Zebediah Figura <z.figura12(a)gmail.com> wrote:
+typedef enum _UNWIND_OP_CODES +{ + UWOP_PUSH_NONVOL = 0, + UWOP_ALLOC_LARGE, + UWOP_ALLOC_SMALL, + UWOP_SET_FPREG, + UWOP_SAVE_NONVOL, + UWOP_SAVE_NONVOL_FAR, + UWOP_SAVE_XMM128, + UWOP_SAVE_XMM128_FAR, + UWOP_PUSH_MACHFRAME +} UNWIND_CODE_OPS;
This typedef is confusing (different tag and type names) and not used.
+typedef union _UNWIND_CODE +{ + struct + { + BYTE CodeOffset; + BYTE UnwindOp : 4; + BYTE OpInfo : 4; + } u;
'u' is confusing as an embedded structure name.
+ USHORT FrameOffset; +} UNWIND_CODE, *PUNWIND_CODE;
PUNWIND_CODE is not used.
+typedef struct _UNWIND_INFO +{ + BYTE Version : 3; + BYTE Flags : 5; + BYTE SizeOfProlog; + BYTE CountOfCodes; + BYTE FrameRegister : 4; + BYTE FrameOffset : 4; + UNWIND_CODE UnwindCode[1]; /* actually CountOfCodes (aligned) */ +/* + * union + * { + * OPTIONAL ULONG ExceptionHandler; + * OPTIONAL ULONG FunctionEntry; + * }; + * OPTIONAL ULONG ExceptionData[]; + */ +} UNWIND_INFO, *PUNWIND_INFO;
PUNWIND_INFO is not used.
+ buf[16] = 0xff; + buf[17] = 0x25; + *(ULONG *)&buf[18] = 0; + *(void **)&buf[22] = handler;
It would be helpful to provide an assembler mnemonic for the generated code above in the comment (/* jmp near */ in this case). -- Dmitry.