> Here's the C code I wrote from the disassembler output. It might not be > correct, and might not even compile, but the idea is there. I'll look into this later
> Where can I find some doc about how the fs and gs registers are used ? under windows, $fs always refer to the teb (threab environment block) usually, the way to get the linear address is to use the $fs[0x18] (which stores the linear address (flat model) of the teb) look into include/thread for a more precise description of the teb fields HTH A+
