diff options
| author | Ajax <commial@gmail.com> | 2016-06-23 17:41:51 +0200 |
|---|---|---|
| committer | Ajax <commial@gmail.com> | 2016-09-01 14:44:38 +0200 |
| commit | b266351be7cd6dd67f13d58bdbda73ac69433f2e (patch) | |
| tree | 18b4c04051bd44294758036162187b33ea792792 | |
| parent | 416cb0fe68df605375eac72f0a85ee17bfcc7f6d (diff) | |
| download | miasm-b266351be7cd6dd67f13d58bdbda73ac69433f2e.tar.gz miasm-b266351be7cd6dd67f13d58bdbda73ac69433f2e.zip | |
From MSDN, SEH valid values are only 0 and 1
| -rw-r--r-- | miasm2/os_dep/win_api_x86_32_seh.py | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/miasm2/os_dep/win_api_x86_32_seh.py b/miasm2/os_dep/win_api_x86_32_seh.py index 5cf96234..962d315f 100644 --- a/miasm2/os_dep/win_api_x86_32_seh.py +++ b/miasm2/os_dep/win_api_x86_32_seh.py @@ -684,9 +684,14 @@ def return_from_seh(jitter): jitter.pc = jitter.cpu.EIP log.info('Context::Eip: %x', jitter.pc) - elif jitter.cpu.EAX == -1: - raise NotImplementedError("-> seh try to go to the next handler") - elif jitter.cpu.EAX == 1: # ExceptionContinueSearch raise NotImplementedError("-> seh, gameover") + + else: + # https://msdn.microsoft.com/en-us/library/aa260344%28v=vs.60%29.aspx + # But the type _EXCEPTION_DISPOSITION may take 2 others values: + # - ExceptionNestedException = 2 + # - ExceptionCollidedUnwind = 3 + raise ValueError("Valid values are ExceptionContinueExecution and " + "ExceptionContinueSearch") |