4 files changed, 12 insertions, 38 deletions
diff --git a/miasm2/analysis/sandbox.py b/miasm2/analysis/sandbox.py
index 5132406c..87e84caf 100644
--- a/miasm2/analysis/sandbox.py
+++ b/miasm2/analysis/sandbox.py
@@ -228,8 +228,8 @@ class OS_Win(OS):
             win_api_x86_32_seh.main_pe = self.pe
             win_api_x86_32.winobjs.hcurmodule = self.pe.NThdr.ImageBase
             win_api_x86_32_seh.name2module = self.name2module
-            win_api_x86_32_seh.init_seh(self.jitter)
             win_api_x86_32_seh.set_win_fs_0(self.jitter)
+            win_api_x86_32_seh.init_seh(self.jitter)
 
         self.entry_point = self.pe.rva2virt(
             self.pe.Opthdr.AddressOfEntryPoint)
diff --git a/miasm2/os_dep/win_api_x86_32.py b/miasm2/os_dep/win_api_x86_32.py
index 029af8b5..f381bc95 100644
--- a/miasm2/os_dep/win_api_x86_32.py
+++ b/miasm2/os_dep/win_api_x86_32.py
@@ -34,7 +34,7 @@ from miasm2.core.utils import pck16, pck32, upck32, hexdump, whoami
 from miasm2.os_dep.common import \
     heap, set_str_ansi, set_str_unic, get_str_ansi, get_str_unic, \
     windows_to_sbpath
-from miasm2.os_dep.win_api_x86_32_seh import FS_0_AD
+from miasm2.os_dep.win_api_x86_32_seh import tib_address
 
 log = logging.getLogger("win_api_x86_32")
 console_handler = logging.StreamHandler()
@@ -876,7 +876,7 @@ def kernel32_GetLastError(jitter):
 def kernel32_SetLastError(jitter):
     ret_ad, args = jitter.func_args_stdcall(["errcode"])
     # lasterr addr
-    # ad = FS_0_AD + 0x34
+    # ad = tib_address + 0x34
     # jitter.vm.set_mem(ad, pck32(args.errcode))
     winobjs.lastwin32error = args.errcode
     jitter.func_ret_stdcall(ret_ad, 0)
@@ -1626,7 +1626,7 @@ def kernel32_SetFileAttributesA(jitter):
         ret = 1
     else:
         ret = 0
-        jitter.vm.set_mem(FS_0_AD + 0x34, pck32(3))
+        jitter.vm.set_mem(tib_address + 0x34, pck32(3))
 
     jitter.func_ret_stdcall(ret_ad, ret)
 
diff --git a/miasm2/os_dep/win_api_x86_32_seh.py b/miasm2/os_dep/win_api_x86_32_seh.py
index cfd83729..3b2fdfaa 100644
--- a/miasm2/os_dep/win_api_x86_32_seh.py
+++ b/miasm2/os_dep/win_api_x86_32_seh.py
@@ -46,15 +46,14 @@ console_handler.setFormatter(logging.Formatter("%(levelname)-5s: %(message)s"))
 log.addHandler(console_handler)
 log.setLevel(logging.INFO)
 
-FS_0_AD = 0x7ff70000
+# fs:[0] Page (TIB)
+tib_address = 0x7ff70000
 PEB_AD = 0x7ffdf000
 LDR_AD = 0x340000
 DEFAULT_SEH = 0x7ffff000
 
 MAX_MODULES = 0x40
 
-# fs:[0] Page (TIB)
-tib_address = FS_0_AD
 peb_address = PEB_AD
 peb_ldr_data_offset = 0x1ea0
 peb_ldr_data_address = LDR_AD + peb_ldr_data_offset
@@ -186,33 +185,6 @@ def build_ldr_data(jitter, modules_info):
             LdrDataEntry.get_type().get_offset("InInitializationOrderLinks")
         ldrdata.InInitializationOrderModuleList.blink = 0
 
-    # data += pck32(ntdll_addr_entry + 0x10) + pck32(0)  # XXX TODO fix blink
-
-    """
-    # get main pe info
-    main_pe = modules_info.name2module.get(main_pe_name, None)
-    if not main_pe:
-        log.warn('No main pe, ldr data will be unconsistant')
-        offset, data = offset + 8, ""
-    else:
-        main_addr_entry = modules_info.module2entry[main_pe]
-        log.info('Ldr %x', main_addr_entry)
-        data = pck32(main_addr_entry) + pck32(0)
-        data += pck32(main_addr_entry + 0x8) + pck32(0)  # XXX TODO fix blink
-
-    ntdll_pe = modules_info.name2module.get("ntdll.dll", None)
-    if not ntdll_pe:
-        log.warn('No ntdll, ldr data will be unconsistant')
-    else:
-        ntdll_addr_entry = modules_info.module2entry[ntdll_pe]
-        data += pck32(ntdll_addr_entry + 0x10) + pck32(0)  # XXX TODO fix blink
-
-    if data:
-        jitter.vm.add_memory_page(offset, PAGE_READ | PAGE_WRITE,
-                                  data,
-                                  "Loader struct")
-    """
-
     # Add dummy dll base
     jitter.vm.add_memory_page(peb_ldr_data_address + 0x24,
                               PAGE_READ | PAGE_WRITE, pck32(0),
@@ -438,7 +410,8 @@ def init_seh(jitter):
 
     global seh_count
     seh_count = 0
-    build_teb(jitter, FS_0_AD)
+    tib_ad = jitter.cpu.get_segm_base(jitter.cpu.FS)
+    build_teb(jitter, tib_ad)
     build_peb(jitter, peb_address)
 
     modules_info = create_modules_chain(jitter, name2module)
@@ -632,7 +605,7 @@ def set_win_fs_0(jitter, fs=4):
     @fs: segment selector value
     """
     jitter.cpu.FS = fs
-    jitter.cpu.set_segm_base(fs, FS_0_AD)
+    jitter.cpu.set_segm_base(fs, tib_address)
     segm_to_do = set([x86_regs.FS])
     return segm_to_do
 
diff --git a/test/arch/x86/unit/mn_seh.py b/test/arch/x86/unit/mn_seh.py
index cc8b5cc2..d6fc56ca 100644
--- a/test/arch/x86/unit/mn_seh.py
+++ b/test/arch/x86/unit/mn_seh.py
@@ -3,7 +3,7 @@ import sys
 
 from miasm2.os_dep.win_api_x86_32_seh import fake_seh_handler, build_teb, \
     set_win_fs_0, return_from_exception, EXCEPTION_PRIV_INSTRUCTION, \
-    return_from_seh, FS_0_AD, DEFAULT_SEH
+    return_from_seh, DEFAULT_SEH
 from miasm2.os_dep.win_32_structs import ContextException
 
 from asm_test import Asm_Test_32
@@ -23,8 +23,9 @@ class Test_SEH(Asm_Test_32):
 
     def init_machine(self):
         super(Test_SEH, self).init_machine()
-        build_teb(self.myjit, FS_0_AD)
         set_win_fs_0(self.myjit)
+        tib_ad = self.myjit.cpu.get_segm_base(self.myjit.cpu.FS)
+        build_teb(self.myjit, tib_ad)
         self.myjit.add_exception_handler((1 << 17),
                                          Test_SEH.deal_exception_priv)
         self.myjit.add_breakpoint(return_from_exception, return_from_seh)