diff options
Diffstat (limited to 'examples/dpp-example.c')
| -rw-r--r-- | examples/dpp-example.c | 44 |
1 files changed, 43 insertions, 1 deletions
diff --git a/examples/dpp-example.c b/examples/dpp-example.c index f5a079c..625cbde 100644 --- a/examples/dpp-example.c +++ b/examples/dpp-example.c @@ -1,8 +1,37 @@ #include <ntddk.h> +#include <except.h> + DRIVER_INITIALIZE DriverEntry; DRIVER_UNLOAD DriverUnload; +extern NTSTATUS NTAPI ZwProtectVirtualMemory(_In_ HANDLE ProcessHandle, + _In_ _Out_ PVOID * BaseAddress, + _In_ _Out_ PULONG NumberOfBytesToProtect, + _In_ ULONG NewAccessProtection, + _Out_ PULONG OldAccessProtection); + +int example_exception_handler(_In_ EXCEPTION_POINTERS * lpEP) +{ + (void)lpEP; + DbgPrint("Exception handler called!\n"); + return EXCEPTION_EXECUTE_HANDLER; +} + +static void another_seh_test() +{ + DbgPrint("Another SEH test..\n"); + __dpptry(example_exception_handler, anotherseh) + { + *(int *)0 = 0; + } + __dppexcept(anotherseh) + { + DbgPrint("Success!\n"); + } + __dpptryend(anotherseh); +} + NTSTATUS DriverEntry(struct _DRIVER_OBJECT * DriverObject, PUNICODE_STRING RegistryPath) { (void)DriverObject; @@ -10,7 +39,20 @@ NTSTATUS DriverEntry(struct _DRIVER_OBJECT * DriverObject, PUNICODE_STRING Regis DbgPrint("%s\n", "Hello ring0!"); - // This is bad. Please do not call _disable/_enable in the DriverEntry. + DbgPrint("Testing SEH..\n"); + __dpptry(example_exception_handler, testseh) + { + *(int *)0 = 0; + DbgPrint("You should never see this text!\n"); + } + __dppexcept(testseh) + { + DbgPrint("Success! SEH seems to work.\n"); + } + __dpptryend(testseh); + + another_seh_test(); + DbgPrint("%s\n", "Disable/Enable Interrupts!"); _disable(); _enable(); |