You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2219 lines
74 KiB
2219 lines
74 KiB
; Listing generated by Microsoft (R) Optimizing Compiler Version 19.27.29111.0
|
|
|
|
include listing.inc
|
|
|
|
INCLUDELIB MSVCRTD
|
|
INCLUDELIB OLDNAMES
|
|
|
|
msvcjmc SEGMENT
|
|
__B2D2BA86_ctype@h DB 01H
|
|
__79C7FC57_basetsd@h DB 01H
|
|
__1FEB9909_corecrt_memcpy_s@h DB 01H
|
|
__A751F051_corecrt_memory@h DB 01H
|
|
__9200769A_corecrt_wstring@h DB 01H
|
|
__32E5F013_string@h DB 01H
|
|
__D545DD43_guiddef@h DB 01H
|
|
__D5DDFBF3_winnt@h DB 01H
|
|
__439612F0_processthreadsapi@h DB 01H
|
|
__5733279A_memoryapi@h DB 01H
|
|
__D4435474_winerror@h DB 01H
|
|
__B3ED30D4_winbase@h DB 01H
|
|
__DB057BA3_winuser@h DB 01H
|
|
__A7113148_winioctl@h DB 01H
|
|
__B49664B7_stdlib@h DB 01H
|
|
__EC5BC72C_propidl@h DB 01H
|
|
__6DA674A0_oleauto@h DB 01H
|
|
__A118E6DC_stralign@h DB 01H
|
|
__8906660C_vcruntime_new@h DB 01H
|
|
__A2143F22_corecrt_stdio_config@h DB 01H
|
|
__829E1958_corecrt_wstdio@h DB 01H
|
|
__6DFAE8B8_stdio@h DB 01H
|
|
__C6E16F6F_corecrt_wconio@h DB 01H
|
|
__6D390390_corecrt_wio@h DB 01H
|
|
__1157D6BA_corecrt_wtime@h DB 01H
|
|
__1DC1E279_stat@h DB 01H
|
|
__93DC0B45_wchar@h DB 01H
|
|
__5DDA4519_cstddef DB 01H
|
|
__741AE07E_corecrt_math@h DB 01H
|
|
__F8119FB4_cstdlib DB 01H
|
|
__F2870A2C_limits DB 01H
|
|
__85A9AA98_type_traits DB 01H
|
|
__20BB4341_malloc@h DB 01H
|
|
__E75714E4_vcruntime_exception@h DB 01H
|
|
__E4152856_exception DB 01H
|
|
__4324C6B3_xutility DB 01H
|
|
__A58979FC_xmemory DB 01H
|
|
__AC6CB2D0_tuple DB 01H
|
|
__E0552A5D_xpolymorphic_allocator@h DB 01H
|
|
__D15AFF60_xstring DB 01H
|
|
__3AFA803E_string DB 01H
|
|
__0A4FAB91_cmath DB 01H
|
|
__6D5B120B_stdexcept DB 01H
|
|
__160863A3_xcall_once@h DB 01H
|
|
__99B256EE_atomic DB 01H
|
|
__A9557183_system_error DB 01H
|
|
__FB364CBD_vcruntime_typeinfo@h DB 01H
|
|
__33FB35AA_typeinfo DB 01H
|
|
__4E2906A2_memory DB 01H
|
|
__626C51AD_xfacet DB 01H
|
|
__2C72D662_xlocinfo DB 01H
|
|
__0E648B51_xlocale DB 01H
|
|
__1597A171_xiosbase DB 01H
|
|
__90E3ED46_xlocnum DB 01H
|
|
__165C22CB_ios DB 01H
|
|
__BB81F87E_xlocmon DB 01H
|
|
__A0B61CF9_time@h DB 01H
|
|
__886F7F70_xloctime DB 01H
|
|
__296E625F_xed-util@h DB 01H
|
|
__642E1CAE_xed-iform-map@h DB 01H
|
|
__5ABB6AAF_xed-inst@h DB 01H
|
|
__24115468_xed-flags@h DB 01H
|
|
__818AA54B_xed-operand-accessors@h DB 01H
|
|
__A4754044_xed-state@h DB 01H
|
|
__73AE08D0_xed-encode@h DB 01H
|
|
__CDA14B9B_xed-encoder-hl@h DB 01H
|
|
__5981B539_xed-decoded-inst-api@h DB 01H
|
|
__9DFA3906_RipMovInst@cpp DB 01H
|
|
__7EA464AF_istream DB 01H
|
|
__1D745195_ostream DB 01H
|
|
__6FFBAAB7_streambuf DB 01H
|
|
__528871F3_iterator DB 01H
|
|
__3E6EDFAA_iosfwd DB 01H
|
|
__CF1C1A3F_utility DB 01H
|
|
__38038D2D_xstddef DB 01H
|
|
__EE19A480_xatomic@h DB 01H
|
|
msvcjmc ENDS
|
|
PUBLIC ?__empty_global_delete@@YAXPEAX@Z ; __empty_global_delete
|
|
PUBLIC ?__empty_global_delete@@YAXPEAX_K@Z ; __empty_global_delete
|
|
PUBLIC ?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z ; __empty_global_delete
|
|
PUBLIC ?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z ; __empty_global_delete
|
|
PUBLIC wmemcpy
|
|
PUBLIC ??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z ; std::_Maklocstr<wchar_t>
|
|
PUBLIC ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs
|
|
PUBLIC ??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z ; std::_Maklocstr<char>
|
|
PUBLIC ??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z ; std::time_get<char,std::istreambuf_iterator<char,std::char_traits<char> > >::_Getvals<wchar_t>
|
|
PUBLIC ??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z ; std::time_get<wchar_t,std::istreambuf_iterator<wchar_t,std::char_traits<wchar_t> > >::_Getvals<wchar_t>
|
|
PUBLIC ?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z ; JitEmitRipRelativeMovD
|
|
PUBLIC ?JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z ; JitEmitRipRelativeMovW
|
|
PUBLIC ?JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z ; JitEmitRipRelativeMovB
|
|
PUBLIC __JustMyCode_Default
|
|
PUBLIC ??_C@_0GI@DEICPIDJ@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ ; `string'
|
|
PUBLIC ?__LINE__Var@?0??_Maklocwcs@std@@YAPEA_WPEB_W@Z@4JA ; `std::_Maklocwcs'::`1'::__LINE__Var
|
|
PUBLIC ??_C@_0GI@LHMPPKJI@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ ; `string'
|
|
PUBLIC ??_C@_0N@LPFKKEBD@?3AM?3am?3PM?3pm@ ; `string'
|
|
PUBLIC ??_C@_1BK@MHIKGOKE@?$AA?3?$AAA?$AAM?$AA?3?$AAa?$AAm?$AA?3?$AAP?$AAM?$AA?3?$AAp?$AAm@ ; `string'
|
|
EXTRN ??2@YAPEAX_K@Z:PROC ; operator new
|
|
EXTRN ??3@YAXPEAX_K@Z:PROC ; operator delete
|
|
EXTRN memcpy:PROC
|
|
EXTRN __imp_wcslen:PROC
|
|
EXTRN strlen:PROC
|
|
EXTRN __imp__calloc_dbg:PROC
|
|
EXTRN ?_Xbad_alloc@std@@YAXXZ:PROC ; std::_Xbad_alloc
|
|
EXTRN _Mbrtowc:PROC
|
|
EXTRN __imp_?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ:PROC
|
|
EXTRN __imp_?_Getdays@_Locinfo@std@@QEBAPEBDXZ:PROC
|
|
EXTRN __imp_?_Getmonths@_Locinfo@std@@QEBAPEBDXZ:PROC
|
|
EXTRN __imp_?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ:PROC
|
|
EXTRN __imp_?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ:PROC
|
|
EXTRN xed_decode:PROC
|
|
EXTRN ??0_NATIVE_CODE_LINK@@QEAA@KPEAXKH@Z:PROC ; _NATIVE_CODE_LINK::_NATIVE_CODE_LINK
|
|
EXTRN ?NcAppendToBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@@Z:PROC ; NcAppendToBlock
|
|
EXTRN _RTC_CheckStackVars:PROC
|
|
EXTRN _RTC_InitBase:PROC
|
|
EXTRN _RTC_Shutdown:PROC
|
|
EXTRN __CheckForDebuggerJustMyCode:PROC
|
|
EXTRN __CxxFrameHandler4:PROC
|
|
EXTRN __GSHandlerCheck:PROC
|
|
EXTRN __GSHandlerCheck_EH4:PROC
|
|
EXTRN __security_check_cookie:PROC
|
|
EXTRN __security_cookie:QWORD
|
|
; COMDAT pdata
|
|
pdata SEGMENT
|
|
$pdata$?__empty_global_delete@@YAXPEAX@Z DD imagerel $LN3
|
|
DD imagerel $LN3+65
|
|
DD imagerel $unwind$?__empty_global_delete@@YAXPEAX@Z
|
|
pdata ENDS
|
|
; COMDAT pdata
|
|
pdata SEGMENT
|
|
$pdata$?__empty_global_delete@@YAXPEAX_K@Z DD imagerel $LN3
|
|
DD imagerel $LN3+70
|
|
DD imagerel $unwind$?__empty_global_delete@@YAXPEAX_K@Z
|
|
pdata ENDS
|
|
; COMDAT pdata
|
|
pdata SEGMENT
|
|
$pdata$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z DD imagerel $LN3
|
|
DD imagerel $LN3+70
|
|
DD imagerel $unwind$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z
|
|
pdata ENDS
|
|
; COMDAT pdata
|
|
pdata SEGMENT
|
|
$pdata$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z DD imagerel $LN3
|
|
DD imagerel $LN3+75
|
|
DD imagerel $unwind$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z
|
|
pdata ENDS
|
|
; COMDAT pdata
|
|
pdata SEGMENT
|
|
$pdata$wmemcpy DD imagerel $LN3
|
|
DD imagerel $LN3+106
|
|
DD imagerel $unwind$wmemcpy
|
|
pdata ENDS
|
|
; COMDAT pdata
|
|
pdata SEGMENT
|
|
$pdata$??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z DD imagerel $LN12
|
|
DD imagerel $LN12+584
|
|
DD imagerel $unwind$??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z
|
|
pdata ENDS
|
|
; COMDAT pdata
|
|
pdata SEGMENT
|
|
$pdata$?_Maklocwcs@std@@YAPEA_WPEB_W@Z DD imagerel $LN4
|
|
DD imagerel $LN4+165
|
|
DD imagerel $unwind$?_Maklocwcs@std@@YAPEA_WPEB_W@Z
|
|
pdata ENDS
|
|
; COMDAT pdata
|
|
pdata SEGMENT
|
|
$pdata$??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z DD imagerel $LN7
|
|
DD imagerel $LN7+223
|
|
DD imagerel $unwind$??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z
|
|
pdata ENDS
|
|
; COMDAT pdata
|
|
pdata SEGMENT
|
|
$pdata$??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z DD imagerel $LN5
|
|
DD imagerel $LN5+379
|
|
DD imagerel $unwind$??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z
|
|
pdata ENDS
|
|
; COMDAT pdata
|
|
pdata SEGMENT
|
|
$pdata$??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z DD imagerel $LN5
|
|
DD imagerel $LN5+379
|
|
DD imagerel $unwind$??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z
|
|
pdata ENDS
|
|
; COMDAT pdata
|
|
pdata SEGMENT
|
|
$pdata$?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z DD imagerel $LN6
|
|
DD imagerel $LN6+389
|
|
DD imagerel $unwind$?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z
|
|
pdata ENDS
|
|
; COMDAT pdata
|
|
pdata SEGMENT
|
|
$pdata$?dtor$0@?0??JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA DD imagerel ?dtor$0@?0??JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA
|
|
DD imagerel ?dtor$0@?0??JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA+44
|
|
DD imagerel $unwind$?dtor$0@?0??JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA
|
|
pdata ENDS
|
|
; COMDAT pdata
|
|
pdata SEGMENT
|
|
$pdata$?JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z DD imagerel $LN6
|
|
DD imagerel $LN6+385
|
|
DD imagerel $unwind$?JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z
|
|
pdata ENDS
|
|
; COMDAT pdata
|
|
pdata SEGMENT
|
|
$pdata$?dtor$0@?0??JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA DD imagerel ?dtor$0@?0??JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA
|
|
DD imagerel ?dtor$0@?0??JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA+44
|
|
DD imagerel $unwind$?dtor$0@?0??JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA
|
|
pdata ENDS
|
|
; COMDAT pdata
|
|
pdata SEGMENT
|
|
$pdata$?JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z DD imagerel $LN6
|
|
DD imagerel $LN6+369
|
|
DD imagerel $unwind$?JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z
|
|
pdata ENDS
|
|
; COMDAT pdata
|
|
pdata SEGMENT
|
|
$pdata$?dtor$0@?0??JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA DD imagerel ?dtor$0@?0??JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA
|
|
DD imagerel ?dtor$0@?0??JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA+44
|
|
DD imagerel $unwind$?dtor$0@?0??JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA
|
|
pdata ENDS
|
|
; COMDAT rtc$TMZ
|
|
rtc$TMZ SEGMENT
|
|
_RTC_Shutdown.rtc$TMZ DQ FLAT:_RTC_Shutdown
|
|
rtc$TMZ ENDS
|
|
; COMDAT rtc$IMZ
|
|
rtc$IMZ SEGMENT
|
|
_RTC_InitBase.rtc$IMZ DQ FLAT:_RTC_InitBase
|
|
rtc$IMZ ENDS
|
|
; COMDAT ??_C@_1BK@MHIKGOKE@?$AA?3?$AAA?$AAM?$AA?3?$AAa?$AAm?$AA?3?$AAP?$AAM?$AA?3?$AAp?$AAm@
|
|
CONST SEGMENT
|
|
??_C@_1BK@MHIKGOKE@?$AA?3?$AAA?$AAM?$AA?3?$AAa?$AAm?$AA?3?$AAP?$AAM?$AA?3?$AAp?$AAm@ DB ':'
|
|
DB 00H, 'A', 00H, 'M', 00H, ':', 00H, 'a', 00H, 'm', 00H, ':', 00H
|
|
DB 'P', 00H, 'M', 00H, ':', 00H, 'p', 00H, 'm', 00H, 00H, 00H ; `string'
|
|
CONST ENDS
|
|
; COMDAT ??_C@_0N@LPFKKEBD@?3AM?3am?3PM?3pm@
|
|
CONST SEGMENT
|
|
??_C@_0N@LPFKKEBD@?3AM?3am?3PM?3pm@ DB ':AM:am:PM:pm', 00H ; `string'
|
|
CONST ENDS
|
|
; COMDAT ??_C@_0GI@LHMPPKJI@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@
|
|
CONST SEGMENT
|
|
??_C@_0GI@LHMPPKJI@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ DB 'C:\Pro'
|
|
DB 'gram Files (x86)\Microsoft Visual Studio\2019\Community\VC\To'
|
|
DB 'ols\MSVC\14.27.29110\include\xlocnum', 00H ; `string'
|
|
CONST ENDS
|
|
; COMDAT ?__LINE__Var@?0??_Maklocwcs@std@@YAPEA_WPEB_W@Z@4JA
|
|
_DATA SEGMENT
|
|
?__LINE__Var@?0??_Maklocwcs@std@@YAPEA_WPEB_W@Z@4JA DD 05aH ; `std::_Maklocwcs'::`1'::__LINE__Var
|
|
_DATA ENDS
|
|
; COMDAT ??_C@_0GI@DEICPIDJ@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@
|
|
CONST SEGMENT
|
|
??_C@_0GI@DEICPIDJ@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@ DB 'C:\Pro'
|
|
DB 'gram Files (x86)\Microsoft Visual Studio\2019\Community\VC\To'
|
|
DB 'ols\MSVC\14.27.29110\include\xlocale', 00H ; `string'
|
|
CONST ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$unwind$?dtor$0@?0??JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA DD 031001H
|
|
DD 0700c4210H
|
|
DD 0500bH
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$ip2state$?JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z DB 06H
|
|
DB 00H
|
|
DB 00H
|
|
DB 0faH
|
|
DB 02H
|
|
DB 09eH
|
|
DB 00H
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$stateUnwindMap$?JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z DB 02H
|
|
DB 0eH
|
|
DD imagerel ?dtor$0@?0??JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$cppxdata$?JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z DB 028H
|
|
DD imagerel $stateUnwindMap$?JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z
|
|
DD imagerel $ip2state$?JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$unwind$?JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z DD 035054419H
|
|
DD 0117331cH
|
|
DD 070100031H
|
|
DD 0500fH
|
|
DD imagerel __GSHandlerCheck_EH4
|
|
DD imagerel $cppxdata$?JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z
|
|
DD 0172H
|
|
xdata ENDS
|
|
; COMDAT CONST
|
|
CONST SEGMENT
|
|
?JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z$rtcName$0 DB 052H ; JitEmitRipRelativeMovB
|
|
DB 061H
|
|
DB 077H
|
|
DB 044H
|
|
DB 061H
|
|
DB 074H
|
|
DB 061H
|
|
DB 00H
|
|
ORG $+8
|
|
?JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z$rtcVarDesc DD 034H ; JitEmitRipRelativeMovB
|
|
DD 07H
|
|
DQ FLAT:?JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z$rtcName$0
|
|
ORG $+48
|
|
?JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z$rtcFrameData DD 01H ; JitEmitRipRelativeMovB
|
|
DD 00H
|
|
DQ FLAT:?JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z$rtcVarDesc
|
|
CONST ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$unwind$?dtor$0@?0??JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA DD 031001H
|
|
DD 0700c4210H
|
|
DD 0500bH
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$ip2state$?JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z DB 06H
|
|
DB 00H
|
|
DB 00H
|
|
DB 015H, 02H
|
|
DB 02H
|
|
DB 09eH
|
|
DB 00H
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$stateUnwindMap$?JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z DB 02H
|
|
DB 0eH
|
|
DD imagerel ?dtor$0@?0??JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$cppxdata$?JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z DB 028H
|
|
DD imagerel $stateUnwindMap$?JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z
|
|
DD imagerel $ip2state$?JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$unwind$?JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z DD 035054419H
|
|
DD 0117331cH
|
|
DD 070100033H
|
|
DD 0500fH
|
|
DD imagerel __GSHandlerCheck_EH4
|
|
DD imagerel $cppxdata$?JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z
|
|
DD 0182H
|
|
xdata ENDS
|
|
; COMDAT CONST
|
|
CONST SEGMENT
|
|
?JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z$rtcName$0 DB 052H ; JitEmitRipRelativeMovW
|
|
DB 061H
|
|
DB 077H
|
|
DB 044H
|
|
DB 061H
|
|
DB 074H
|
|
DB 061H
|
|
DB 00H
|
|
ORG $+8
|
|
?JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z$rtcVarDesc DD 038H ; JitEmitRipRelativeMovW
|
|
DD 09H
|
|
DQ FLAT:?JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z$rtcName$0
|
|
ORG $+48
|
|
?JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z$rtcFrameData DD 01H ; JitEmitRipRelativeMovW
|
|
DD 00H
|
|
DQ FLAT:?JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z$rtcVarDesc
|
|
CONST ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$unwind$?dtor$0@?0??JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA DD 031001H
|
|
DD 0700c4210H
|
|
DD 0500bH
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$ip2state$?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z DB 06H
|
|
DB 00H
|
|
DB 00H
|
|
DB '%', 02H
|
|
DB 02H
|
|
DB 09eH
|
|
DB 00H
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$stateUnwindMap$?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z DB 02H
|
|
DB 0eH
|
|
DD imagerel ?dtor$0@?0??JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$cppxdata$?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z DB 028H
|
|
DD imagerel $stateUnwindMap$?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z
|
|
DD imagerel $ip2state$?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$unwind$?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z DD 035054419H
|
|
DD 0117331cH
|
|
DD 070100033H
|
|
DD 0500fH
|
|
DD imagerel __GSHandlerCheck_EH4
|
|
DD imagerel $cppxdata$?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z
|
|
DD 0182H
|
|
xdata ENDS
|
|
; COMDAT CONST
|
|
CONST SEGMENT
|
|
?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z$rtcName$0 DB 052H ; JitEmitRipRelativeMovD
|
|
DB 061H
|
|
DB 077H
|
|
DB 044H
|
|
DB 061H
|
|
DB 074H
|
|
DB 061H
|
|
DB 00H
|
|
ORG $+8
|
|
?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z$rtcVarDesc DD 038H ; JitEmitRipRelativeMovD
|
|
DD 0aH
|
|
DQ FLAT:?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z$rtcName$0
|
|
ORG $+48
|
|
?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z$rtcFrameData DD 01H ; JitEmitRipRelativeMovD
|
|
DD 00H
|
|
DQ FLAT:?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z$rtcVarDesc
|
|
CONST ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$unwind$??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z DD 025063501H
|
|
DD 0119231eH
|
|
DD 070120026H
|
|
DD 050106011H
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$unwind$??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z DD 025063501H
|
|
DD 0119231eH
|
|
DD 070120026H
|
|
DD 050106011H
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$unwind$??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z DD 035053401H
|
|
DD 0118331dH
|
|
DD 07011002bH
|
|
DD 05010H
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$unwind$?_Maklocwcs@std@@YAPEA_WPEB_W@Z DD 035052a01H
|
|
DD 010e3313H
|
|
DD 070070027H
|
|
DD 05006H
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$unwind$??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z DD 035054519H
|
|
DD 0118331dH
|
|
DD 070110047H
|
|
DD 05010H
|
|
DD imagerel __GSHandlerCheck
|
|
DD 0228H
|
|
xdata ENDS
|
|
; COMDAT CONST
|
|
CONST SEGMENT
|
|
??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$0 DB 05fH ; std::_Maklocstr<wchar_t>
|
|
DB 057H
|
|
DB 063H
|
|
DB 00H
|
|
??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$1 DB 05fH ; std::_Maklocstr<wchar_t>
|
|
DB 04dH
|
|
DB 062H
|
|
DB 073H
|
|
DB 074H
|
|
DB 031H
|
|
DB 00H
|
|
ORG $+1
|
|
??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$2 DB 05fH ; std::_Maklocstr<wchar_t>
|
|
DB 04dH
|
|
DB 062H
|
|
DB 073H
|
|
DB 074H
|
|
DB 032H
|
|
DB 00H
|
|
ORG $+13
|
|
??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcVarDesc DD 0158H ; std::_Maklocstr<wchar_t>
|
|
DD 08H
|
|
DQ FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$2
|
|
DD 0f8H
|
|
DD 08H
|
|
DQ FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$1
|
|
DD 0d4H
|
|
DD 02H
|
|
DQ FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcName$0
|
|
ORG $+144
|
|
??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcFrameData DD 03H ; std::_Maklocstr<wchar_t>
|
|
DD 00H
|
|
DQ FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcVarDesc
|
|
CONST ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$unwind$wmemcpy DD 025053401H
|
|
DD 0118231dH
|
|
DD 07011001dH
|
|
DD 05010H
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$ip2state$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z DB 02H
|
|
DB 00H
|
|
DB 00H
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$cppxdata$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z DB 060H
|
|
DD imagerel $ip2state$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$unwind$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z DD 025053419H
|
|
DD 0118231dH
|
|
DD 07011001dH
|
|
DD 05010H
|
|
DD imagerel __CxxFrameHandler4
|
|
DD imagerel $cppxdata$?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$ip2state$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z DB 02H
|
|
DB 00H
|
|
DB 00H
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$cppxdata$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z DB 060H
|
|
DD imagerel $ip2state$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$unwind$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z DD 025052f19H
|
|
DD 01132318H
|
|
DD 0700c001dH
|
|
DD 0500bH
|
|
DD imagerel __CxxFrameHandler4
|
|
DD imagerel $cppxdata$?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$ip2state$?__empty_global_delete@@YAXPEAX_K@Z DB 02H
|
|
DB 00H
|
|
DB 00H
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$cppxdata$?__empty_global_delete@@YAXPEAX_K@Z DB 060H
|
|
DD imagerel $ip2state$?__empty_global_delete@@YAXPEAX_K@Z
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$unwind$?__empty_global_delete@@YAXPEAX_K@Z DD 025052f19H
|
|
DD 01132318H
|
|
DD 0700c001dH
|
|
DD 0500bH
|
|
DD imagerel __CxxFrameHandler4
|
|
DD imagerel $cppxdata$?__empty_global_delete@@YAXPEAX_K@Z
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$ip2state$?__empty_global_delete@@YAXPEAX@Z DB 02H
|
|
DB 00H
|
|
DB 00H
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$cppxdata$?__empty_global_delete@@YAXPEAX@Z DB 060H
|
|
DD imagerel $ip2state$?__empty_global_delete@@YAXPEAX@Z
|
|
xdata ENDS
|
|
; COMDAT xdata
|
|
xdata SEGMENT
|
|
$unwind$?__empty_global_delete@@YAXPEAX@Z DD 025052a19H
|
|
DD 010e2313H
|
|
DD 07007001dH
|
|
DD 05006H
|
|
DD imagerel __CxxFrameHandler4
|
|
DD imagerel $cppxdata$?__empty_global_delete@@YAXPEAX@Z
|
|
xdata ENDS
|
|
; Function compile flags: /Odt
|
|
; COMDAT __JustMyCode_Default
|
|
_TEXT SEGMENT
|
|
__JustMyCode_Default PROC ; COMDAT
|
|
00000 c2 00 00 ret 0
|
|
__JustMyCode_Default ENDP
|
|
_TEXT ENDS
|
|
; Function compile flags: /Odtp /RTCsu /ZI
|
|
; File C:\$Fanta\code-virtualizer\CodeVirtualizer\RipMovInst.cpp
|
|
; COMDAT ?JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z
|
|
_TEXT SEGMENT
|
|
RawData$ = 4
|
|
Link$ = 40
|
|
$T4 = 264
|
|
$T5 = 296
|
|
tv79 = 312
|
|
__$ArrayPad$ = 320
|
|
Block$ = 368
|
|
RipDelta$ = 376
|
|
Data$ = 384
|
|
?JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z PROC ; JitEmitRipRelativeMovB, COMDAT
|
|
|
|
; 28 : {
|
|
|
|
$LN6:
|
|
00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8
|
|
00005 89 54 24 10 mov DWORD PTR [rsp+16], edx
|
|
00009 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx
|
|
0000e 55 push rbp
|
|
0000f 57 push rdi
|
|
00010 48 81 ec 88 01
|
|
00 00 sub rsp, 392 ; 00000188H
|
|
00017 48 8d 6c 24 30 lea rbp, QWORD PTR [rsp+48]
|
|
0001c 48 8b fc mov rdi, rsp
|
|
0001f b9 62 00 00 00 mov ecx, 98 ; 00000062H
|
|
00024 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH
|
|
00029 f3 ab rep stosd
|
|
0002b 48 8b 8c 24 a8
|
|
01 00 00 mov rcx, QWORD PTR [rsp+424]
|
|
00033 48 8b 05 00 00
|
|
00 00 mov rax, QWORD PTR __security_cookie
|
|
0003a 48 33 c5 xor rax, rbp
|
|
0003d 48 89 85 40 01
|
|
00 00 mov QWORD PTR __$ArrayPad$[rbp], rax
|
|
00044 48 8d 0d 00 00
|
|
00 00 lea rcx, OFFSET FLAT:__9DFA3906_RipMovInst@cpp
|
|
0004b e8 00 00 00 00 call __CheckForDebuggerJustMyCode
|
|
|
|
; 29 : UCHAR RawData[] = { 0xC6, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00 };
|
|
|
|
00050 c6 45 04 c6 mov BYTE PTR RawData$[rbp], 198 ; 000000c6H
|
|
00054 c6 45 05 05 mov BYTE PTR RawData$[rbp+1], 5
|
|
00058 c6 45 06 00 mov BYTE PTR RawData$[rbp+2], 0
|
|
0005c c6 45 07 00 mov BYTE PTR RawData$[rbp+3], 0
|
|
00060 c6 45 08 00 mov BYTE PTR RawData$[rbp+4], 0
|
|
00064 c6 45 09 00 mov BYTE PTR RawData$[rbp+5], 0
|
|
00068 c6 45 0a 00 mov BYTE PTR RawData$[rbp+6], 0
|
|
|
|
; 30 :
|
|
; 31 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST | CODE_FLAG_DO_NOT_DIVIDE, RawData, sizeof(RawData));
|
|
|
|
0006c b9 f0 00 00 00 mov ecx, 240 ; 000000f0H
|
|
00071 e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new
|
|
00076 48 89 85 28 01
|
|
00 00 mov QWORD PTR $T5[rbp], rax
|
|
0007d 48 83 bd 28 01
|
|
00 00 00 cmp QWORD PTR $T5[rbp], 0
|
|
00085 74 2c je SHORT $LN3@JitEmitRip
|
|
00087 c7 44 24 20 00
|
|
00 00 00 mov DWORD PTR [rsp+32], 0
|
|
0008f 41 b9 07 00 00
|
|
00 mov r9d, 7
|
|
00095 4c 8d 45 04 lea r8, QWORD PTR RawData$[rbp]
|
|
00099 ba 0c 00 00 00 mov edx, 12
|
|
0009e 48 8b 8d 28 01
|
|
00 00 mov rcx, QWORD PTR $T5[rbp]
|
|
000a5 e8 00 00 00 00 call ??0_NATIVE_CODE_LINK@@QEAA@KPEAXKH@Z ; _NATIVE_CODE_LINK::_NATIVE_CODE_LINK
|
|
000aa 48 89 85 38 01
|
|
00 00 mov QWORD PTR tv79[rbp], rax
|
|
000b1 eb 0b jmp SHORT $LN4@JitEmitRip
|
|
$LN3@JitEmitRip:
|
|
000b3 48 c7 85 38 01
|
|
00 00 00 00 00
|
|
00 mov QWORD PTR tv79[rbp], 0
|
|
$LN4@JitEmitRip:
|
|
000be 48 8b 85 38 01
|
|
00 00 mov rax, QWORD PTR tv79[rbp]
|
|
000c5 48 89 85 08 01
|
|
00 00 mov QWORD PTR $T4[rbp], rax
|
|
000cc 48 8b 85 08 01
|
|
00 00 mov rax, QWORD PTR $T4[rbp]
|
|
000d3 48 89 45 28 mov QWORD PTR Link$[rbp], rax
|
|
|
|
; 32 : *(PINT32)&Link->RawData[2] = RipDelta;
|
|
|
|
000d7 b8 01 00 00 00 mov eax, 1
|
|
000dc 48 6b c0 02 imul rax, rax, 2
|
|
000e0 48 8b 4d 28 mov rcx, QWORD PTR Link$[rbp]
|
|
000e4 48 8b 49 20 mov rcx, QWORD PTR [rcx+32]
|
|
000e8 8b 95 78 01 00
|
|
00 mov edx, DWORD PTR RipDelta$[rbp]
|
|
000ee 89 14 08 mov DWORD PTR [rax+rcx], edx
|
|
|
|
; 33 : Link->RawData[6] = *Data;
|
|
|
|
000f1 b8 01 00 00 00 mov eax, 1
|
|
000f6 48 6b c0 06 imul rax, rax, 6
|
|
000fa 48 8b 4d 28 mov rcx, QWORD PTR Link$[rbp]
|
|
000fe 48 8b 49 20 mov rcx, QWORD PTR [rcx+32]
|
|
00102 48 8b 95 80 01
|
|
00 00 mov rdx, QWORD PTR Data$[rbp]
|
|
00109 0f b6 12 movzx edx, BYTE PTR [rdx]
|
|
0010c 88 14 08 mov BYTE PTR [rax+rcx], dl
|
|
|
|
; 34 : XedDecode(&Link->XedInstruction, Link->RawData, Link->RawDataSize);
|
|
|
|
0010f 48 8b 45 28 mov rax, QWORD PTR Link$[rbp]
|
|
00113 48 83 c0 30 add rax, 48 ; 00000030H
|
|
00117 48 8b 4d 28 mov rcx, QWORD PTR Link$[rbp]
|
|
0011b 44 8b 41 28 mov r8d, DWORD PTR [rcx+40]
|
|
0011f 48 8b 4d 28 mov rcx, QWORD PTR Link$[rbp]
|
|
00123 48 8b 51 20 mov rdx, QWORD PTR [rcx+32]
|
|
00127 48 8b c8 mov rcx, rax
|
|
0012a e8 00 00 00 00 call xed_decode
|
|
|
|
; 35 : NcAppendToBlock(Block, Link);
|
|
|
|
0012f 48 8b 55 28 mov rdx, QWORD PTR Link$[rbp]
|
|
00133 48 8b 8d 70 01
|
|
00 00 mov rcx, QWORD PTR Block$[rbp]
|
|
0013a e8 00 00 00 00 call ?NcAppendToBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@@Z ; NcAppendToBlock
|
|
|
|
; 36 : return TRUE;
|
|
|
|
0013f b8 01 00 00 00 mov eax, 1
|
|
|
|
; 37 : }
|
|
|
|
00144 8b f8 mov edi, eax
|
|
00146 48 8d 4d d0 lea rcx, QWORD PTR [rbp-48]
|
|
0014a 48 8d 15 00 00
|
|
00 00 lea rdx, OFFSET FLAT:?JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z$rtcFrameData
|
|
00151 e8 00 00 00 00 call _RTC_CheckStackVars
|
|
00156 8b c7 mov eax, edi
|
|
00158 48 8b 8d 40 01
|
|
00 00 mov rcx, QWORD PTR __$ArrayPad$[rbp]
|
|
0015f 48 33 cd xor rcx, rbp
|
|
00162 e8 00 00 00 00 call __security_check_cookie
|
|
00167 48 8d a5 58 01
|
|
00 00 lea rsp, QWORD PTR [rbp+344]
|
|
0016e 5f pop rdi
|
|
0016f 5d pop rbp
|
|
00170 c3 ret 0
|
|
?JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z ENDP ; JitEmitRipRelativeMovB
|
|
_TEXT ENDS
|
|
; COMDAT text$x
|
|
text$x SEGMENT
|
|
RawData$ = 4
|
|
Link$ = 40
|
|
$T4 = 264
|
|
$T5 = 296
|
|
tv79 = 312
|
|
__$ArrayPad$ = 320
|
|
Block$ = 368
|
|
RipDelta$ = 376
|
|
Data$ = 384
|
|
?dtor$0@?0??JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA PROC ; `JitEmitRipRelativeMovB'::`1'::dtor$0
|
|
00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx
|
|
00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx
|
|
0000a 55 push rbp
|
|
0000b 57 push rdi
|
|
0000c 48 83 ec 28 sub rsp, 40 ; 00000028H
|
|
00010 48 8d 6a 30 lea rbp, QWORD PTR [rdx+48]
|
|
00014 ba f0 00 00 00 mov edx, 240 ; 000000f0H
|
|
00019 48 8b 8d 28 01
|
|
00 00 mov rcx, QWORD PTR $T5[rbp]
|
|
00020 e8 00 00 00 00 call ??3@YAXPEAX_K@Z ; operator delete
|
|
00025 48 83 c4 28 add rsp, 40 ; 00000028H
|
|
00029 5f pop rdi
|
|
0002a 5d pop rbp
|
|
0002b c3 ret 0
|
|
?dtor$0@?0??JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA ENDP ; `JitEmitRipRelativeMovB'::`1'::dtor$0
|
|
text$x ENDS
|
|
; Function compile flags: /Odtp /RTCsu /ZI
|
|
; COMDAT text$x
|
|
text$x SEGMENT
|
|
RawData$ = 4
|
|
Link$ = 40
|
|
$T4 = 264
|
|
$T5 = 296
|
|
tv79 = 312
|
|
__$ArrayPad$ = 320
|
|
Block$ = 368
|
|
RipDelta$ = 376
|
|
Data$ = 384
|
|
?dtor$0@?0??JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA PROC ; `JitEmitRipRelativeMovB'::`1'::dtor$0
|
|
00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx
|
|
00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx
|
|
0000a 55 push rbp
|
|
0000b 57 push rdi
|
|
0000c 48 83 ec 28 sub rsp, 40 ; 00000028H
|
|
00010 48 8d 6a 30 lea rbp, QWORD PTR [rdx+48]
|
|
00014 ba f0 00 00 00 mov edx, 240 ; 000000f0H
|
|
00019 48 8b 8d 28 01
|
|
00 00 mov rcx, QWORD PTR $T5[rbp]
|
|
00020 e8 00 00 00 00 call ??3@YAXPEAX_K@Z ; operator delete
|
|
00025 48 83 c4 28 add rsp, 40 ; 00000028H
|
|
00029 5f pop rdi
|
|
0002a 5d pop rbp
|
|
0002b c3 ret 0
|
|
?dtor$0@?0??JitEmitRipRelativeMovB@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA ENDP ; `JitEmitRipRelativeMovB'::`1'::dtor$0
|
|
text$x ENDS
|
|
; Function compile flags: /Odtp /RTCsu /ZI
|
|
; File C:\$Fanta\code-virtualizer\CodeVirtualizer\RipMovInst.cpp
|
|
; COMDAT ?JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z
|
|
_TEXT SEGMENT
|
|
RawData$ = 8
|
|
Link$ = 56
|
|
$T4 = 280
|
|
$T5 = 312
|
|
tv79 = 328
|
|
__$ArrayPad$ = 336
|
|
Block$ = 384
|
|
RipDelta$ = 392
|
|
Data$ = 400
|
|
?JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z PROC ; JitEmitRipRelativeMovW, COMDAT
|
|
|
|
; 16 : {
|
|
|
|
$LN6:
|
|
00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8
|
|
00005 89 54 24 10 mov DWORD PTR [rsp+16], edx
|
|
00009 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx
|
|
0000e 55 push rbp
|
|
0000f 57 push rdi
|
|
00010 48 81 ec 98 01
|
|
00 00 sub rsp, 408 ; 00000198H
|
|
00017 48 8d 6c 24 30 lea rbp, QWORD PTR [rsp+48]
|
|
0001c 48 8b fc mov rdi, rsp
|
|
0001f b9 66 00 00 00 mov ecx, 102 ; 00000066H
|
|
00024 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH
|
|
00029 f3 ab rep stosd
|
|
0002b 48 8b 8c 24 b8
|
|
01 00 00 mov rcx, QWORD PTR [rsp+440]
|
|
00033 48 8b 05 00 00
|
|
00 00 mov rax, QWORD PTR __security_cookie
|
|
0003a 48 33 c5 xor rax, rbp
|
|
0003d 48 89 85 50 01
|
|
00 00 mov QWORD PTR __$ArrayPad$[rbp], rax
|
|
00044 48 8d 0d 00 00
|
|
00 00 lea rcx, OFFSET FLAT:__9DFA3906_RipMovInst@cpp
|
|
0004b e8 00 00 00 00 call __CheckForDebuggerJustMyCode
|
|
|
|
; 17 : UCHAR RawData[] = { 0x66, 0xC7, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
|
|
|
|
00050 c6 45 08 66 mov BYTE PTR RawData$[rbp], 102 ; 00000066H
|
|
00054 c6 45 09 c7 mov BYTE PTR RawData$[rbp+1], 199 ; 000000c7H
|
|
00058 c6 45 0a 05 mov BYTE PTR RawData$[rbp+2], 5
|
|
0005c c6 45 0b 00 mov BYTE PTR RawData$[rbp+3], 0
|
|
00060 c6 45 0c 00 mov BYTE PTR RawData$[rbp+4], 0
|
|
00064 c6 45 0d 00 mov BYTE PTR RawData$[rbp+5], 0
|
|
00068 c6 45 0e 00 mov BYTE PTR RawData$[rbp+6], 0
|
|
0006c c6 45 0f 00 mov BYTE PTR RawData$[rbp+7], 0
|
|
00070 c6 45 10 00 mov BYTE PTR RawData$[rbp+8], 0
|
|
|
|
; 18 :
|
|
; 19 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST | CODE_FLAG_DO_NOT_DIVIDE, RawData, sizeof(RawData));
|
|
|
|
00074 b9 f0 00 00 00 mov ecx, 240 ; 000000f0H
|
|
00079 e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new
|
|
0007e 48 89 85 38 01
|
|
00 00 mov QWORD PTR $T5[rbp], rax
|
|
00085 48 83 bd 38 01
|
|
00 00 00 cmp QWORD PTR $T5[rbp], 0
|
|
0008d 74 2c je SHORT $LN3@JitEmitRip
|
|
0008f c7 44 24 20 00
|
|
00 00 00 mov DWORD PTR [rsp+32], 0
|
|
00097 41 b9 09 00 00
|
|
00 mov r9d, 9
|
|
0009d 4c 8d 45 08 lea r8, QWORD PTR RawData$[rbp]
|
|
000a1 ba 0c 00 00 00 mov edx, 12
|
|
000a6 48 8b 8d 38 01
|
|
00 00 mov rcx, QWORD PTR $T5[rbp]
|
|
000ad e8 00 00 00 00 call ??0_NATIVE_CODE_LINK@@QEAA@KPEAXKH@Z ; _NATIVE_CODE_LINK::_NATIVE_CODE_LINK
|
|
000b2 48 89 85 48 01
|
|
00 00 mov QWORD PTR tv79[rbp], rax
|
|
000b9 eb 0b jmp SHORT $LN4@JitEmitRip
|
|
$LN3@JitEmitRip:
|
|
000bb 48 c7 85 48 01
|
|
00 00 00 00 00
|
|
00 mov QWORD PTR tv79[rbp], 0
|
|
$LN4@JitEmitRip:
|
|
000c6 48 8b 85 48 01
|
|
00 00 mov rax, QWORD PTR tv79[rbp]
|
|
000cd 48 89 85 18 01
|
|
00 00 mov QWORD PTR $T4[rbp], rax
|
|
000d4 48 8b 85 18 01
|
|
00 00 mov rax, QWORD PTR $T4[rbp]
|
|
000db 48 89 45 38 mov QWORD PTR Link$[rbp], rax
|
|
|
|
; 20 : *(PINT32)&Link->RawData[3] = RipDelta;
|
|
|
|
000df b8 01 00 00 00 mov eax, 1
|
|
000e4 48 6b c0 03 imul rax, rax, 3
|
|
000e8 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp]
|
|
000ec 48 8b 49 20 mov rcx, QWORD PTR [rcx+32]
|
|
000f0 8b 95 88 01 00
|
|
00 mov edx, DWORD PTR RipDelta$[rbp]
|
|
000f6 89 14 08 mov DWORD PTR [rax+rcx], edx
|
|
|
|
; 21 : RtlCopyMemory(&Link->RawData[7], Data, 2);
|
|
|
|
000f9 b8 01 00 00 00 mov eax, 1
|
|
000fe 48 6b c0 07 imul rax, rax, 7
|
|
00102 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp]
|
|
00106 48 03 41 20 add rax, QWORD PTR [rcx+32]
|
|
0010a 41 b8 02 00 00
|
|
00 mov r8d, 2
|
|
00110 48 8b 95 90 01
|
|
00 00 mov rdx, QWORD PTR Data$[rbp]
|
|
00117 48 8b c8 mov rcx, rax
|
|
0011a e8 00 00 00 00 call memcpy
|
|
|
|
; 22 : XedDecode(&Link->XedInstruction, Link->RawData, Link->RawDataSize);
|
|
|
|
0011f 48 8b 45 38 mov rax, QWORD PTR Link$[rbp]
|
|
00123 48 83 c0 30 add rax, 48 ; 00000030H
|
|
00127 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp]
|
|
0012b 44 8b 41 28 mov r8d, DWORD PTR [rcx+40]
|
|
0012f 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp]
|
|
00133 48 8b 51 20 mov rdx, QWORD PTR [rcx+32]
|
|
00137 48 8b c8 mov rcx, rax
|
|
0013a e8 00 00 00 00 call xed_decode
|
|
|
|
; 23 : NcAppendToBlock(Block, Link);
|
|
|
|
0013f 48 8b 55 38 mov rdx, QWORD PTR Link$[rbp]
|
|
00143 48 8b 8d 80 01
|
|
00 00 mov rcx, QWORD PTR Block$[rbp]
|
|
0014a e8 00 00 00 00 call ?NcAppendToBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@@Z ; NcAppendToBlock
|
|
|
|
; 24 : return TRUE;
|
|
|
|
0014f b8 01 00 00 00 mov eax, 1
|
|
|
|
; 25 : }
|
|
|
|
00154 8b f8 mov edi, eax
|
|
00156 48 8d 4d d0 lea rcx, QWORD PTR [rbp-48]
|
|
0015a 48 8d 15 00 00
|
|
00 00 lea rdx, OFFSET FLAT:?JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z$rtcFrameData
|
|
00161 e8 00 00 00 00 call _RTC_CheckStackVars
|
|
00166 8b c7 mov eax, edi
|
|
00168 48 8b 8d 50 01
|
|
00 00 mov rcx, QWORD PTR __$ArrayPad$[rbp]
|
|
0016f 48 33 cd xor rcx, rbp
|
|
00172 e8 00 00 00 00 call __security_check_cookie
|
|
00177 48 8d a5 68 01
|
|
00 00 lea rsp, QWORD PTR [rbp+360]
|
|
0017e 5f pop rdi
|
|
0017f 5d pop rbp
|
|
00180 c3 ret 0
|
|
?JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z ENDP ; JitEmitRipRelativeMovW
|
|
_TEXT ENDS
|
|
; COMDAT text$x
|
|
text$x SEGMENT
|
|
RawData$ = 8
|
|
Link$ = 56
|
|
$T4 = 280
|
|
$T5 = 312
|
|
tv79 = 328
|
|
__$ArrayPad$ = 336
|
|
Block$ = 384
|
|
RipDelta$ = 392
|
|
Data$ = 400
|
|
?dtor$0@?0??JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA PROC ; `JitEmitRipRelativeMovW'::`1'::dtor$0
|
|
00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx
|
|
00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx
|
|
0000a 55 push rbp
|
|
0000b 57 push rdi
|
|
0000c 48 83 ec 28 sub rsp, 40 ; 00000028H
|
|
00010 48 8d 6a 30 lea rbp, QWORD PTR [rdx+48]
|
|
00014 ba f0 00 00 00 mov edx, 240 ; 000000f0H
|
|
00019 48 8b 8d 38 01
|
|
00 00 mov rcx, QWORD PTR $T5[rbp]
|
|
00020 e8 00 00 00 00 call ??3@YAXPEAX_K@Z ; operator delete
|
|
00025 48 83 c4 28 add rsp, 40 ; 00000028H
|
|
00029 5f pop rdi
|
|
0002a 5d pop rbp
|
|
0002b c3 ret 0
|
|
?dtor$0@?0??JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA ENDP ; `JitEmitRipRelativeMovW'::`1'::dtor$0
|
|
text$x ENDS
|
|
; Function compile flags: /Odtp /RTCsu /ZI
|
|
; COMDAT text$x
|
|
text$x SEGMENT
|
|
RawData$ = 8
|
|
Link$ = 56
|
|
$T4 = 280
|
|
$T5 = 312
|
|
tv79 = 328
|
|
__$ArrayPad$ = 336
|
|
Block$ = 384
|
|
RipDelta$ = 392
|
|
Data$ = 400
|
|
?dtor$0@?0??JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA PROC ; `JitEmitRipRelativeMovW'::`1'::dtor$0
|
|
00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx
|
|
00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx
|
|
0000a 55 push rbp
|
|
0000b 57 push rdi
|
|
0000c 48 83 ec 28 sub rsp, 40 ; 00000028H
|
|
00010 48 8d 6a 30 lea rbp, QWORD PTR [rdx+48]
|
|
00014 ba f0 00 00 00 mov edx, 240 ; 000000f0H
|
|
00019 48 8b 8d 38 01
|
|
00 00 mov rcx, QWORD PTR $T5[rbp]
|
|
00020 e8 00 00 00 00 call ??3@YAXPEAX_K@Z ; operator delete
|
|
00025 48 83 c4 28 add rsp, 40 ; 00000028H
|
|
00029 5f pop rdi
|
|
0002a 5d pop rbp
|
|
0002b c3 ret 0
|
|
?dtor$0@?0??JitEmitRipRelativeMovW@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA ENDP ; `JitEmitRipRelativeMovW'::`1'::dtor$0
|
|
text$x ENDS
|
|
; Function compile flags: /Odtp /RTCsu /ZI
|
|
; File C:\$Fanta\code-virtualizer\CodeVirtualizer\RipMovInst.cpp
|
|
; COMDAT ?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z
|
|
_TEXT SEGMENT
|
|
RawData$ = 8
|
|
Link$ = 56
|
|
$T4 = 280
|
|
$T5 = 312
|
|
tv79 = 328
|
|
__$ArrayPad$ = 336
|
|
Block$ = 384
|
|
RipDelta$ = 392
|
|
Data$ = 400
|
|
?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z PROC ; JitEmitRipRelativeMovD, COMDAT
|
|
|
|
; 4 : {
|
|
|
|
$LN6:
|
|
00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8
|
|
00005 89 54 24 10 mov DWORD PTR [rsp+16], edx
|
|
00009 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx
|
|
0000e 55 push rbp
|
|
0000f 57 push rdi
|
|
00010 48 81 ec 98 01
|
|
00 00 sub rsp, 408 ; 00000198H
|
|
00017 48 8d 6c 24 30 lea rbp, QWORD PTR [rsp+48]
|
|
0001c 48 8b fc mov rdi, rsp
|
|
0001f b9 66 00 00 00 mov ecx, 102 ; 00000066H
|
|
00024 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH
|
|
00029 f3 ab rep stosd
|
|
0002b 48 8b 8c 24 b8
|
|
01 00 00 mov rcx, QWORD PTR [rsp+440]
|
|
00033 48 8b 05 00 00
|
|
00 00 mov rax, QWORD PTR __security_cookie
|
|
0003a 48 33 c5 xor rax, rbp
|
|
0003d 48 89 85 50 01
|
|
00 00 mov QWORD PTR __$ArrayPad$[rbp], rax
|
|
00044 48 8d 0d 00 00
|
|
00 00 lea rcx, OFFSET FLAT:__9DFA3906_RipMovInst@cpp
|
|
0004b e8 00 00 00 00 call __CheckForDebuggerJustMyCode
|
|
|
|
; 5 : UCHAR RawData[] = { 0xC7, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
|
|
|
|
00050 c6 45 08 c7 mov BYTE PTR RawData$[rbp], 199 ; 000000c7H
|
|
00054 c6 45 09 05 mov BYTE PTR RawData$[rbp+1], 5
|
|
00058 c6 45 0a 00 mov BYTE PTR RawData$[rbp+2], 0
|
|
0005c c6 45 0b 00 mov BYTE PTR RawData$[rbp+3], 0
|
|
00060 c6 45 0c 00 mov BYTE PTR RawData$[rbp+4], 0
|
|
00064 c6 45 0d 00 mov BYTE PTR RawData$[rbp+5], 0
|
|
00068 c6 45 0e 00 mov BYTE PTR RawData$[rbp+6], 0
|
|
0006c c6 45 0f 00 mov BYTE PTR RawData$[rbp+7], 0
|
|
00070 c6 45 10 00 mov BYTE PTR RawData$[rbp+8], 0
|
|
00074 c6 45 11 00 mov BYTE PTR RawData$[rbp+9], 0
|
|
|
|
; 6 :
|
|
; 7 : PNATIVE_CODE_LINK Link = new NATIVE_CODE_LINK(CODE_FLAG_IS_INST | CODE_FLAG_DO_NOT_DIVIDE, RawData, sizeof(RawData));
|
|
|
|
00078 b9 f0 00 00 00 mov ecx, 240 ; 000000f0H
|
|
0007d e8 00 00 00 00 call ??2@YAPEAX_K@Z ; operator new
|
|
00082 48 89 85 38 01
|
|
00 00 mov QWORD PTR $T5[rbp], rax
|
|
00089 48 83 bd 38 01
|
|
00 00 00 cmp QWORD PTR $T5[rbp], 0
|
|
00091 74 2c je SHORT $LN3@JitEmitRip
|
|
00093 c7 44 24 20 00
|
|
00 00 00 mov DWORD PTR [rsp+32], 0
|
|
0009b 41 b9 0a 00 00
|
|
00 mov r9d, 10
|
|
000a1 4c 8d 45 08 lea r8, QWORD PTR RawData$[rbp]
|
|
000a5 ba 0c 00 00 00 mov edx, 12
|
|
000aa 48 8b 8d 38 01
|
|
00 00 mov rcx, QWORD PTR $T5[rbp]
|
|
000b1 e8 00 00 00 00 call ??0_NATIVE_CODE_LINK@@QEAA@KPEAXKH@Z ; _NATIVE_CODE_LINK::_NATIVE_CODE_LINK
|
|
000b6 48 89 85 48 01
|
|
00 00 mov QWORD PTR tv79[rbp], rax
|
|
000bd eb 0b jmp SHORT $LN4@JitEmitRip
|
|
$LN3@JitEmitRip:
|
|
000bf 48 c7 85 48 01
|
|
00 00 00 00 00
|
|
00 mov QWORD PTR tv79[rbp], 0
|
|
$LN4@JitEmitRip:
|
|
000ca 48 8b 85 48 01
|
|
00 00 mov rax, QWORD PTR tv79[rbp]
|
|
000d1 48 89 85 18 01
|
|
00 00 mov QWORD PTR $T4[rbp], rax
|
|
000d8 48 8b 85 18 01
|
|
00 00 mov rax, QWORD PTR $T4[rbp]
|
|
000df 48 89 45 38 mov QWORD PTR Link$[rbp], rax
|
|
|
|
; 8 : *(PINT32)&Link->RawData[2] = RipDelta;
|
|
|
|
000e3 b8 01 00 00 00 mov eax, 1
|
|
000e8 48 6b c0 02 imul rax, rax, 2
|
|
000ec 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp]
|
|
000f0 48 8b 49 20 mov rcx, QWORD PTR [rcx+32]
|
|
000f4 8b 95 88 01 00
|
|
00 mov edx, DWORD PTR RipDelta$[rbp]
|
|
000fa 89 14 08 mov DWORD PTR [rax+rcx], edx
|
|
|
|
; 9 : RtlCopyMemory(&Link->RawData[6], Data, 4);
|
|
|
|
000fd b8 01 00 00 00 mov eax, 1
|
|
00102 48 6b c0 06 imul rax, rax, 6
|
|
00106 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp]
|
|
0010a 48 03 41 20 add rax, QWORD PTR [rcx+32]
|
|
0010e 41 b8 04 00 00
|
|
00 mov r8d, 4
|
|
00114 48 8b 95 90 01
|
|
00 00 mov rdx, QWORD PTR Data$[rbp]
|
|
0011b 48 8b c8 mov rcx, rax
|
|
0011e e8 00 00 00 00 call memcpy
|
|
|
|
; 10 : XedDecode(&Link->XedInstruction, Link->RawData, Link->RawDataSize);
|
|
|
|
00123 48 8b 45 38 mov rax, QWORD PTR Link$[rbp]
|
|
00127 48 83 c0 30 add rax, 48 ; 00000030H
|
|
0012b 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp]
|
|
0012f 44 8b 41 28 mov r8d, DWORD PTR [rcx+40]
|
|
00133 48 8b 4d 38 mov rcx, QWORD PTR Link$[rbp]
|
|
00137 48 8b 51 20 mov rdx, QWORD PTR [rcx+32]
|
|
0013b 48 8b c8 mov rcx, rax
|
|
0013e e8 00 00 00 00 call xed_decode
|
|
|
|
; 11 : NcAppendToBlock(Block, Link);
|
|
|
|
00143 48 8b 55 38 mov rdx, QWORD PTR Link$[rbp]
|
|
00147 48 8b 8d 80 01
|
|
00 00 mov rcx, QWORD PTR Block$[rbp]
|
|
0014e e8 00 00 00 00 call ?NcAppendToBlock@@YAXPEAU_NATIVE_CODE_BLOCK@@PEAU_NATIVE_CODE_LINK@@@Z ; NcAppendToBlock
|
|
|
|
; 12 : return TRUE;
|
|
|
|
00153 b8 01 00 00 00 mov eax, 1
|
|
|
|
; 13 : }
|
|
|
|
00158 8b f8 mov edi, eax
|
|
0015a 48 8d 4d d0 lea rcx, QWORD PTR [rbp-48]
|
|
0015e 48 8d 15 00 00
|
|
00 00 lea rdx, OFFSET FLAT:?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z$rtcFrameData
|
|
00165 e8 00 00 00 00 call _RTC_CheckStackVars
|
|
0016a 8b c7 mov eax, edi
|
|
0016c 48 8b 8d 50 01
|
|
00 00 mov rcx, QWORD PTR __$ArrayPad$[rbp]
|
|
00173 48 33 cd xor rcx, rbp
|
|
00176 e8 00 00 00 00 call __security_check_cookie
|
|
0017b 48 8d a5 68 01
|
|
00 00 lea rsp, QWORD PTR [rbp+360]
|
|
00182 5f pop rdi
|
|
00183 5d pop rbp
|
|
00184 c3 ret 0
|
|
?JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z ENDP ; JitEmitRipRelativeMovD
|
|
_TEXT ENDS
|
|
; COMDAT text$x
|
|
text$x SEGMENT
|
|
RawData$ = 8
|
|
Link$ = 56
|
|
$T4 = 280
|
|
$T5 = 312
|
|
tv79 = 328
|
|
__$ArrayPad$ = 336
|
|
Block$ = 384
|
|
RipDelta$ = 392
|
|
Data$ = 400
|
|
?dtor$0@?0??JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA PROC ; `JitEmitRipRelativeMovD'::`1'::dtor$0
|
|
00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx
|
|
00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx
|
|
0000a 55 push rbp
|
|
0000b 57 push rdi
|
|
0000c 48 83 ec 28 sub rsp, 40 ; 00000028H
|
|
00010 48 8d 6a 30 lea rbp, QWORD PTR [rdx+48]
|
|
00014 ba f0 00 00 00 mov edx, 240 ; 000000f0H
|
|
00019 48 8b 8d 38 01
|
|
00 00 mov rcx, QWORD PTR $T5[rbp]
|
|
00020 e8 00 00 00 00 call ??3@YAXPEAX_K@Z ; operator delete
|
|
00025 48 83 c4 28 add rsp, 40 ; 00000028H
|
|
00029 5f pop rdi
|
|
0002a 5d pop rbp
|
|
0002b c3 ret 0
|
|
?dtor$0@?0??JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA ENDP ; `JitEmitRipRelativeMovD'::`1'::dtor$0
|
|
text$x ENDS
|
|
; Function compile flags: /Odtp /RTCsu /ZI
|
|
; COMDAT text$x
|
|
text$x SEGMENT
|
|
RawData$ = 8
|
|
Link$ = 56
|
|
$T4 = 280
|
|
$T5 = 312
|
|
tv79 = 328
|
|
__$ArrayPad$ = 336
|
|
Block$ = 384
|
|
RipDelta$ = 392
|
|
Data$ = 400
|
|
?dtor$0@?0??JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA PROC ; `JitEmitRipRelativeMovD'::`1'::dtor$0
|
|
00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx
|
|
00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx
|
|
0000a 55 push rbp
|
|
0000b 57 push rdi
|
|
0000c 48 83 ec 28 sub rsp, 40 ; 00000028H
|
|
00010 48 8d 6a 30 lea rbp, QWORD PTR [rdx+48]
|
|
00014 ba f0 00 00 00 mov edx, 240 ; 000000f0H
|
|
00019 48 8b 8d 38 01
|
|
00 00 mov rcx, QWORD PTR $T5[rbp]
|
|
00020 e8 00 00 00 00 call ??3@YAXPEAX_K@Z ; operator delete
|
|
00025 48 83 c4 28 add rsp, 40 ; 00000028H
|
|
00029 5f pop rdi
|
|
0002a 5d pop rbp
|
|
0002b c3 ret 0
|
|
?dtor$0@?0??JitEmitRipRelativeMovD@@YAHPEAU_NATIVE_CODE_BLOCK@@HPEAE@Z@4HA ENDP ; `JitEmitRipRelativeMovD'::`1'::dtor$0
|
|
text$x ENDS
|
|
; Function compile flags: /Odtp /RTCsu /ZI
|
|
; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xloctime
|
|
; COMDAT ??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z
|
|
_TEXT SEGMENT
|
|
$T1 = 200
|
|
tv93 = 264
|
|
tv85 = 264
|
|
this$ = 304
|
|
__formal$ = 312
|
|
_Lobj$ = 320
|
|
??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z PROC ; std::time_get<wchar_t,std::istreambuf_iterator<wchar_t,std::char_traits<wchar_t> > >::_Getvals<wchar_t>, COMDAT
|
|
|
|
; 176 : void __CLR_OR_THIS_CALL _Getvals(_Elem2, const _Locinfo& _Lobj) { // get values
|
|
|
|
$LN5:
|
|
00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8
|
|
00005 66 89 54 24 10 mov WORD PTR [rsp+16], dx
|
|
0000a 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx
|
|
0000f 55 push rbp
|
|
00010 56 push rsi
|
|
00011 57 push rdi
|
|
00012 48 81 ec 30 01
|
|
00 00 sub rsp, 304 ; 00000130H
|
|
00019 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32]
|
|
0001e 48 8b fc mov rdi, rsp
|
|
00021 b9 4c 00 00 00 mov ecx, 76 ; 0000004cH
|
|
00026 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH
|
|
0002b f3 ab rep stosd
|
|
0002d 48 8b 8c 24 58
|
|
01 00 00 mov rcx, QWORD PTR [rsp+344]
|
|
00035 48 8d 0d 00 00
|
|
00 00 lea rcx, OFFSET FLAT:__886F7F70_xloctime
|
|
0003c e8 00 00 00 00 call __CheckForDebuggerJustMyCode
|
|
|
|
; 177 : _Cvt = _Lobj._Getcvt();
|
|
|
|
00041 48 8d 95 c8 00
|
|
00 00 lea rdx, QWORD PTR $T1[rbp]
|
|
00048 48 8b 8d 40 01
|
|
00 00 mov rcx, QWORD PTR _Lobj$[rbp]
|
|
0004f ff 15 00 00 00
|
|
00 call QWORD PTR __imp_?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
|
|
00055 48 8b 8d 30 01
|
|
00 00 mov rcx, QWORD PTR this$[rbp]
|
|
0005c 48 8d 79 2c lea rdi, QWORD PTR [rcx+44]
|
|
00060 48 8b f0 mov rsi, rax
|
|
00063 b9 2c 00 00 00 mov ecx, 44 ; 0000002cH
|
|
00068 f3 a4 rep movsb
|
|
|
|
; 178 :
|
|
; 179 : if (is_same_v<_Elem2, wchar_t>) {
|
|
|
|
0006a 33 c0 xor eax, eax
|
|
0006c 83 f8 01 cmp eax, 1
|
|
0006f 74 5c je SHORT $LN2@Getvals
|
|
|
|
; 180 : _Days = reinterpret_cast<const _Elem*>(_Maklocwcs(reinterpret_cast<const wchar_t*>(_Lobj._W_Getdays())));
|
|
|
|
00071 48 8b 8d 40 01
|
|
00 00 mov rcx, QWORD PTR _Lobj$[rbp]
|
|
00078 ff 15 00 00 00
|
|
00 call QWORD PTR __imp_?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ
|
|
0007e 48 8b c8 mov rcx, rax
|
|
00081 e8 00 00 00 00 call ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs
|
|
00086 48 8b 8d 30 01
|
|
00 00 mov rcx, QWORD PTR this$[rbp]
|
|
0008d 48 89 41 10 mov QWORD PTR [rcx+16], rax
|
|
|
|
; 181 : _Months =
|
|
|
|
00091 48 8b 8d 40 01
|
|
00 00 mov rcx, QWORD PTR _Lobj$[rbp]
|
|
00098 ff 15 00 00 00
|
|
00 call QWORD PTR __imp_?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ
|
|
0009e 48 8b c8 mov rcx, rax
|
|
000a1 e8 00 00 00 00 call ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs
|
|
000a6 48 8b 8d 30 01
|
|
00 00 mov rcx, QWORD PTR this$[rbp]
|
|
000ad 48 89 41 18 mov QWORD PTR [rcx+24], rax
|
|
|
|
; 182 : reinterpret_cast<const _Elem*>(_Maklocwcs(reinterpret_cast<const wchar_t*>(_Lobj._W_Getmonths())));
|
|
; 183 : _Ampm = reinterpret_cast<const _Elem*>(_Maklocwcs(L":AM:am:PM:pm"));
|
|
|
|
000b1 48 8d 0d 00 00
|
|
00 00 lea rcx, OFFSET FLAT:??_C@_1BK@MHIKGOKE@?$AA?3?$AAA?$AAM?$AA?3?$AAa?$AAm?$AA?3?$AAP?$AAM?$AA?3?$AAp?$AAm@
|
|
000b8 e8 00 00 00 00 call ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs
|
|
000bd 48 8b 8d 30 01
|
|
00 00 mov rcx, QWORD PTR this$[rbp]
|
|
000c4 48 89 41 20 mov QWORD PTR [rcx+32], rax
|
|
|
|
; 184 : } else {
|
|
|
|
000c8 e9 a3 00 00 00 jmp $LN3@Getvals
|
|
$LN2@Getvals:
|
|
|
|
; 185 : _Days = _Maklocstr(_Lobj._Getdays(), static_cast<_Elem*>(nullptr), _Cvt);
|
|
|
|
000cd 48 8b 85 30 01
|
|
00 00 mov rax, QWORD PTR this$[rbp]
|
|
000d4 48 83 c0 2c add rax, 44 ; 0000002cH
|
|
000d8 48 89 85 08 01
|
|
00 00 mov QWORD PTR tv85[rbp], rax
|
|
000df 48 8b 8d 40 01
|
|
00 00 mov rcx, QWORD PTR _Lobj$[rbp]
|
|
000e6 ff 15 00 00 00
|
|
00 call QWORD PTR __imp_?_Getdays@_Locinfo@std@@QEBAPEBDXZ
|
|
000ec 48 8b 8d 08 01
|
|
00 00 mov rcx, QWORD PTR tv85[rbp]
|
|
000f3 4c 8b c1 mov r8, rcx
|
|
000f6 33 d2 xor edx, edx
|
|
000f8 48 8b c8 mov rcx, rax
|
|
000fb e8 00 00 00 00 call ??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z ; std::_Maklocstr<wchar_t>
|
|
00100 48 8b 8d 30 01
|
|
00 00 mov rcx, QWORD PTR this$[rbp]
|
|
00107 48 89 41 10 mov QWORD PTR [rcx+16], rax
|
|
|
|
; 186 : _Months = _Maklocstr(_Lobj._Getmonths(), static_cast<_Elem*>(nullptr), _Cvt);
|
|
|
|
0010b 48 8b 85 30 01
|
|
00 00 mov rax, QWORD PTR this$[rbp]
|
|
00112 48 83 c0 2c add rax, 44 ; 0000002cH
|
|
00116 48 89 85 08 01
|
|
00 00 mov QWORD PTR tv93[rbp], rax
|
|
0011d 48 8b 8d 40 01
|
|
00 00 mov rcx, QWORD PTR _Lobj$[rbp]
|
|
00124 ff 15 00 00 00
|
|
00 call QWORD PTR __imp_?_Getmonths@_Locinfo@std@@QEBAPEBDXZ
|
|
0012a 48 8b 8d 08 01
|
|
00 00 mov rcx, QWORD PTR tv93[rbp]
|
|
00131 4c 8b c1 mov r8, rcx
|
|
00134 33 d2 xor edx, edx
|
|
00136 48 8b c8 mov rcx, rax
|
|
00139 e8 00 00 00 00 call ??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z ; std::_Maklocstr<wchar_t>
|
|
0013e 48 8b 8d 30 01
|
|
00 00 mov rcx, QWORD PTR this$[rbp]
|
|
00145 48 89 41 18 mov QWORD PTR [rcx+24], rax
|
|
|
|
; 187 : _Ampm = _Maklocstr(":AM:am:PM:pm", static_cast<_Elem*>(nullptr), _Cvt);
|
|
|
|
00149 48 8b 85 30 01
|
|
00 00 mov rax, QWORD PTR this$[rbp]
|
|
00150 48 83 c0 2c add rax, 44 ; 0000002cH
|
|
00154 4c 8b c0 mov r8, rax
|
|
00157 33 d2 xor edx, edx
|
|
00159 48 8d 0d 00 00
|
|
00 00 lea rcx, OFFSET FLAT:??_C@_0N@LPFKKEBD@?3AM?3am?3PM?3pm@
|
|
00160 e8 00 00 00 00 call ??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z ; std::_Maklocstr<wchar_t>
|
|
00165 48 8b 8d 30 01
|
|
00 00 mov rcx, QWORD PTR this$[rbp]
|
|
0016c 48 89 41 20 mov QWORD PTR [rcx+32], rax
|
|
$LN3@Getvals:
|
|
|
|
; 188 : }
|
|
; 189 : }
|
|
|
|
00170 48 8d a5 10 01
|
|
00 00 lea rsp, QWORD PTR [rbp+272]
|
|
00177 5f pop rdi
|
|
00178 5e pop rsi
|
|
00179 5d pop rbp
|
|
0017a c3 ret 0
|
|
??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z ENDP ; std::time_get<wchar_t,std::istreambuf_iterator<wchar_t,std::char_traits<wchar_t> > >::_Getvals<wchar_t>
|
|
_TEXT ENDS
|
|
; Function compile flags: /Odtp /RTCsu /ZI
|
|
; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xloctime
|
|
; COMDAT ??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z
|
|
_TEXT SEGMENT
|
|
$T1 = 200
|
|
tv93 = 264
|
|
tv85 = 264
|
|
this$ = 304
|
|
__formal$ = 312
|
|
_Lobj$ = 320
|
|
??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z PROC ; std::time_get<char,std::istreambuf_iterator<char,std::char_traits<char> > >::_Getvals<wchar_t>, COMDAT
|
|
|
|
; 176 : void __CLR_OR_THIS_CALL _Getvals(_Elem2, const _Locinfo& _Lobj) { // get values
|
|
|
|
$LN5:
|
|
00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8
|
|
00005 66 89 54 24 10 mov WORD PTR [rsp+16], dx
|
|
0000a 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx
|
|
0000f 55 push rbp
|
|
00010 56 push rsi
|
|
00011 57 push rdi
|
|
00012 48 81 ec 30 01
|
|
00 00 sub rsp, 304 ; 00000130H
|
|
00019 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32]
|
|
0001e 48 8b fc mov rdi, rsp
|
|
00021 b9 4c 00 00 00 mov ecx, 76 ; 0000004cH
|
|
00026 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH
|
|
0002b f3 ab rep stosd
|
|
0002d 48 8b 8c 24 58
|
|
01 00 00 mov rcx, QWORD PTR [rsp+344]
|
|
00035 48 8d 0d 00 00
|
|
00 00 lea rcx, OFFSET FLAT:__886F7F70_xloctime
|
|
0003c e8 00 00 00 00 call __CheckForDebuggerJustMyCode
|
|
|
|
; 177 : _Cvt = _Lobj._Getcvt();
|
|
|
|
00041 48 8d 95 c8 00
|
|
00 00 lea rdx, QWORD PTR $T1[rbp]
|
|
00048 48 8b 8d 40 01
|
|
00 00 mov rcx, QWORD PTR _Lobj$[rbp]
|
|
0004f ff 15 00 00 00
|
|
00 call QWORD PTR __imp_?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
|
|
00055 48 8b 8d 30 01
|
|
00 00 mov rcx, QWORD PTR this$[rbp]
|
|
0005c 48 8d 79 2c lea rdi, QWORD PTR [rcx+44]
|
|
00060 48 8b f0 mov rsi, rax
|
|
00063 b9 2c 00 00 00 mov ecx, 44 ; 0000002cH
|
|
00068 f3 a4 rep movsb
|
|
|
|
; 178 :
|
|
; 179 : if (is_same_v<_Elem2, wchar_t>) {
|
|
|
|
0006a 33 c0 xor eax, eax
|
|
0006c 83 f8 01 cmp eax, 1
|
|
0006f 74 5c je SHORT $LN2@Getvals
|
|
|
|
; 180 : _Days = reinterpret_cast<const _Elem*>(_Maklocwcs(reinterpret_cast<const wchar_t*>(_Lobj._W_Getdays())));
|
|
|
|
00071 48 8b 8d 40 01
|
|
00 00 mov rcx, QWORD PTR _Lobj$[rbp]
|
|
00078 ff 15 00 00 00
|
|
00 call QWORD PTR __imp_?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ
|
|
0007e 48 8b c8 mov rcx, rax
|
|
00081 e8 00 00 00 00 call ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs
|
|
00086 48 8b 8d 30 01
|
|
00 00 mov rcx, QWORD PTR this$[rbp]
|
|
0008d 48 89 41 10 mov QWORD PTR [rcx+16], rax
|
|
|
|
; 181 : _Months =
|
|
|
|
00091 48 8b 8d 40 01
|
|
00 00 mov rcx, QWORD PTR _Lobj$[rbp]
|
|
00098 ff 15 00 00 00
|
|
00 call QWORD PTR __imp_?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ
|
|
0009e 48 8b c8 mov rcx, rax
|
|
000a1 e8 00 00 00 00 call ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs
|
|
000a6 48 8b 8d 30 01
|
|
00 00 mov rcx, QWORD PTR this$[rbp]
|
|
000ad 48 89 41 18 mov QWORD PTR [rcx+24], rax
|
|
|
|
; 182 : reinterpret_cast<const _Elem*>(_Maklocwcs(reinterpret_cast<const wchar_t*>(_Lobj._W_Getmonths())));
|
|
; 183 : _Ampm = reinterpret_cast<const _Elem*>(_Maklocwcs(L":AM:am:PM:pm"));
|
|
|
|
000b1 48 8d 0d 00 00
|
|
00 00 lea rcx, OFFSET FLAT:??_C@_1BK@MHIKGOKE@?$AA?3?$AAA?$AAM?$AA?3?$AAa?$AAm?$AA?3?$AAP?$AAM?$AA?3?$AAp?$AAm@
|
|
000b8 e8 00 00 00 00 call ?_Maklocwcs@std@@YAPEA_WPEB_W@Z ; std::_Maklocwcs
|
|
000bd 48 8b 8d 30 01
|
|
00 00 mov rcx, QWORD PTR this$[rbp]
|
|
000c4 48 89 41 20 mov QWORD PTR [rcx+32], rax
|
|
|
|
; 184 : } else {
|
|
|
|
000c8 e9 a3 00 00 00 jmp $LN3@Getvals
|
|
$LN2@Getvals:
|
|
|
|
; 185 : _Days = _Maklocstr(_Lobj._Getdays(), static_cast<_Elem*>(nullptr), _Cvt);
|
|
|
|
000cd 48 8b 85 30 01
|
|
00 00 mov rax, QWORD PTR this$[rbp]
|
|
000d4 48 83 c0 2c add rax, 44 ; 0000002cH
|
|
000d8 48 89 85 08 01
|
|
00 00 mov QWORD PTR tv85[rbp], rax
|
|
000df 48 8b 8d 40 01
|
|
00 00 mov rcx, QWORD PTR _Lobj$[rbp]
|
|
000e6 ff 15 00 00 00
|
|
00 call QWORD PTR __imp_?_Getdays@_Locinfo@std@@QEBAPEBDXZ
|
|
000ec 48 8b 8d 08 01
|
|
00 00 mov rcx, QWORD PTR tv85[rbp]
|
|
000f3 4c 8b c1 mov r8, rcx
|
|
000f6 33 d2 xor edx, edx
|
|
000f8 48 8b c8 mov rcx, rax
|
|
000fb e8 00 00 00 00 call ??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z ; std::_Maklocstr<char>
|
|
00100 48 8b 8d 30 01
|
|
00 00 mov rcx, QWORD PTR this$[rbp]
|
|
00107 48 89 41 10 mov QWORD PTR [rcx+16], rax
|
|
|
|
; 186 : _Months = _Maklocstr(_Lobj._Getmonths(), static_cast<_Elem*>(nullptr), _Cvt);
|
|
|
|
0010b 48 8b 85 30 01
|
|
00 00 mov rax, QWORD PTR this$[rbp]
|
|
00112 48 83 c0 2c add rax, 44 ; 0000002cH
|
|
00116 48 89 85 08 01
|
|
00 00 mov QWORD PTR tv93[rbp], rax
|
|
0011d 48 8b 8d 40 01
|
|
00 00 mov rcx, QWORD PTR _Lobj$[rbp]
|
|
00124 ff 15 00 00 00
|
|
00 call QWORD PTR __imp_?_Getmonths@_Locinfo@std@@QEBAPEBDXZ
|
|
0012a 48 8b 8d 08 01
|
|
00 00 mov rcx, QWORD PTR tv93[rbp]
|
|
00131 4c 8b c1 mov r8, rcx
|
|
00134 33 d2 xor edx, edx
|
|
00136 48 8b c8 mov rcx, rax
|
|
00139 e8 00 00 00 00 call ??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z ; std::_Maklocstr<char>
|
|
0013e 48 8b 8d 30 01
|
|
00 00 mov rcx, QWORD PTR this$[rbp]
|
|
00145 48 89 41 18 mov QWORD PTR [rcx+24], rax
|
|
|
|
; 187 : _Ampm = _Maklocstr(":AM:am:PM:pm", static_cast<_Elem*>(nullptr), _Cvt);
|
|
|
|
00149 48 8b 85 30 01
|
|
00 00 mov rax, QWORD PTR this$[rbp]
|
|
00150 48 83 c0 2c add rax, 44 ; 0000002cH
|
|
00154 4c 8b c0 mov r8, rax
|
|
00157 33 d2 xor edx, edx
|
|
00159 48 8d 0d 00 00
|
|
00 00 lea rcx, OFFSET FLAT:??_C@_0N@LPFKKEBD@?3AM?3am?3PM?3pm@
|
|
00160 e8 00 00 00 00 call ??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z ; std::_Maklocstr<char>
|
|
00165 48 8b 8d 30 01
|
|
00 00 mov rcx, QWORD PTR this$[rbp]
|
|
0016c 48 89 41 20 mov QWORD PTR [rcx+32], rax
|
|
$LN3@Getvals:
|
|
|
|
; 188 : }
|
|
; 189 : }
|
|
|
|
00170 48 8d a5 10 01
|
|
00 00 lea rsp, QWORD PTR [rbp+272]
|
|
00177 5f pop rdi
|
|
00178 5e pop rsi
|
|
00179 5d pop rbp
|
|
0017a c3 ret 0
|
|
??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z ENDP ; std::time_get<char,std::istreambuf_iterator<char,std::char_traits<char> > >::_Getvals<wchar_t>
|
|
_TEXT ENDS
|
|
; Function compile flags: /Odtp /RTCsu /ZI
|
|
; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xlocale
|
|
; COMDAT ??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z
|
|
_TEXT SEGMENT
|
|
_Count$ = 8
|
|
_Ptrdest$ = 40
|
|
_Ptrnext$1 = 72
|
|
_Ptr$ = 320
|
|
__formal$ = 328
|
|
__formal$ = 336
|
|
??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z PROC ; std::_Maklocstr<char>, COMDAT
|
|
|
|
; 563 : _Elem* __CRTDECL _Maklocstr(const char* _Ptr, _Elem*, const _Locinfo::_Cvtvec&) {
|
|
|
|
$LN7:
|
|
00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8
|
|
00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx
|
|
0000a 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx
|
|
0000f 55 push rbp
|
|
00010 57 push rdi
|
|
00011 48 81 ec 58 01
|
|
00 00 sub rsp, 344 ; 00000158H
|
|
00018 48 8d 6c 24 30 lea rbp, QWORD PTR [rsp+48]
|
|
0001d 48 8b fc mov rdi, rsp
|
|
00020 b9 56 00 00 00 mov ecx, 86 ; 00000056H
|
|
00025 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH
|
|
0002a f3 ab rep stosd
|
|
0002c 48 8b 8c 24 78
|
|
01 00 00 mov rcx, QWORD PTR [rsp+376]
|
|
00034 48 8d 0d 00 00
|
|
00 00 lea rcx, OFFSET FLAT:__0E648B51_xlocale
|
|
0003b e8 00 00 00 00 call __CheckForDebuggerJustMyCode
|
|
|
|
; 564 : // convert C string to _Elem sequence using _Cvtvec
|
|
; 565 : size_t _Count = _CSTD strlen(_Ptr) + 1;
|
|
|
|
00040 48 8b 8d 40 01
|
|
00 00 mov rcx, QWORD PTR _Ptr$[rbp]
|
|
00047 e8 00 00 00 00 call strlen
|
|
0004c 48 ff c0 inc rax
|
|
0004f 48 89 45 08 mov QWORD PTR _Count$[rbp], rax
|
|
|
|
; 566 :
|
|
; 567 : _Elem* _Ptrdest = static_cast<_Elem*>(_calloc_dbg(_Count, sizeof(_Elem), _CRT_BLOCK, __FILE__, __LINE__));
|
|
|
|
00053 c7 44 24 20 37
|
|
02 00 00 mov DWORD PTR [rsp+32], 567 ; 00000237H
|
|
0005b 4c 8d 0d 00 00
|
|
00 00 lea r9, OFFSET FLAT:??_C@_0GI@DEICPIDJ@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@
|
|
00062 41 b8 02 00 00
|
|
00 mov r8d, 2
|
|
00068 ba 01 00 00 00 mov edx, 1
|
|
0006d 48 8b 4d 08 mov rcx, QWORD PTR _Count$[rbp]
|
|
00071 ff 15 00 00 00
|
|
00 call QWORD PTR __imp__calloc_dbg
|
|
00077 48 89 45 28 mov QWORD PTR _Ptrdest$[rbp], rax
|
|
|
|
; 568 :
|
|
; 569 : if (!_Ptrdest) {
|
|
|
|
0007b 48 83 7d 28 00 cmp QWORD PTR _Ptrdest$[rbp], 0
|
|
00080 75 05 jne SHORT $LN5@Maklocstr
|
|
|
|
; 570 : _Xbad_alloc();
|
|
|
|
00082 e8 00 00 00 00 call ?_Xbad_alloc@std@@YAXXZ ; std::_Xbad_alloc
|
|
$LN5@Maklocstr:
|
|
|
|
; 571 : }
|
|
; 572 :
|
|
; 573 : for (_Elem* _Ptrnext = _Ptrdest; 0 < _Count; --_Count, ++_Ptrnext, ++_Ptr) {
|
|
|
|
00087 48 8b 45 28 mov rax, QWORD PTR _Ptrdest$[rbp]
|
|
0008b 48 89 45 48 mov QWORD PTR _Ptrnext$1[rbp], rax
|
|
0008f eb 27 jmp SHORT $LN4@Maklocstr
|
|
$LN2@Maklocstr:
|
|
00091 48 8b 45 08 mov rax, QWORD PTR _Count$[rbp]
|
|
00095 48 ff c8 dec rax
|
|
00098 48 89 45 08 mov QWORD PTR _Count$[rbp], rax
|
|
0009c 48 8b 45 48 mov rax, QWORD PTR _Ptrnext$1[rbp]
|
|
000a0 48 ff c0 inc rax
|
|
000a3 48 89 45 48 mov QWORD PTR _Ptrnext$1[rbp], rax
|
|
000a7 48 8b 85 40 01
|
|
00 00 mov rax, QWORD PTR _Ptr$[rbp]
|
|
000ae 48 ff c0 inc rax
|
|
000b1 48 89 85 40 01
|
|
00 00 mov QWORD PTR _Ptr$[rbp], rax
|
|
$LN4@Maklocstr:
|
|
000b8 48 83 7d 08 00 cmp QWORD PTR _Count$[rbp], 0
|
|
000bd 76 12 jbe SHORT $LN3@Maklocstr
|
|
|
|
; 574 : *_Ptrnext = static_cast<_Elem>(static_cast<unsigned char>(*_Ptr));
|
|
|
|
000bf 48 8b 45 48 mov rax, QWORD PTR _Ptrnext$1[rbp]
|
|
000c3 48 8b 8d 40 01
|
|
00 00 mov rcx, QWORD PTR _Ptr$[rbp]
|
|
000ca 0f b6 09 movzx ecx, BYTE PTR [rcx]
|
|
000cd 88 08 mov BYTE PTR [rax], cl
|
|
|
|
; 575 : }
|
|
|
|
000cf eb c0 jmp SHORT $LN2@Maklocstr
|
|
$LN3@Maklocstr:
|
|
|
|
; 576 :
|
|
; 577 : return _Ptrdest;
|
|
|
|
000d1 48 8b 45 28 mov rax, QWORD PTR _Ptrdest$[rbp]
|
|
$LN6@Maklocstr:
|
|
|
|
; 578 : }
|
|
|
|
000d5 48 8d a5 28 01
|
|
00 00 lea rsp, QWORD PTR [rbp+296]
|
|
000dc 5f pop rdi
|
|
000dd 5d pop rbp
|
|
000de c3 ret 0
|
|
??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z ENDP ; std::_Maklocstr<char>
|
|
_TEXT ENDS
|
|
; Function compile flags: /Odtp /RTCsu /ZI
|
|
; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xlocnum
|
|
; COMDAT ?_Maklocwcs@std@@YAPEA_WPEB_W@Z
|
|
_TEXT SEGMENT
|
|
_Count$ = 8
|
|
_Ptrdest$ = 40
|
|
_Ptr$ = 288
|
|
?_Maklocwcs@std@@YAPEA_WPEB_W@Z PROC ; std::_Maklocwcs, COMDAT
|
|
|
|
; 90 : inline wchar_t* _Maklocwcs(const wchar_t* _Ptr) { // copy NTWCS to allocated storage
|
|
|
|
$LN4:
|
|
00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx
|
|
00005 55 push rbp
|
|
00006 57 push rdi
|
|
00007 48 81 ec 38 01
|
|
00 00 sub rsp, 312 ; 00000138H
|
|
0000e 48 8d 6c 24 30 lea rbp, QWORD PTR [rsp+48]
|
|
00013 48 8b fc mov rdi, rsp
|
|
00016 b9 4e 00 00 00 mov ecx, 78 ; 0000004eH
|
|
0001b b8 cc cc cc cc mov eax, -858993460 ; ccccccccH
|
|
00020 f3 ab rep stosd
|
|
00022 48 8b 8c 24 58
|
|
01 00 00 mov rcx, QWORD PTR [rsp+344]
|
|
0002a 48 8d 0d 00 00
|
|
00 00 lea rcx, OFFSET FLAT:__90E3ED46_xlocnum
|
|
00031 e8 00 00 00 00 call __CheckForDebuggerJustMyCode
|
|
|
|
; 91 : const size_t _Count = _CSTD wcslen(_Ptr) + 1;
|
|
|
|
00036 48 8b 8d 20 01
|
|
00 00 mov rcx, QWORD PTR _Ptr$[rbp]
|
|
0003d ff 15 00 00 00
|
|
00 call QWORD PTR __imp_wcslen
|
|
00043 48 ff c0 inc rax
|
|
00046 48 89 45 08 mov QWORD PTR _Count$[rbp], rax
|
|
|
|
; 92 :
|
|
; 93 : wchar_t* _Ptrdest = static_cast<wchar_t*>(_calloc_dbg(_Count, sizeof(wchar_t), _CRT_BLOCK, __FILE__, __LINE__));
|
|
|
|
0004a 8b 05 00 00 00
|
|
00 mov eax, DWORD PTR ?__LINE__Var@?0??_Maklocwcs@std@@YAPEA_WPEB_W@Z@4JA
|
|
00050 83 c0 03 add eax, 3
|
|
00053 89 44 24 20 mov DWORD PTR [rsp+32], eax
|
|
00057 4c 8d 0d 00 00
|
|
00 00 lea r9, OFFSET FLAT:??_C@_0GI@LHMPPKJI@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@
|
|
0005e 41 b8 02 00 00
|
|
00 mov r8d, 2
|
|
00064 ba 02 00 00 00 mov edx, 2
|
|
00069 48 8b 4d 08 mov rcx, QWORD PTR _Count$[rbp]
|
|
0006d ff 15 00 00 00
|
|
00 call QWORD PTR __imp__calloc_dbg
|
|
00073 48 89 45 28 mov QWORD PTR _Ptrdest$[rbp], rax
|
|
|
|
; 94 :
|
|
; 95 : if (!_Ptrdest) {
|
|
|
|
00077 48 83 7d 28 00 cmp QWORD PTR _Ptrdest$[rbp], 0
|
|
0007c 75 05 jne SHORT $LN2@Maklocwcs
|
|
|
|
; 96 : _Xbad_alloc();
|
|
|
|
0007e e8 00 00 00 00 call ?_Xbad_alloc@std@@YAXXZ ; std::_Xbad_alloc
|
|
$LN2@Maklocwcs:
|
|
|
|
; 97 : }
|
|
; 98 :
|
|
; 99 : _CSTD wmemcpy(_Ptrdest, _Ptr, _Count);
|
|
|
|
00083 4c 8b 45 08 mov r8, QWORD PTR _Count$[rbp]
|
|
00087 48 8b 95 20 01
|
|
00 00 mov rdx, QWORD PTR _Ptr$[rbp]
|
|
0008e 48 8b 4d 28 mov rcx, QWORD PTR _Ptrdest$[rbp]
|
|
00092 e8 00 00 00 00 call wmemcpy
|
|
|
|
; 100 : return _Ptrdest;
|
|
|
|
00097 48 8b 45 28 mov rax, QWORD PTR _Ptrdest$[rbp]
|
|
$LN3@Maklocwcs:
|
|
|
|
; 101 : }
|
|
|
|
0009b 48 8d a5 08 01
|
|
00 00 lea rsp, QWORD PTR [rbp+264]
|
|
000a2 5f pop rdi
|
|
000a3 5d pop rbp
|
|
000a4 c3 ret 0
|
|
?_Maklocwcs@std@@YAPEA_WPEB_W@Z ENDP ; std::_Maklocwcs
|
|
_TEXT ENDS
|
|
; Function compile flags: /Odtp /RTCsu /ZI
|
|
; File C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.27.29110\include\xlocale
|
|
; COMDAT ??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z
|
|
_TEXT SEGMENT
|
|
_Count$ = 8
|
|
_Count1$ = 40
|
|
_Wchars$ = 72
|
|
_Ptr1$ = 104
|
|
_Bytes$ = 132
|
|
_Wc$ = 164
|
|
_Mbst1$ = 200
|
|
_Ptrdest$ = 232
|
|
_Ptrnext$ = 264
|
|
_Mbst2$ = 296
|
|
__$ArrayPad$ = 504
|
|
_Ptr$ = 544
|
|
__formal$ = 552
|
|
_Cvt$ = 560
|
|
??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z PROC ; std::_Maklocstr<wchar_t>, COMDAT
|
|
|
|
; 581 : inline wchar_t* __CRTDECL _Maklocstr(const char* _Ptr, wchar_t*, const _Locinfo::_Cvtvec& _Cvt) {
|
|
|
|
$LN12:
|
|
00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8
|
|
00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx
|
|
0000a 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx
|
|
0000f 55 push rbp
|
|
00010 57 push rdi
|
|
00011 48 81 ec 38 02
|
|
00 00 sub rsp, 568 ; 00000238H
|
|
00018 48 8d 6c 24 30 lea rbp, QWORD PTR [rsp+48]
|
|
0001d 48 8b fc mov rdi, rsp
|
|
00020 b9 8e 00 00 00 mov ecx, 142 ; 0000008eH
|
|
00025 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH
|
|
0002a f3 ab rep stosd
|
|
0002c 48 8b 8c 24 58
|
|
02 00 00 mov rcx, QWORD PTR [rsp+600]
|
|
00034 48 8b 05 00 00
|
|
00 00 mov rax, QWORD PTR __security_cookie
|
|
0003b 48 33 c5 xor rax, rbp
|
|
0003e 48 89 85 f8 01
|
|
00 00 mov QWORD PTR __$ArrayPad$[rbp], rax
|
|
00045 48 8d 0d 00 00
|
|
00 00 lea rcx, OFFSET FLAT:__0E648B51_xlocale
|
|
0004c e8 00 00 00 00 call __CheckForDebuggerJustMyCode
|
|
|
|
; 582 : // convert C string to wchar_t sequence using _Cvtvec
|
|
; 583 : size_t _Count;
|
|
; 584 : size_t _Count1;
|
|
; 585 : size_t _Wchars;
|
|
; 586 : const char* _Ptr1;
|
|
; 587 : int _Bytes;
|
|
; 588 : wchar_t _Wc;
|
|
; 589 : mbstate_t _Mbst1 = {};
|
|
|
|
00051 48 8d 85 c8 00
|
|
00 00 lea rax, QWORD PTR _Mbst1$[rbp]
|
|
00058 48 8b f8 mov rdi, rax
|
|
0005b 33 c0 xor eax, eax
|
|
0005d b9 08 00 00 00 mov ecx, 8
|
|
00062 f3 aa rep stosb
|
|
|
|
; 590 :
|
|
; 591 : _Count1 = _CSTD strlen(_Ptr) + 1;
|
|
|
|
00064 48 8b 8d 20 02
|
|
00 00 mov rcx, QWORD PTR _Ptr$[rbp]
|
|
0006b e8 00 00 00 00 call strlen
|
|
00070 48 ff c0 inc rax
|
|
00073 48 89 45 28 mov QWORD PTR _Count1$[rbp], rax
|
|
|
|
; 592 : for (_Count = _Count1, _Wchars = 0, _Ptr1 = _Ptr; 0 < _Count; _Count -= _Bytes, _Ptr1 += _Bytes, ++_Wchars) {
|
|
|
|
00077 48 8b 45 28 mov rax, QWORD PTR _Count1$[rbp]
|
|
0007b 48 89 45 08 mov QWORD PTR _Count$[rbp], rax
|
|
0007f 48 c7 45 48 00
|
|
00 00 00 mov QWORD PTR _Wchars$[rbp], 0
|
|
00087 48 8b 85 20 02
|
|
00 00 mov rax, QWORD PTR _Ptr$[rbp]
|
|
0008e 48 89 45 68 mov QWORD PTR _Ptr1$[rbp], rax
|
|
00092 eb 35 jmp SHORT $LN4@Maklocstr
|
|
$LN2@Maklocstr:
|
|
00094 48 63 85 84 00
|
|
00 00 movsxd rax, DWORD PTR _Bytes$[rbp]
|
|
0009b 48 8b 4d 08 mov rcx, QWORD PTR _Count$[rbp]
|
|
0009f 48 2b c8 sub rcx, rax
|
|
000a2 48 8b c1 mov rax, rcx
|
|
000a5 48 89 45 08 mov QWORD PTR _Count$[rbp], rax
|
|
000a9 48 63 85 84 00
|
|
00 00 movsxd rax, DWORD PTR _Bytes$[rbp]
|
|
000b0 48 8b 4d 68 mov rcx, QWORD PTR _Ptr1$[rbp]
|
|
000b4 48 03 c8 add rcx, rax
|
|
000b7 48 8b c1 mov rax, rcx
|
|
000ba 48 89 45 68 mov QWORD PTR _Ptr1$[rbp], rax
|
|
000be 48 8b 45 48 mov rax, QWORD PTR _Wchars$[rbp]
|
|
000c2 48 ff c0 inc rax
|
|
000c5 48 89 45 48 mov QWORD PTR _Wchars$[rbp], rax
|
|
$LN4@Maklocstr:
|
|
000c9 48 83 7d 08 00 cmp QWORD PTR _Count$[rbp], 0
|
|
000ce 76 3a jbe SHORT $LN3@Maklocstr
|
|
|
|
; 593 : if ((_Bytes = _Mbrtowc(&_Wc, _Ptr1, _Count, &_Mbst1, &_Cvt)) <= 0) {
|
|
|
|
000d0 48 8b 85 30 02
|
|
00 00 mov rax, QWORD PTR _Cvt$[rbp]
|
|
000d7 48 89 44 24 20 mov QWORD PTR [rsp+32], rax
|
|
000dc 4c 8d 8d c8 00
|
|
00 00 lea r9, QWORD PTR _Mbst1$[rbp]
|
|
000e3 4c 8b 45 08 mov r8, QWORD PTR _Count$[rbp]
|
|
000e7 48 8b 55 68 mov rdx, QWORD PTR _Ptr1$[rbp]
|
|
000eb 48 8d 8d a4 00
|
|
00 00 lea rcx, QWORD PTR _Wc$[rbp]
|
|
000f2 e8 00 00 00 00 call _Mbrtowc
|
|
000f7 89 85 84 00 00
|
|
00 mov DWORD PTR _Bytes$[rbp], eax
|
|
000fd 83 bd 84 00 00
|
|
00 00 cmp DWORD PTR _Bytes$[rbp], 0
|
|
00104 7f 02 jg SHORT $LN8@Maklocstr
|
|
|
|
; 594 : break;
|
|
|
|
00106 eb 02 jmp SHORT $LN3@Maklocstr
|
|
$LN8@Maklocstr:
|
|
|
|
; 595 : }
|
|
; 596 : }
|
|
|
|
00108 eb 8a jmp SHORT $LN2@Maklocstr
|
|
$LN3@Maklocstr:
|
|
|
|
; 597 :
|
|
; 598 : ++_Wchars; // count terminating nul
|
|
|
|
0010a 48 8b 45 48 mov rax, QWORD PTR _Wchars$[rbp]
|
|
0010e 48 ff c0 inc rax
|
|
00111 48 89 45 48 mov QWORD PTR _Wchars$[rbp], rax
|
|
|
|
; 599 :
|
|
; 600 : wchar_t* _Ptrdest = static_cast<wchar_t*>(_calloc_dbg(_Wchars, sizeof(wchar_t), _CRT_BLOCK, __FILE__, __LINE__));
|
|
|
|
00115 c7 44 24 20 58
|
|
02 00 00 mov DWORD PTR [rsp+32], 600 ; 00000258H
|
|
0011d 4c 8d 0d 00 00
|
|
00 00 lea r9, OFFSET FLAT:??_C@_0GI@DEICPIDJ@C?3?2Program?5Files?5?$CIx86?$CJ?2Microsof@
|
|
00124 41 b8 02 00 00
|
|
00 mov r8d, 2
|
|
0012a ba 02 00 00 00 mov edx, 2
|
|
0012f 48 8b 4d 48 mov rcx, QWORD PTR _Wchars$[rbp]
|
|
00133 ff 15 00 00 00
|
|
00 call QWORD PTR __imp__calloc_dbg
|
|
00139 48 89 85 e8 00
|
|
00 00 mov QWORD PTR _Ptrdest$[rbp], rax
|
|
|
|
; 601 :
|
|
; 602 : if (!_Ptrdest) {
|
|
|
|
00140 48 83 bd e8 00
|
|
00 00 00 cmp QWORD PTR _Ptrdest$[rbp], 0
|
|
00148 75 05 jne SHORT $LN9@Maklocstr
|
|
|
|
; 603 : _Xbad_alloc();
|
|
|
|
0014a e8 00 00 00 00 call ?_Xbad_alloc@std@@YAXXZ ; std::_Xbad_alloc
|
|
$LN9@Maklocstr:
|
|
|
|
; 604 : }
|
|
; 605 :
|
|
; 606 : wchar_t* _Ptrnext = _Ptrdest;
|
|
|
|
0014f 48 8b 85 e8 00
|
|
00 00 mov rax, QWORD PTR _Ptrdest$[rbp]
|
|
00156 48 89 85 08 01
|
|
00 00 mov QWORD PTR _Ptrnext$[rbp], rax
|
|
|
|
; 607 : mbstate_t _Mbst2 = {};
|
|
|
|
0015d 48 8d 85 28 01
|
|
00 00 lea rax, QWORD PTR _Mbst2$[rbp]
|
|
00164 48 8b f8 mov rdi, rax
|
|
00167 33 c0 xor eax, eax
|
|
00169 b9 08 00 00 00 mov ecx, 8
|
|
0016e f3 aa rep stosb
|
|
|
|
; 608 :
|
|
; 609 : for (; 0 < _Wchars; _Count -= _Bytes, _Ptr += _Bytes, --_Wchars, ++_Ptrnext) {
|
|
|
|
00170 eb 4d jmp SHORT $LN7@Maklocstr
|
|
$LN5@Maklocstr:
|
|
00172 48 63 85 84 00
|
|
00 00 movsxd rax, DWORD PTR _Bytes$[rbp]
|
|
00179 48 8b 4d 08 mov rcx, QWORD PTR _Count$[rbp]
|
|
0017d 48 2b c8 sub rcx, rax
|
|
00180 48 8b c1 mov rax, rcx
|
|
00183 48 89 45 08 mov QWORD PTR _Count$[rbp], rax
|
|
00187 48 63 85 84 00
|
|
00 00 movsxd rax, DWORD PTR _Bytes$[rbp]
|
|
0018e 48 8b 8d 20 02
|
|
00 00 mov rcx, QWORD PTR _Ptr$[rbp]
|
|
00195 48 03 c8 add rcx, rax
|
|
00198 48 8b c1 mov rax, rcx
|
|
0019b 48 89 85 20 02
|
|
00 00 mov QWORD PTR _Ptr$[rbp], rax
|
|
001a2 48 8b 45 48 mov rax, QWORD PTR _Wchars$[rbp]
|
|
001a6 48 ff c8 dec rax
|
|
001a9 48 89 45 48 mov QWORD PTR _Wchars$[rbp], rax
|
|
001ad 48 8b 85 08 01
|
|
00 00 mov rax, QWORD PTR _Ptrnext$[rbp]
|
|
001b4 48 83 c0 02 add rax, 2
|
|
001b8 48 89 85 08 01
|
|
00 00 mov QWORD PTR _Ptrnext$[rbp], rax
|
|
$LN7@Maklocstr:
|
|
001bf 48 83 7d 48 00 cmp QWORD PTR _Wchars$[rbp], 0
|
|
001c4 76 40 jbe SHORT $LN6@Maklocstr
|
|
|
|
; 610 : if ((_Bytes = _Mbrtowc(_Ptrnext, _Ptr, _Count1, &_Mbst2, &_Cvt)) <= 0) {
|
|
|
|
001c6 48 8b 85 30 02
|
|
00 00 mov rax, QWORD PTR _Cvt$[rbp]
|
|
001cd 48 89 44 24 20 mov QWORD PTR [rsp+32], rax
|
|
001d2 4c 8d 8d 28 01
|
|
00 00 lea r9, QWORD PTR _Mbst2$[rbp]
|
|
001d9 4c 8b 45 28 mov r8, QWORD PTR _Count1$[rbp]
|
|
001dd 48 8b 95 20 02
|
|
00 00 mov rdx, QWORD PTR _Ptr$[rbp]
|
|
001e4 48 8b 8d 08 01
|
|
00 00 mov rcx, QWORD PTR _Ptrnext$[rbp]
|
|
001eb e8 00 00 00 00 call _Mbrtowc
|
|
001f0 89 85 84 00 00
|
|
00 mov DWORD PTR _Bytes$[rbp], eax
|
|
001f6 83 bd 84 00 00
|
|
00 00 cmp DWORD PTR _Bytes$[rbp], 0
|
|
001fd 7f 02 jg SHORT $LN10@Maklocstr
|
|
|
|
; 611 : break;
|
|
|
|
001ff eb 05 jmp SHORT $LN6@Maklocstr
|
|
$LN10@Maklocstr:
|
|
|
|
; 612 : }
|
|
; 613 : }
|
|
|
|
00201 e9 6c ff ff ff jmp $LN5@Maklocstr
|
|
$LN6@Maklocstr:
|
|
|
|
; 614 :
|
|
; 615 : *_Ptrnext = L'\0';
|
|
|
|
00206 33 c0 xor eax, eax
|
|
00208 48 8b 8d 08 01
|
|
00 00 mov rcx, QWORD PTR _Ptrnext$[rbp]
|
|
0020f 66 89 01 mov WORD PTR [rcx], ax
|
|
|
|
; 616 :
|
|
; 617 : return _Ptrdest;
|
|
|
|
00212 48 8b 85 e8 00
|
|
00 00 mov rax, QWORD PTR _Ptrdest$[rbp]
|
|
$LN11@Maklocstr:
|
|
|
|
; 618 : }
|
|
|
|
00219 48 8b f8 mov rdi, rax
|
|
0021c 48 8d 4d d0 lea rcx, QWORD PTR [rbp-48]
|
|
00220 48 8d 15 00 00
|
|
00 00 lea rdx, OFFSET FLAT:??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z$rtcFrameData
|
|
00227 e8 00 00 00 00 call _RTC_CheckStackVars
|
|
0022c 48 8b c7 mov rax, rdi
|
|
0022f 48 8b 8d f8 01
|
|
00 00 mov rcx, QWORD PTR __$ArrayPad$[rbp]
|
|
00236 48 33 cd xor rcx, rbp
|
|
00239 e8 00 00 00 00 call __security_check_cookie
|
|
0023e 48 8d a5 08 02
|
|
00 00 lea rsp, QWORD PTR [rbp+520]
|
|
00245 5f pop rdi
|
|
00246 5d pop rbp
|
|
00247 c3 ret 0
|
|
??$_Maklocstr@_W@std@@YAPEA_WPEBDPEA_WAEBU_Cvtvec@@@Z ENDP ; std::_Maklocstr<wchar_t>
|
|
_TEXT ENDS
|
|
; Function compile flags: /Odtp /RTCsu /ZI
|
|
; File C:\Program Files (x86)\Windows Kits\10\Include\10.0.19041.0\ucrt\wchar.h
|
|
; COMDAT wmemcpy
|
|
_TEXT SEGMENT
|
|
_S1$ = 224
|
|
_S2$ = 232
|
|
_N$ = 240
|
|
wmemcpy PROC ; COMDAT
|
|
|
|
; 234 : {
|
|
|
|
$LN3:
|
|
00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8
|
|
00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx
|
|
0000a 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx
|
|
0000f 55 push rbp
|
|
00010 57 push rdi
|
|
00011 48 81 ec e8 00
|
|
00 00 sub rsp, 232 ; 000000e8H
|
|
00018 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32]
|
|
0001d 48 8b fc mov rdi, rsp
|
|
00020 b9 3a 00 00 00 mov ecx, 58 ; 0000003aH
|
|
00025 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH
|
|
0002a f3 ab rep stosd
|
|
0002c 48 8b 8c 24 08
|
|
01 00 00 mov rcx, QWORD PTR [rsp+264]
|
|
00034 48 8d 0d 00 00
|
|
00 00 lea rcx, OFFSET FLAT:__93DC0B45_wchar@h
|
|
0003b e8 00 00 00 00 call __CheckForDebuggerJustMyCode
|
|
|
|
; 235 : #pragma warning(suppress: 6386) // Buffer overrun
|
|
; 236 : return (wchar_t*)memcpy(_S1, _S2, _N*sizeof(wchar_t));
|
|
|
|
00040 48 8b 85 f0 00
|
|
00 00 mov rax, QWORD PTR _N$[rbp]
|
|
00047 48 d1 e0 shl rax, 1
|
|
0004a 4c 8b c0 mov r8, rax
|
|
0004d 48 8b 95 e8 00
|
|
00 00 mov rdx, QWORD PTR _S2$[rbp]
|
|
00054 48 8b 8d e0 00
|
|
00 00 mov rcx, QWORD PTR _S1$[rbp]
|
|
0005b e8 00 00 00 00 call memcpy
|
|
|
|
; 237 : }
|
|
|
|
00060 48 8d a5 c8 00
|
|
00 00 lea rsp, QWORD PTR [rbp+200]
|
|
00067 5f pop rdi
|
|
00068 5d pop rbp
|
|
00069 c3 ret 0
|
|
wmemcpy ENDP
|
|
_TEXT ENDS
|
|
; Function compile flags: /Odtp /RTCsu /ZI
|
|
; File C:\$Fanta\code-virtualizer\CodeVirtualizer\RipMovInst.cpp
|
|
; COMDAT ?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z
|
|
_TEXT SEGMENT
|
|
__formal$ = 224
|
|
__formal$ = 232
|
|
__formal$ = 240
|
|
?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z PROC ; __empty_global_delete, COMDAT
|
|
|
|
$LN3:
|
|
00000 4c 89 44 24 18 mov QWORD PTR [rsp+24], r8
|
|
00005 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx
|
|
0000a 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx
|
|
0000f 55 push rbp
|
|
00010 57 push rdi
|
|
00011 48 81 ec e8 00
|
|
00 00 sub rsp, 232 ; 000000e8H
|
|
00018 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32]
|
|
0001d 48 8b fc mov rdi, rsp
|
|
00020 b9 3a 00 00 00 mov ecx, 58 ; 0000003aH
|
|
00025 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH
|
|
0002a f3 ab rep stosd
|
|
0002c 48 8b 8c 24 08
|
|
01 00 00 mov rcx, QWORD PTR [rsp+264]
|
|
00034 48 8d 0d 00 00
|
|
00 00 lea rcx, OFFSET FLAT:__9DFA3906_RipMovInst@cpp
|
|
0003b e8 00 00 00 00 call __CheckForDebuggerJustMyCode
|
|
00040 90 npad 1
|
|
00041 48 8d a5 c8 00
|
|
00 00 lea rsp, QWORD PTR [rbp+200]
|
|
00048 5f pop rdi
|
|
00049 5d pop rbp
|
|
0004a c3 ret 0
|
|
?__empty_global_delete@@YAXPEAX_KW4align_val_t@std@@@Z ENDP ; __empty_global_delete
|
|
_TEXT ENDS
|
|
; Function compile flags: /Odtp /RTCsu /ZI
|
|
; File C:\$Fanta\code-virtualizer\CodeVirtualizer\RipMovInst.cpp
|
|
; COMDAT ?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z
|
|
_TEXT SEGMENT
|
|
__formal$ = 224
|
|
__formal$ = 232
|
|
?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z PROC ; __empty_global_delete, COMDAT
|
|
|
|
$LN3:
|
|
00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx
|
|
00005 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx
|
|
0000a 55 push rbp
|
|
0000b 57 push rdi
|
|
0000c 48 81 ec e8 00
|
|
00 00 sub rsp, 232 ; 000000e8H
|
|
00013 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32]
|
|
00018 48 8b fc mov rdi, rsp
|
|
0001b b9 3a 00 00 00 mov ecx, 58 ; 0000003aH
|
|
00020 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH
|
|
00025 f3 ab rep stosd
|
|
00027 48 8b 8c 24 08
|
|
01 00 00 mov rcx, QWORD PTR [rsp+264]
|
|
0002f 48 8d 0d 00 00
|
|
00 00 lea rcx, OFFSET FLAT:__9DFA3906_RipMovInst@cpp
|
|
00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode
|
|
0003b 90 npad 1
|
|
0003c 48 8d a5 c8 00
|
|
00 00 lea rsp, QWORD PTR [rbp+200]
|
|
00043 5f pop rdi
|
|
00044 5d pop rbp
|
|
00045 c3 ret 0
|
|
?__empty_global_delete@@YAXPEAXW4align_val_t@std@@@Z ENDP ; __empty_global_delete
|
|
_TEXT ENDS
|
|
; Function compile flags: /Odtp /RTCsu /ZI
|
|
; File C:\$Fanta\code-virtualizer\CodeVirtualizer\RipMovInst.cpp
|
|
; COMDAT ?__empty_global_delete@@YAXPEAX_K@Z
|
|
_TEXT SEGMENT
|
|
__formal$ = 224
|
|
__formal$ = 232
|
|
?__empty_global_delete@@YAXPEAX_K@Z PROC ; __empty_global_delete, COMDAT
|
|
|
|
$LN3:
|
|
00000 48 89 54 24 10 mov QWORD PTR [rsp+16], rdx
|
|
00005 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx
|
|
0000a 55 push rbp
|
|
0000b 57 push rdi
|
|
0000c 48 81 ec e8 00
|
|
00 00 sub rsp, 232 ; 000000e8H
|
|
00013 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32]
|
|
00018 48 8b fc mov rdi, rsp
|
|
0001b b9 3a 00 00 00 mov ecx, 58 ; 0000003aH
|
|
00020 b8 cc cc cc cc mov eax, -858993460 ; ccccccccH
|
|
00025 f3 ab rep stosd
|
|
00027 48 8b 8c 24 08
|
|
01 00 00 mov rcx, QWORD PTR [rsp+264]
|
|
0002f 48 8d 0d 00 00
|
|
00 00 lea rcx, OFFSET FLAT:__9DFA3906_RipMovInst@cpp
|
|
00036 e8 00 00 00 00 call __CheckForDebuggerJustMyCode
|
|
0003b 90 npad 1
|
|
0003c 48 8d a5 c8 00
|
|
00 00 lea rsp, QWORD PTR [rbp+200]
|
|
00043 5f pop rdi
|
|
00044 5d pop rbp
|
|
00045 c3 ret 0
|
|
?__empty_global_delete@@YAXPEAX_K@Z ENDP ; __empty_global_delete
|
|
_TEXT ENDS
|
|
; Function compile flags: /Odtp /RTCsu /ZI
|
|
; File C:\$Fanta\code-virtualizer\CodeVirtualizer\RipMovInst.cpp
|
|
; COMDAT ?__empty_global_delete@@YAXPEAX@Z
|
|
_TEXT SEGMENT
|
|
__formal$ = 224
|
|
?__empty_global_delete@@YAXPEAX@Z PROC ; __empty_global_delete, COMDAT
|
|
|
|
$LN3:
|
|
00000 48 89 4c 24 08 mov QWORD PTR [rsp+8], rcx
|
|
00005 55 push rbp
|
|
00006 57 push rdi
|
|
00007 48 81 ec e8 00
|
|
00 00 sub rsp, 232 ; 000000e8H
|
|
0000e 48 8d 6c 24 20 lea rbp, QWORD PTR [rsp+32]
|
|
00013 48 8b fc mov rdi, rsp
|
|
00016 b9 3a 00 00 00 mov ecx, 58 ; 0000003aH
|
|
0001b b8 cc cc cc cc mov eax, -858993460 ; ccccccccH
|
|
00020 f3 ab rep stosd
|
|
00022 48 8b 8c 24 08
|
|
01 00 00 mov rcx, QWORD PTR [rsp+264]
|
|
0002a 48 8d 0d 00 00
|
|
00 00 lea rcx, OFFSET FLAT:__9DFA3906_RipMovInst@cpp
|
|
00031 e8 00 00 00 00 call __CheckForDebuggerJustMyCode
|
|
00036 90 npad 1
|
|
00037 48 8d a5 c8 00
|
|
00 00 lea rsp, QWORD PTR [rbp+200]
|
|
0003e 5f pop rdi
|
|
0003f 5d pop rbp
|
|
00040 c3 ret 0
|
|
?__empty_global_delete@@YAXPEAX@Z ENDP ; __empty_global_delete
|
|
_TEXT ENDS
|
|
END
|