EDN Admin
Well-known member
I have a C function in a Win32 dll built with VS 2005, the purpose of which is to terminate a thread by causing it to throw an exception so that its exception handler has an opportunity to clean up after it (its an alternative to the system TerminateThread
function, which does not trigger the threads exception handler). Basic code is:
<div style="color:Black;background-color:White; <pre>
BOOL WINAPI KillThread( HANDLE hThread )
{
BOOL fSuccess = TRUE;
CONTEXT context;
LONG * pBreak = NULL;
<span style="color:Green; /* Suspend the thread */
<span style="color:Blue; if ( 0xFFFFFFFF == SuspendThread(hThread) )
{
fSuccess = FALSE;
}
<span style="color:Green; /* Get the threads context so we can modify the instruction pointer */
<span style="color:Blue; if ( fSuccess )
{
context.ContextFlags = CONTEXT_CONTROL;
fSuccess = GetThreadContext( hThread, &context );
}
<span style="color:Green; /* Kill the thread by giving it a bad instruction address! */
<span style="color:Blue; if ( fSuccess )
{
pBreak = VirtualAlloc( NULL, <span style="color:Blue; sizeof(LONG)
, MEM_COMMIT, PAGE_EXECUTE_READWRITE );
*pBreak = 0x03; <span style="color:Green; //a break instruction (?)
context.Eip = (DWORD)pBreak;
fSuccess = SetThreadContext( hThread, &context );
}
<span style="color:Green; /*=================================================================
Resume the thread. We expect its exception handler to catch the
error, tidy up and exit the thread.
=================================================================*/
<span style="color:Blue; if ( fSuccess )
{
<span style="color:Blue; if ( 0xFFFFFFFF == ResumeThread(hThread) )
{
fSuccess = FALSE;
}
}
<span style="color:Blue; return fSuccess;
}
[/code]
I need to make this function compatible with WoW64 on Windows Server 2008 R2. Im assuming context.Eip wont work here; can anyone suggest a way of determining the correct use and interpretation of CONTEXT with GetThreadContext and
SetThreadContext at runtime, or any suitable Win32 API implementation of this that will also work in a 64-bit environment?
View the full article
function, which does not trigger the threads exception handler). Basic code is:
<div style="color:Black;background-color:White; <pre>
BOOL WINAPI KillThread( HANDLE hThread )
{
BOOL fSuccess = TRUE;
CONTEXT context;
LONG * pBreak = NULL;
<span style="color:Green; /* Suspend the thread */
<span style="color:Blue; if ( 0xFFFFFFFF == SuspendThread(hThread) )
{
fSuccess = FALSE;
}
<span style="color:Green; /* Get the threads context so we can modify the instruction pointer */
<span style="color:Blue; if ( fSuccess )
{
context.ContextFlags = CONTEXT_CONTROL;
fSuccess = GetThreadContext( hThread, &context );
}
<span style="color:Green; /* Kill the thread by giving it a bad instruction address! */
<span style="color:Blue; if ( fSuccess )
{
pBreak = VirtualAlloc( NULL, <span style="color:Blue; sizeof(LONG)
, MEM_COMMIT, PAGE_EXECUTE_READWRITE );
*pBreak = 0x03; <span style="color:Green; //a break instruction (?)
context.Eip = (DWORD)pBreak;
fSuccess = SetThreadContext( hThread, &context );
}
<span style="color:Green; /*=================================================================
Resume the thread. We expect its exception handler to catch the
error, tidy up and exit the thread.
=================================================================*/
<span style="color:Blue; if ( fSuccess )
{
<span style="color:Blue; if ( 0xFFFFFFFF == ResumeThread(hThread) )
{
fSuccess = FALSE;
}
}
<span style="color:Blue; return fSuccess;
}
[/code]
I need to make this function compatible with WoW64 on Windows Server 2008 R2. Im assuming context.Eip wont work here; can anyone suggest a way of determining the correct use and interpretation of CONTEXT with GetThreadContext and
SetThreadContext at runtime, or any suitable Win32 API implementation of this that will also work in a 64-bit environment?
View the full article