Basics of SEH and How it Works?

lionaneesh's Avatar author of Basics of SEH and How it Works?
This is an article on Basics of SEH and How it Works? in Windows.
Rated 5.00 By 1 users
SEH stands for Structured Exception Handler as the name suggests it is used to handle exceptions and change the course program towards the code pointed by it...(You’ll get clear image of it.. In the following article..)Its a software method of exception handling... and can handle both software and hardware handling...One fact about Structured Exception Handle is that it is not used by Unix or Linux as its not open source and patented by Borland.. Its only used by windows systems...

How does SEH Works



Every process has some information with it..like the thread id’s etc etc..and TIB (Thread information Block) which contains all the information about the thread and Exception Record list..This list points to the Exception List record...

The exception list record have some data contained in it also.. The exception list contain some nodes[representing each exception] and each node have some data associated with it as well.. At the most basic level it contains ‘Pointer to next Record’ and ‘Pointer to handler’..

One more thing to note is that the SEH is based on a abstract data structure and changes on runtime as a except{} block is found and if no except{} blocks are specified by the developer then the windows uses its own default exceptional handler....

Lets first look at the following pseudo code
Code:
  __try
  {
  Int *p = 0x41414141;
  *p = 1;
  }                        
  __except
  {
                  printf(“Memory Access denied”);
  }
Here we are basically trying to access a non-existing memory location .. and this would definitely raise an exception in the flow of the program..

Which will cause it to move on to the __except{} block..(As a exception handler is been provided from the developer..)

The figure below will make it clear :-

Code:
Exception List at the start of the program :-

=====Record 1========================
++++++++++++++++++++++++++++++++++++++
|Pointer to next Record = 0xFFFFFFFF | 
++++++++++++++++++++++++++++++++++++++
|Pointer to handler    = OS Handler  |
++++++++++++++++++++++++++++++++++++++

Exception List when exception{} block is found :-

======Record 2==========================             =====Record 1========================
++++++++++++++++++++++++++++++=+++++++++             ++++++++++++++++++++++++++++++++++++++
|Pointer to next record  = *(Record 1) |             |Pointer to next Record = 0xFFFFFFFF |
+++++++++++++++++++++++++++++++++++++++ ----->-----> ++++++++++++++++++++++++++++++++++++++
|Pointer to handler    = Our handler   |             |Pointer to handler    = OS Handler  |
+++++++++++++++++++++++++++++++=++++++++             ++++++++++++++++++++++++++++++++++++++
So basically the SEH handler is a linked list and as it finds a new except block to the head(top)..

After that as we run from the except{} block the record associated with the exception block is removed..

That’s some basics of SEH .. Stay tuned for more..
0
lionaneesh's Avatar, Join Date: Mar 2010
Invasive contributor
Viewers Please comment..
0
alexsmth114's Avatar, Join Date: Mar 2011
Go4Expert Member
Some really nice tips!!..
0
lionaneesh's Avatar, Join Date: Mar 2010
Invasive contributor
Quote:
Originally Posted by alexsmth114 View Post
Some really nice tips!!..
Thanks Buddy!