Windows 2000の NTOSKERNEL.EXE に無い 関数を退避する
Windows 2000のコアカーネルに無い関数でよく自前で処理する関数のメモです。
WINAPI _alldvrm(a,b,c,d);
WINAPI _aulldvrm(a,b,c,d);
WINAPI _vsnwprintf(a,b,c,d);
_alldvrm:
| 57 push edi 56 push esi 55 push ebp 33FF xor edi,edi 33ED xor ebp,ebp 8B442414 mov eax,[esp+14h] 0BC0 or eax,eax 7D15 jge L1 47 inc edi 45 inc ebp 8B542410 mov edx,[esp+10h] F7D8 neg eax F7DA neg edx 83D800 sbb eax,00000000h 89442414 mov [esp+14h],eax 89542410 mov [esp+10h],edx L1: 8B44241C mov eax,[esp+1Ch] 0BC0 or eax,eax 7D14 jge L2 47 inc edi 8B542418 mov edx,[esp+18h] F7D8 neg eax F7DA neg edx 83D800 sbb eax,00000000h 8944241C mov [esp+1Ch],eax 89542418 mov [esp+18h],edx L2: 0BC0 or eax,eax 7528 jnz L3 8B4C2418 mov ecx,[esp+18h] 8B442414 mov eax,[esp+14h] 33D2 xor edx,edx F7F1 div ecx 8BD8 mov ebx,eax 8B442410 mov eax,[esp+10h] F7F1 div ecx 8BF0 mov esi,eax 8BC3 mov eax,ebx F7642418 mul [esp+18h] 8BC8 &nbs p; mov ecx,eax 8BC6 mov eax,esi F7642418 mul [esp+18h] 03D1 add edx,ecx EB47 jmp L4 L3: 8BD8 mov ebx,eax 8B4C2418 mov ecx,[esp+18h] 8B542414 mov edx,[esp+14h] 8B442410 mov eax,[esp+10h] L5: D1EB shr ebx,1 D1D9 rcr ecx,1 D1EA shr edx,1 D1D8 rcr eax,1 0BDB or ebx,ebx 75F4 jnz L5 F7F1 div ecx 8BF0 mov esi,eax F764241C mul [esp+1Ch] 8BC8 mov ecx,eax 8B442418 mov eax,[esp+18h] F7E6 mul esi 03D1 add edx,ecx 720E jc L6 3B542414 cmp edx,[esp+14h] 7708 ja L6 720F jc L7 3B442410 cmp eax,[esp+10h] 7609 jbe L7 L6: 4E dec esi 2B442418 sub eax,[esp+18h] 1B54241C sbb edx,[esp+1Ch] L7: 33DB xor ebx,ebx L4: 2B442410 sub eax,[esp+10h] 1B542414 sbb edx,[esp+14h] 4D dec ebp 7907 jns L8 F7DA &nb sp; neg edx F7D8 neg eax 83DA00 sbb edx,00000000h L8: 8BCA mov ecx,edx 8BD3 mov edx,ebx 8BD9 mov ebx,ecx 8BC8 mov ecx,eax 8BC6 mov eax,esi 4F dec edi 7507 jnz L9 F7DA neg edx F7D8 neg eax 83DA00 sbb edx,00000000h L9: 5D pop ebp 5E pop esi 5F pop edi C21000 retn 0010h |
_aulldvrm:
| 56 push esi 8B442414 mov eax,[esp+14h] 0BC0 or eax,eax 7528 jnz L1 8B4C2410 mov ecx,[esp+10h] 8B44240C mov eax,[esp+0Ch] 33D2 xor edx,edx F7F1 div ecx 8BD8 mov ebx,eax 8B442408 mov eax,[esp+08h] F7F1 div ecx 8BF0 mov esi,eax 8BC3 mov eax,ebx F7642410 mul [esp+10h] 8BC8 mov ecx,eax 8BC6 mov eax,esi F7642410 mul [esp+10h] 03D1 add edx,ecx EB47 jmp L2 L1: 8BC8 mov ecx,eax 8B5C2410 &nb sp; mov ebx,[esp+10h] 8B54240C mov edx,[esp+0Ch] 8B442408 mov eax,[esp+08h] L3: D1E9 shr ecx,1 D1DB rcr ebx,1 D1EA shr edx,1 D1D8 rcr eax,1 0BC9 or ecx,ecx 75F4 jnz L3 F7F3 div ebx 8BF0 mov esi,eax F7642414 mul [esp+14h] 8BC8 mov ecx,eax 8B442410 mov eax,[esp+10h] F7E6 mul esi 03D1 add edx,ecx 720E jc L4 3B54240C cmp edx,[esp+0Ch] 7708 ja L4 720F jc L5 3B442408 cmp eax,[esp+08h] 7609 jbe L5 L4: 4E dec esi 2B442410 sub eax,[esp+10h] 1B542414 sbb edx,[esp+14h] L5: 33DB xor ebx,ebx L2: 2B442408 sub eax,[esp+08h] 1B54240C sbb edx,[esp+0Ch] F7DA neg edx F7D8 neg eax 83DA00 sbb edx,00000000h 8BCA mov ecx,edx 8BD3 mov edx,ebx 8BD9 mov ebx,ecx 8BC8 mov ecx,eax 8BC6 mov eax,esi 5E pop esi C21000 &nbs p; retn 0010h |
_vsnwprintf
| push DWORD PTR[esp+4] push DWORD PTR[esp+4] push DWORD PTR[esp+4] mov eax,DWORD PTR[esp+4] push DWORD PTR[eax] call DWORD PTR[_snwprintf] retn 0x10 |
多分、この辺りの置換で動くはず。
Translate
Comments