前文再续,书接上一回。
破解步骤二——代码分析:
在跟踪过程发现,RMReport对打印的限制来自于rm_class.dcu文件,通过Dcu2Pas对rm_class.dcu反翻译得到_DoPrintReport函数的汇编源码,再结合D6对汇编代码的跟踪,得到如下的关键源码段:
- procedure _DoPrintReport;
- var
- i: Integer;
- j: Integer;
- lipgList: TStringList;
- lPrinter: TRMPrinter;
- liNeedNewPage: Boolean;
- lFactorX: Double;
- lFactorY: Double;
- lSavePrintInfo: TRMPageInfo;
- lOldPageNumber: Integer;
- lPageWidth: Integer;
- lPageHeight: Integer;
- asm
- @@474: {8D 53 58 } lea edx, [ebx+$58]
- @@477: {8B 45 F0 } mov eax, [ebp-$10]
- @@480: {E8 00 00 00 00 } call TRMPrinter.FillPrinterInfo
- @@485: {8B 45 F0 } mov eax, [ebp-$10]
- @@488: {E8 00 00 00 00 } call TRMCustomPrinter.BeginDoc
- @@493: {8B 45 08 } mov eax, [ebp+$08]
- @@496: {80 78 0C 00 } cmp byte ptr [eax+$0C], $00
- @@500: {74 4D } jz @@579
- ---------------------------------------------------------------------好戏开场,逐份打印方式
- @@502: {33 DB } xor ebx, ebx
- @@504: {EB 33 } jmp @@557
- @@506: {55 } push ebp -----12F56C
- @@507: {33 C0 } xor eax, eax
- @@509: {E8 00 00 00 00 } call _CanPrint ------EAX=1,EBX=0,ECX=0,EDX=12F504
- @@514: {59 } pop ecx
- @@515: {84 C0 } test al, al -----if _CanPrint then _PrintOnePage(....)
- @@517: {74 09 } jz @@