Win32 中的 TIB 访问
[英]TIB access in Win32
问题描述
Digging into the implementation of Win32 API functions that work with TIB, such as:
深入研究使用 TIB 的 Win32 API 函数的实现,例如:
- TLS access functions:
TlsAlloc,TlsFree,TlsSetValue,TlsGetValueTLS 访问函数: TlsAlloc、TlsFree、TlsSetValue、TlsGetValue -
GetLastError,SetLastErrorGetLastError,SetLastError - messaging subsystem:
GetMessage,PeekMessageand etc.消息传递子系统: GetMessage、PeekMessage等。
one finds out that all of they access the TIB (sometimes called TEB) by reading the contents of the fs:[0x18] selector.通过读取fs:[0x18]选择器的内容,发现它们都访问了 TIB(有时称为 TEB)。
OTOH this is unnecessary, since fs register directly points to it. OTOH 这是不必要的,因为fs寄存器直接指向它。 According to this article and what I see in practice, fs register holds the address to the beginning of the TIB structure, whereas at an offset 0x18 it has the pointer to itself.根据这篇文章和我在实践中看到的, fs寄存器保存了 TIB 结构开头的地址,而在偏移量 0x18 处,它具有指向自身的指针。
What could be the reason to access the TIB indirectly nevertheless?尽管如此,间接访问 TIB 的原因可能是什么?
1 个解决方案
解决方案1
3 已采纳 2012-04-01 12:18:48
Any instruction using FS requires an override, which adds a byte to the instruction (and generally requires assembly language to use it at all).任何使用FS指令都需要覆盖,即向指令添加一个字节(并且通常需要汇编语言才能使用它)。 The pointer at FS:18 is (at least if memory serves correctly) based off of DS instead, so it can be used without an override, saving a byte when it's used and (most importantly for many people) can be used directly from a higher level language such as C or C++ instead of requiring assembly language. FS:18处的指针(至少在内存正确的情况下)基于DS ,因此它可以在没有覆盖的情况下使用,在使用时保存一个字节,并且(对许多人来说最重要的是)可以直接从高级语言,如 C 或 C++,而不需要汇编语言。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.