With this sample: 16d1d189a2bdcff3389b83dcf767152722cf66d445990c4d8dd1bde4ab6aec57
It install vector exception handler, by RemoveVectoredExceptionHandler, then AddVectoredExceptionHandler, and execute int 3 to redirect execution to new VectorExceptionHandler
In speaky easy code, speakeasy\windows\winemu.py, class WindowsEmulator, method _hook_interrupt don't check VectorExceptionHandler list and call proc in that list to handler interrupt.
I have made some changes in kernel32.py and win32.py to add RemoveVectoredExceptionHandler API:
@apihook('RemoveVectoredExceptionHandler', argc=1)
def RemoveVectoredExceptionHandler(self, emu, argv, ctx={}):
'''
ULONG RemoveVectoredExceptionHandler(
PVOID Handle);
'''
Handler = argv
emu.remove_vectored_exception_handler(Handler)
return 1
And:
def remove_vectored_exception_handler(self, handler):
"""
Remove a vectored exception handler
"""
if handler in self.veh_handlers: # check the handler existed in the self.veh_handlers list
self.veh_handlers.remove(handler)
Hope you will fix this bug in method _hook_interrupt soon
Thanks
With this sample: 16d1d189a2bdcff3389b83dcf767152722cf66d445990c4d8dd1bde4ab6aec57
It install vector exception handler, by RemoveVectoredExceptionHandler, then AddVectoredExceptionHandler, and execute int 3 to redirect execution to new VectorExceptionHandler
In speaky easy code, speakeasy\windows\winemu.py, class WindowsEmulator, method _hook_interrupt don't check VectorExceptionHandler list and call proc in that list to handler interrupt.
I have made some changes in kernel32.py and win32.py to add RemoveVectoredExceptionHandler API:
And:
Hope you will fix this bug in method _hook_interrupt soon
Thanks