Exception handler in MASM64

[GUAN DE DIO]

Hi everybody.

    Anyone has a small piece of code about how to work with exception in asm 64?
    I know that the handling is completely different from 32bit architecture.

Thanks in advance,
GUAN

[japheth]

Here's one supplied with jwasm. It won't work with ml64, because .if and invoke is used, but the exception mechanism probably is the same.

The exception may occur at the IN instruction inside the VMwareInstalled procedure.

Code Select Expand


;--- Win64 console application with exception handler, uses WinInc v2+
;--- assemble: jwasm -c -win64 -Zp8 Win64_5.asm
;--- link: link /subsystem:console /Libpath:\WinInc\Lib64 Win64_5.obj

    option casemap:none
    option frame:auto

    .nolist
    .nocref
WIN32_LEAN_AND_MEAN equ 1
    include \WinInc\Include\windows.inc
    .list
    .cref

    includelib <kernel32.lib>

;--- CStr(): macro function to simplify defining a string

CStr macro Text:VARARG
local szText
    .const
szText  db Text,0
    .code
    exitm <offset szText>
endm

    .CODE

exchdl proc pRecord:ptr, ulframe:qword, pContext:ptr, x4:ptr

    add qword ptr [r8].CONTEXT.Rip_, 1  ;1=size of "in EAX, DX" opcode
    mov eax, 0  ;0=continue execution?
    ret

exchdl endp

VMwareInstalled proc FRAME:exchdl

    mov eax, 0564D5868h
    mov ebx, 08685D465h
    mov ecx, 10
    mov dx, 05658h
    in eax, dx
    cmp ebx, 564D5868h
    setz al
    movzx eax,al
    ret

VMwareInstalled endp

main proc FRAME uses rbx rsi rdi

local dwWritten:DWORD

    invoke GetStdHandle,STD_OUTPUT_HANDLE
    mov rbx,rax
    invoke VMwareInstalled
    .if ( eax )
        lea rsi, CStr("running in VMware",13,10)
    .else
        lea rsi, CStr("NOT running in VMware",13,10)
    .endif
    invoke lstrlen, rsi
    mov edi, eax
    invoke WriteConsoleA, rbx, rsi, edi, addr dwWritten, 0
    ret

main endp

mainCRTStartup proc FRAME
    invoke main
    invoke ExitProcess, eax
mainCRTStartup endp

    END mainCRTStartup


[GUAN DE DIO]

Thanks for the code.

don't worry about .if and invoke macros, I uses custom macros to support them in ml64, but I have a doubt with this code.

If I understand well, in this way you take under control when an exception occur into the whole function, in this case into VMwareInstalled.
Is there a way to control only a piece of code like SEH in masm32?

Best Regards,
GUAN

[japheth]

If I understand well, in this way you take under control when an exception occur into the whole function, in this case into VMwareInstalled.
Is there a way to control only a piece of code like SEH in masm32?

I'm afraid this isn't possible. As you can see, the exception handler address is defined with the FRAME keyword, and this keyword is accepted only in the PROC directive.

[GUAN DE DIO]

OK Thanks

[GUAN DE DIO]

Hi japheth,

     Currently, I have problem using @IF macro, and I'm evaluating to use wjasm.
     I think the code in masm is 1x1 wjasm and the change is easer, isn't it?

      In another way, I download wjasm and I miss the .lib and .inc necessary for working with APIs. Can I used the .lib and inc from MASM?

       Any link to know how I must compile to make and .exe or .dll ?

Thanks in advances,
GUAN