18 Mar
2002
18 Mar
'02
10:49 p.m.
Here's the C code I wrote from the disassembler output. It might not be correct, and might not even compile, but the idea is there. I'll look into this later
Where can I find some doc about how the fs and gs registers are used ? under windows, $fs always refer to the teb (threab environment block) usually, the way to get the linear address is to use the $fs[0x18] (which stores the linear address (flat model) of the teb) look into include/thread for a more precise description of the teb fields
HTH A+