2019-09-18 15:53:36 -07:00
|
|
|
From 0b9ca95d49019b20fd8088c64217f524a9fe476f Mon Sep 17 00:00:00 2001
|
2018-07-29 19:36:47 -07:00
|
|
|
From: Andrew Wesie <awesie@gmail.com>
|
|
|
|
|
Date: Fri, 27 Jul 2018 01:26:56 -0500
|
|
|
|
|
Subject: [PATCH] Use NtContinue to continue execution after exceptions.
|
|
|
|
|
|
|
|
|
|
NtContinue is exported by ntdll and some programs expect it to be used to
|
|
|
|
|
restore the thread context after an exception handler returns
|
|
|
|
|
EXCEPTION_CONTINUE_EXECUTION. It must take a context as its first argument
|
|
|
|
|
and restore that context.
|
|
|
|
|
|
|
|
|
|
Current implementation is a simple wrapper around NtSetContextThread. It is
|
|
|
|
|
unlikely that it has the correct behavior if called by an external caller.
|
|
|
|
|
|
|
|
|
|
The __syscall_NtContinue wrapper is used so that it can be hooked by a
|
|
|
|
|
third-party.
|
|
|
|
|
---
|
2019-09-18 15:53:36 -07:00
|
|
|
dlls/ntdll/exception.c | 9 +++++++--
|
|
|
|
|
dlls/ntdll/signal_i386.c | 10 ++++++++--
|
|
|
|
|
2 files changed, 15 insertions(+), 4 deletions(-)
|
2018-07-29 19:36:47 -07:00
|
|
|
|
|
|
|
|
diff --git a/dlls/ntdll/exception.c b/dlls/ntdll/exception.c
|
2019-08-19 15:39:18 -07:00
|
|
|
index 3b85f1efa04..411d2bf5b8f 100644
|
2018-07-29 19:36:47 -07:00
|
|
|
--- a/dlls/ntdll/exception.c
|
|
|
|
|
+++ b/dlls/ntdll/exception.c
|
2019-08-19 15:39:18 -07:00
|
|
|
@@ -671,8 +671,13 @@ PRUNTIME_FUNCTION WINAPI RtlLookupFunctionEntry( ULONG_PTR pc, ULONG_PTR *base,
|
2018-07-29 19:36:47 -07:00
|
|
|
*/
|
|
|
|
|
NTSTATUS WINAPI NtContinue( CONTEXT *context, BOOLEAN alert )
|
|
|
|
|
{
|
|
|
|
|
- FIXME( "(%p, %d) stub!\n", context, alert );
|
|
|
|
|
- return STATUS_NOT_IMPLEMENTED;
|
|
|
|
|
+ TRACE( "(%p, %d) stub!\n", context, alert );
|
|
|
|
|
+
|
|
|
|
|
+ /* NtSetContextThread will not have the intended behavior for a partial context. */
|
|
|
|
|
+ if ((context->ContextFlags & CONTEXT_FULL) != CONTEXT_FULL)
|
|
|
|
|
+ return STATUS_NOT_IMPLEMENTED;
|
|
|
|
|
+
|
|
|
|
|
+ return NtSetContextThread( GetCurrentThread(), context );
|
|
|
|
|
}
|
|
|
|
|
|
2019-08-19 15:39:18 -07:00
|
|
|
/*************************************************************
|
2018-07-29 19:36:47 -07:00
|
|
|
diff --git a/dlls/ntdll/signal_i386.c b/dlls/ntdll/signal_i386.c
|
2019-09-18 15:53:36 -07:00
|
|
|
index 87ffd62c8c5..6be23f850ba 100644
|
2018-07-29 19:36:47 -07:00
|
|
|
--- a/dlls/ntdll/signal_i386.c
|
|
|
|
|
+++ b/dlls/ntdll/signal_i386.c
|
2019-09-18 15:53:36 -07:00
|
|
|
@@ -2546,19 +2546,25 @@ __ASM_STDCALL_FUNC( RtlUnwind, 16,
|
2018-07-29 19:36:47 -07:00
|
|
|
__ASM_CFI(".cfi_same_value %ebp\n\t")
|
|
|
|
|
"ret $16" ) /* actually never returns */
|
|
|
|
|
|
|
|
|
|
+NTSTATUS WINAPI __syscall_NtContinue( CONTEXT *context, BOOLEAN alert );
|
|
|
|
|
|
|
|
|
|
/*******************************************************************
|
|
|
|
|
* NtRaiseException (NTDLL.@)
|
2019-09-18 15:53:36 -07:00
|
|
|
*/
|
2018-07-29 19:36:47 -07:00
|
|
|
NTSTATUS WINAPI NtRaiseException( EXCEPTION_RECORD *rec, CONTEXT *context, BOOL first_chance )
|
|
|
|
|
{
|
2019-09-18 15:53:36 -07:00
|
|
|
+ NTSTATUS status;
|
|
|
|
|
+
|
|
|
|
|
if (first_chance)
|
|
|
|
|
{
|
|
|
|
|
- NTSTATUS status = send_debug_event( rec, TRUE, context );
|
|
|
|
|
+ status = send_debug_event( rec, TRUE, context );
|
|
|
|
|
if (status == DBG_CONTINUE || status == DBG_EXCEPTION_HANDLED)
|
|
|
|
|
NtSetContextThread( GetCurrentThread(), context );
|
|
|
|
|
}
|
|
|
|
|
- return raise_exception( rec, context, first_chance );
|
|
|
|
|
+ status = raise_exception( rec, context, first_chance );
|
|
|
|
|
+ if (status == STATUS_SUCCESS)
|
|
|
|
|
+ __syscall_NtContinue(context, FALSE);
|
|
|
|
|
+ return status;
|
2018-07-29 19:36:47 -07:00
|
|
|
}
|
|
|
|
|
|
2019-09-18 15:53:36 -07:00
|
|
|
|
2018-07-29 19:36:47 -07:00
|
|
|
--
|
2019-08-19 15:39:18 -07:00
|
|
|
2.17.1
|
2018-07-29 19:36:47 -07:00
|
|
|
|
