Exception Handling!

[Sean1337]

Hey guys,

Thanks for answering my other topic regarding local variables.

My next question is somewhat of a complicated one.

Take for example a situation where I try to write to an address e.g. mov dword ptr ds:[eax], value but the result is the instruction generating exception because the address that eax holds cannot be written to (let's say because the memory does not exist for example and if you were to look at that region in ollydbg you would find nothing but ??).

Thus to some it up, an exception is generated causing the program to crash whenever it tries to write to memory that cannot be written to because it does not exist (the value of the address trying to be written to is ??)

So basically what I am trying to do here is come up with a way to handle that exception so that the program does not crash but rather it would be like this:

• Step 1: try to write to the address - mov dword ptr ds:[eax], value
• Step 2: determine whether or not the writing to the value of eax failed - e.g. was an exception generated
• Step 3: if no exception was generated, continue as usual, otherwise jump to another location that will not generated an exception (at least not immediately)

Context: - The code that will be trying to write to a specified address is operating in a loop inside of a thread such as this (that monitors for a keypress):

- if key is pressed to enable thread writing, dwEnabled == 1, elseif key is pressed to disable thread writing, dwEnabled == 0

Code Select Expand

;------------------------------------------------------------------------------------------------
Sampleproc near

CheckEnableStatus:
push 150
call Sleep
cmp dwEnabled, 0
jz CheckEnableStatus

DoWrite:
mov eax, address ;address is a dword variable that points to the address that will be written to
                mov dword ptr ds:[eax], value ;value is the value that will be written to the address

cmp dwEnabled, 0
jz CheckEnableStatus

push 20
call Sleep
jmp DoWrite

SampleProc endp
;------------------------------------------------------------------------------------------------

- So basically the main program would have its own thread that monitors for a hotkey (e.g. F1) and when this hotkey is enabled for the first time then this thread will start writing because one hotkey press signifies enabling writing and another hotkey press signifies disabling writing.
- P.S. sorry for the spacing in the above snippet  :(

So all I'm trying to do is modify that thread up there to take in account the possibility that the address cannot be written to, e.g. its value is ??

If any of you can help me with this I would greatly appreciate it  :bg

p.s. I found this page that gives an example snippet of how a structured exception handler (SEH) would look like: http://www.winasm.net/forum/index.php?showtopic=2082
- However because I am still sort'of a beginner, I still do not fully grasp the concept or understand how I can apply it to my thread snippet above.

All the best,
-Sean

[xmetal]

I think it would be a lot easier to just use IsBadWritePtr.

[zooba]

I think it would be a lot easier to just use IsBadWritePtr.

Yes, though the CrashProgramRandomlyIsBad***Ptr functions (see http://blogs.msdn.com/oldnewthing/archive/2006/09/27/773741.aspx) have their own problems.

Read http://www.jorgon.freeserve.co.uk/Except/Except.htm and do your exception handling properly (though be warned, it is quite an advanced topic). Alternatively, there are some macros floating around I believe (try the forum search) or just be careful with your programming. EAX can only get a bad address if you give it one - it is possible (and highly recommended) to code safely enough to avoid it. Most MASM programs (and probably C, C++, C#, Java, etc.) get away with very little (if any) exception handling.

Cheers,

Zooba :U

[xmetal]

Thanks Zooba.

I have been using that function in my own code quite ignorantly. Looks like I failed to recognize it as something that was too good to be true.

[zooba]

Looks like I failed to recognize it as something that was too good to be true.

I think most people missed it. Raymond Chen (aka OldNewThing) is both good at spotting these and has quite a history with the Windows code base.

His advice to "just crash" is extremely suitable for libraries and debugging, while it's better for release applications to abort the task and return to a safe place such as the main message loop (rather than a safe place that returns an error message) so the user can save what they're doing and try again or not try again (imagine a plugin for Photoshop crashing and killing the entire thing - not pretty!).

In either case, exception handling should be unnecessary except to clean up someone elses mess. If you don't trust your own code, change it so you do. Never trust anyone elses code (except mine  :bg :P ).

Cheers,

Zooba :U