Could someone explain about large fs:0?

Question

:0378CED0                 push    ebp    
:0378CED1                 mov     ebp, esp     
:0378CED3                 push    0FFFFFFFFh    
:0378CED5                 push    3927B50h    
:0378CEDA                 push    38DB344h   
:0378CEDF                 mov     eax, large fs:0    
:0378CEE5                 push    eax   
:0378CEE6                 mov     large fs:0, esp   
:0378CEED                 add     esp, 0FFFFF928h   
:0378CEF3                 push    ebx   
:0378CEF4                 push    esi   
:0378CEF5                 push    edi   
:0378CEF6                 mov     [ebp+var_18], esp   
:0378CEF9                 mov     [ebp+var_20], 1   
:0378CF00                 mov     [ebp+var_1C], 0   
:0378CF07                 mov     eax, [ebp+arg_8]    
:0378CF0A                 mov     [ebp+var_230], eax   
:0378CF10                 mov     [ebp+var_22C], 0   
:0378CF1A                 mov     [ebp+var_4], 0   
:0378CF21                 jmp     loc_3B62B79   

I can't understand what it means from 0378CEDF to 0378CEE6. Please someone explain this... Thanks.

Answer 1

On windows the segment register FS points to the Win32 Thread Information Block. http://en.wikipedia.org/wiki/Win32_Thread_Information_Block

so if this is code is from a win32 app then 0378CEDF to 0378CEE6 is saving FS:0 (SEH frame) and then overwriting it with whatever's in esp.