Basics of SEH and How it Works?

Discussion in 'Windows' started by lionaneesh, Mar 2, 2011.

  1. lionaneesh

    lionaneesh Active Member

    Joined:
    Mar 21, 2010
    Messages:
    848
    Likes Received:
    224
    Trophy Points:
    43
    Occupation:
    Student
    Location:
    India
    SEH stands for Structured Exception Handler as the name suggests it is used to handle exceptions and change the course program towards the code pointed by it...(You’ll get clear image of it.. In the following article..)Its a software method of exception handling... and can handle both software and hardware handling...One fact about Structured Exception Handle is that it is not used by Unix or Linux as its not open source and patented by Borland.. Its only used by windows systems...

    How does SEH Works



    Every process has some information with it..like the thread id’s etc etc..and TIB (Thread information Block) which contains all the information about the thread and Exception Record list..This list points to the Exception List record...

    The exception list record have some data contained in it also.. The exception list contain some nodes[representing each exception] and each node have some data associated with it as well.. At the most basic level it contains ‘Pointer to next Record’ and ‘Pointer to handler’..

    One more thing to note is that the SEH is based on a abstract data structure and changes on runtime as a except{} block is found and if no except{} blocks are specified by the developer then the windows uses its own default exceptional handler....

    Lets first look at the following pseudo code
    Code:
      __try
      {
      Int *p = 0x41414141;
      *p = 1;
      }                        
      __except
      {
                      printf(“Memory Access denied”);
      }
      
    Here we are basically trying to access a non-existing memory location .. and this would definitely raise an exception in the flow of the program..

    Which will cause it to move on to the __except{} block..(As a exception handler is been provided from the developer..)

    The figure below will make it clear :-

    Code:
    Exception List at the start of the program :-
    
    =====Record 1========================
    ++++++++++++++++++++++++++++++++++++++
    |Pointer to next Record = 0xFFFFFFFF | 
    ++++++++++++++++++++++++++++++++++++++
    |Pointer to handler    = OS Handler  |
    ++++++++++++++++++++++++++++++++++++++
    
    Exception List when exception{} block is found :-
    
    ======Record 2==========================             =====Record 1========================
    ++++++++++++++++++++++++++++++=+++++++++             ++++++++++++++++++++++++++++++++++++++
    |Pointer to next record  = *(Record 1) |             |Pointer to next Record = 0xFFFFFFFF |
    +++++++++++++++++++++++++++++++++++++++ ----->-----> ++++++++++++++++++++++++++++++++++++++
    |Pointer to handler    = Our handler   |             |Pointer to handler    = OS Handler  |
    +++++++++++++++++++++++++++++++=++++++++             ++++++++++++++++++++++++++++++++++++++
    
    So basically the SEH handler is a linked list and as it finds a new except block to the head(top)..

    After that as we run from the except{} block the record associated with the exception block is removed..

    That’s some basics of SEH .. Stay tuned for more..
     
  2. lionaneesh

    lionaneesh Active Member

    Joined:
    Mar 21, 2010
    Messages:
    848
    Likes Received:
    224
    Trophy Points:
    43
    Occupation:
    Student
    Location:
    India
    Viewers Please comment..
     
  3. alexsmth114

    alexsmth114 New Member

    Joined:
    Mar 7, 2011
    Messages:
    19
    Likes Received:
    1
    Trophy Points:
    0
    Some really nice tips!!..
     
  4. lionaneesh

    lionaneesh Active Member

    Joined:
    Mar 21, 2010
    Messages:
    848
    Likes Received:
    224
    Trophy Points:
    43
    Occupation:
    Student
    Location:
    India
    Thanks Buddy!
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice