essentially calls a compiler-defined <code>EH_prolog</code> function. That function allocates an _EXCEPTION_REGISTRATION_RECORD [[Stack-based memory allocation|on the stack]] pointing to the <code>__except_handler3</code>{{Efn|The name varies in different versions of VC runtime}} function in <code>msvcrt.dll</code>,{{Efn|<code>ntdll.dll</code> and <code>kernel32.dll</code>, as well as other programs linked statically with VC runtime, have this function compiled-in instead}} then adds the record to the list's head. At the end of the <code>__try</code> [[Block (programming)|block]] a compiler-defined <code>EH_epilog</code> function is called that does the reverse operation. Either of these compiler-defined routines can be [[inline expansion|inline]]. All the programmer-defined <code>__except</code> and <code>__finally</code> blocks are called from within <code>__except_handler3</code>. If the programmer-defined blocks are present, the _EXCEPTION_REGISTRATION_RECORD created by <code>EH_prolog</code> is extended with a few additional fields used by <code>__except_handler3</code>.<ref>{{cite web|url=http://stoned-vienna.com/html/index.php?page=windows-exception-handling|author=Peter Kleissner|title=Windows Exception Handling - Peter Kleissner|date=February 14, 2009|accessdateaccess-date=2009-11-21 |archive-url=https://web.archive.org/web/20131014204335/http://stoned-vienna.com/html/index.php?page=windows-exception-handling |archive-date=October 14, 2013 |url-status=dead}}, ''Compiler based Structured Exception Handling'' section</ref>
 
In the case of an exception in [[user mode]] code, the operating system{{Efn|More specifically, <code>ntdll!RtlDispatchException</code> system routine called from <code>ntdll!KiUserExceptionDispatcher</code> which is in turn called from the <code>nt!KiDispatchException</code> kernel function. (See {{cite web|url=http://www.nynaeve.net/?p=201|title=A catalog of NTDLL kernel mode to user mode callbacks, part 2: KiUserExceptionDispatcher|author=Ken Johnson|date=November 16, 2007 <!-- , 7:00 am --> }} for details)}} parses the thread's _EXCEPTION_REGISTRATION_RECORD list and calls each exception handler in sequence until a handler signals it has handled the exception (by [[return value]]) or the list is exhausted. The last one in the list is always the <code>kernel32!UnhandledExceptionFilter</code> which displays the [[General protection fault]] error message.{{Efn|The message can be silenced by altering the process's [http://msdn.microsoft.com/en-us/library/ms680548%28VS.85%29.aspx error mode]; the default last handler can be replaced with [http://msdn.microsoft.com/en-us/library/ms680634(VS.85).aspx SetUnhandledExceptionFilter] API}} Then the list is traversed once more giving handlers a chance to clean up any resources used. Finally, the execution returns to [[kernel mode]]{{Efn|<code>ntdll!KiUserExceptionDispatcher</code> calls either <code>nt!ZwContinue</code> or <code>nt!ZwRaiseException</code>}} where the process is either resumed or terminated.
Line 23:
 
== {{Anchor|VEH}}Vectored Exception Handling ==
Vectored Exception Handling was introduced in [[Windows XP]].<ref name="VEH">{{cite web|url=http://msdn.microsoft.com/en-us/magazine/cc301714.aspx|title=Under the Hood: New Vectored Exception Handling in Windows XP |archiveurlarchive-url = https://web.archive.org/web/20080915135659/http://msdn.microsoft.com/en-us/magazine/cc301714.aspx |archivedatearchive-date = 2008-09-15 |url-status=dead}}</ref> Vectored Exception Handling is made available to Windows programmers using languages such as [[C++]] and [[Visual Basic]]. VEH does not replace Structured Exception Handling (SEH), rather VEH and SEH coexist, with VEH handlers having priority over SEH handlers.<ref name="devx" /><ref name="VEH" />
Compared with SEH, VEH works more like kernel-delivered [[Signal (IPC)|Unix signals]].<ref>{{cite web|url=http://msdn.microsoft.com/en-us/magazine/cc300448.aspx|title=Windows Server 2003 Discover Improved System Info, New Kernel, Debugging, Security, and UI APIs |archiveurlarchive-url = https://web.archive.org/web/20080505055123/http://msdn.microsoft.com/en-us/magazine/cc300448.aspx |archivedatearchive-date = 2008-05-05 |url-status=dead}}</ref>
 
== Notes ==
Line 33:
 
==External links==
* {{cite web |url=http://msdn.microsoft.com/en-us/library/ms680657%28VS.85%29.aspx |title=Structured Exception Handling |date=2009-11-12 |work=MSDN Library |author=Microsoft Corp. |accessdateaccess-date=2009-11-17 }}
* {{cite journal |author=[[Matt Pietrek]] |date=Jan 1997 |title=A Crash Course on the Depths of Win32 Structured Exception Handling |journal=MSJ |volume=12 |issue=1 |pages= |url=http://www.microsoft.com/msj/0197/Exception/Exception.aspx |doi= |pmid= |pmc= }} Note that the examples given there do not work as-is on modern Windows systems (post XP SP2) due to the changes Microsoft made to address the security issues present in the early SEH design. The examples still work on later versions of Windows if compiled with <code>/link /safeseh:no</code>.
* {{cite web|url=https://www.tortall.net/projects/yasm/manual/html/objfmt-win32-safeseh.html|title=win32: Safe Structured Exception Handling|publisher=[[Yasm]] manual}}
* {{US patent|7,480,919|US patent 7,480,919 - Safe exceptions}}
* {{cite web|url=http://jpassing.com/2008/05/20/fun-with-low-level-seh/|title=Fun with low level SEH|author=Johannes Passing|date=May 20, 2008}} Covers the obscure details needed to get low-level SEH (and particularly SafeSEH) code to work on more modern Windows.
* {{cite web |url=http://www.openrce.org/articles/full_view/21 |title=Reversing Microsoft Visual C++ Part I: Exception Handling |author=Igor Skochinsky |date= March 6, 2006 |work= |publisher=OpenRCE |accessdateaccess-date=2009-11-17 }}
* {{cite web|url=http://blogs.technet.com/b/srd/archive/2009/02/02/preventing-the-exploitation-of-seh-overwrites-with-sehop.aspx|title=Preventing the Exploitation of Structured Exception Handler (SEH) Overwrites with SEHOP|author=Matt Miller|publisher=Technet|date=2 Feb 2009}}
* {{cite web|title=Bypassing SEHOP|url=http://www.sysdream.com/sites/default/files/sehop_en.pdf|author=Stéfan Le Berre, Damien Cauquil|publisher=Sysdream|date=22 Dec 2009|url-status=dead|archiveurlarchive-url=https://web.archive.org/web/20120907022250/http://www.sysdream.com/sites/default/files/sehop_en.pdf|archivedatearchive-date=2012-09-07}}
* {{cite web|url=https://www.optiv.com/blog/old-meets-new-microsoft-windows-safeseh-incompatibility/|title=Old Meets New: Microsoft Windows SafeSEH Incompatibility|author=Joshua J. Drake|date=10 Jan 2012}} An article explaining why Windows 7 SP1 ignores SafeSEH for some older binaries, while Windows XP SP3 honors it.
 
Retrieved from "https://en.wikipedia.org/wiki/Microsoft-specific_exception_handling_mechanisms"