A forum for reverse engineering, OS internals and malware analysis 

exception handling in wdk

Forum for discussion about user-mode development.

exception handling in wdk

 #13120  by native99
 Wed May 09, 2012 1:57 pm
hi everyone

this is my cpp file
Code: Select all
#include <ntddk.h>
#include <exception>

    int __cdecl  main () {
    try
    {
      throw 20;
	
    }
    catch (int e)
    {
    
    }

  return 0;
}
and my sources file:


TARGETNAME = native
TARGETTYPE = PROGRAM
UMTYPE = nt
USER_C_FLAGS=$(USER_C_FLAGS) /EHa
SOURCES = exeption.cpp \

INCLUDES=$(DDK_INC_PATH)
MINWIN_SDK_LIB_PATH=$(SDK_LIB_PATH)
TARGETLIBS=$(NTDLL_CRT) $(SDK_LIB_PATH)\ntdll.lib lib.lib


and my error's are :

error LNK2019: unresolved external symbol ___CxxFrameHandler3 referenced in function __ehhandler$_main

error LNK2019: unresolved external symbol __EH_epilog3 referenced in function __catch$_main$0

error LNK2019: unresolved external symbol __EH_prolog3_catch referenced in function _main

error LNK2019: unresolved external symbol __CxxThrowException@8 referenced in function _main

error LNK2001: unresolved external symbol "const type_info::`vftable'" (??_7type_info@@6B@)

how can i solve the problem ?

Re: exception handling in wdk

 #13121  by xdeadcode
 Wed May 09, 2012 8:18 pm
Hi native99,

First I suggest to read this link http://msdn.microsoft.com/en-us/library ... s.85).aspx
As you see from compiler logs (you attached) linker can't resolve some symbols program want to use - so basically it is because you're not linking proper libraries.
If the goal you want to achive is to use WDK inside usermode application then change your sources file to e.g
Code: Select all
TARGETNAME = native
TARGETTYPE = PROGRAM
UMTYPE = console
USE_MSVCRT=1
USER_C_FLAGS=$(USER_C_FLAGS) /EHa
SOURCES = exception.cpp 

INCLUDES=$(DDK_INC_PATH)
MINWIN_SDK_LIB_PATH=$(SDK_LIB_PATH)
TARGETLIBS=$(NTDLL_CRT) $(SDK_LIB_PATH)\ntdll.lib
(I didn't checked it) - Additionally I suggest to download some pe viewer tool and look at PE optional header into Subsystem field - do it for console app, win32 app and any driver.


Best regards!

Re: exception handling in wdk

 #13122  by newgre
 Wed May 09, 2012 8:56 pm
You're trying to thrown a C++ exception and therefore need the c++ runtime. Also, these are user mode concepts. Why would you use the WDK compilers to build user mode code anyway?

Re: exception handling in wdk

 #13128  by native99
 Thu May 10, 2012 6:42 am
thanks for reply my question
i use wdk because it's easier to build code in native subsystem(i know we can use vc++ and Alex Ionescu has a tutorial on it)
but it's much easier to use wdk so i use it
and the problem is that i need to use exception for my project and i don't know how to use it(the code must work in native subsystem !!)

Re: exception handling in wdk

 #13134  by nullptr
 Thu May 10, 2012 12:51 pm
So you're wanting to write a native boot execute program?
Entry point:-
Code: Select all
void NtProcessStartup(PSTARTUP_ARGUMENT Arg)
{
    // do whatever
    NtTerminateProcess(NtCurrentProcess(), 0);
}
From your sources file: SOURCES = exeption.cpp // Do you mean exceptions.cpp?

Re: exception handling in wdk

 #13145  by noppy
 Fri May 11, 2012 4:18 am
do you try, __try/__except?, like this sample
Code: Select all
#include <ntddk.h>

extern "C"
NTSTATUS
NTAPI
NtDisplayString(
  IN PUNICODE_STRING String 
);

int __cdecl main()
{
	char *p = 0;
	UNICODE_STRING msg;
	
	__try{
		*p = 'a';
	}__except(EXCEPTION_EXECUTE_HANDLER){
		RtlInitUnicodeString(&msg, L"Exception Occurred");
		NtDisplayString(&msg);
	}
	return 0;
}
you also can implement your exception handler if you want :)
http://www.rohitab.com/structured-excep ... y-language
 Return to “User-Mode Development”