加载 WCP

加载 WCP

 

功能：

加载WCP.DLL，初始化几个函数：

 

 

 

 

//----- (1008CBD0)--------------------------------------------------------
signed int __userpurge WcpLoad@<eax>(

const unsigned__int16 *a1@<ecx>,

const unsigned__int16 *a2,

int a3,

HINSTANCE *a4)
{

  lpLibFileName = 0;
  v4 =a1;
  v5 =0;
  v6 =wcslen(v4);
  if (v6 == -8 )
  {
    v8 =0;
  }
  else
  {
    v5 =v6 + 8;
    v7 =operator new(2 * (v6 + 8) + 4);
    *v7= 0;
    v8 =(WCHAR *)(v7 + 4);
    *(_DWORD *)v7 = v5;
    lpLibFileName = v8;
    *v8= 0;
  }
  v9 =0;
  v10 =v5;
  while (*v8 )
  {
    ++v8;
    if (!--v10 )
      goto LABEL_65;
  }
  if (!v10 )
  {
LABEL_65:
    v9 =-2147024809;
LABEL_66:
    v11 =0;
    goto LABEL_13;
  }
  v11 =v5 - v10;
LABEL_13:
  if (v9 < 0)
    goto LABEL_119;
  v46 =0;
  v12 =(char *)&lpLibFileName[v11];
  v13 =v5 - v11;
  if (v5 == v11 )
    goto LABEL_67;
  v14 =v11 + v13 -v5 + 2147483646;
  v15 =(char *)v4 -v12;
  while (v14 )
  {
    v16 =*(_WORD*)&v12[v15];
    if (!v16 )
      break;
    *(_WORD *)v12 =v16;
    --v14;
    v12 +=2;
    if (!--v13 )
      goto LABEL_67;
  }
  if (v13 )
  {
    v9 =v46;
  }
  else
  {
LABEL_67:
    v12 -=2;
    v9 =-2147024774;
  }
  *(_WORD *)v12 = 0;
  if (v9 < 0)
  {
LABEL_119:
    CBSWdsLog(0x4000000u,v9, 1, "Failed toconcat string.");
    v18 =lpLibFileName;
    goto LABEL_42;
  }
  v17 =0;
  v46 =0;
  if (!v5 ||v5 > 0x7FFFFFFF)
  {
    v17 =-2147024809;
    v46 =-2147024809;
  }
  v18 =lpLibFileName;
  if (v17 < 0)
    goto LABEL_71;
  v17 =0;
  v19 =v5;
  v46 =0;
  v20 =lpLibFileName;
  if (!v5 )
    goto LABEL_70;
  while (*v20 )
  {
    ++v20;
    if (!--v19 )
      goto LABEL_70;
  }
  if (!v19 )
  {
LABEL_70:
    v17 =-2147024809;
    v46 =-2147024809;
LABEL_71:
    v21 =0;
    goto LABEL_32;
  }
  v21 =v5 - v19;
LABEL_32:
  if (v17 >= 0)
  {
    v46 =0;
    v22 =(char *)&lpLibFileName[v21];
    v23 =v5 - v21;
    if (v5 == v21 )
      goto LABEL_72;
    v24 =v21 + v23 -v5 + 2147483646;
    v25 =(char *)((char *)L"wcp.dll"- v22);
    while (v24 )
    {
      v26 =*(_WORD*)&v25[(_DWORD)v22];
      if (!v26 )
        break;
      *(_WORD *)v22 =v26;
      --v24;
      v22 +=2;
      if (!--v23 )
        goto LABEL_72;
    }
    if (!v23 )
    {
LABEL_72:
      v22 -=2;
      v46 =-2147024774;
    }
    v18 =lpLibFileName;
    *(_WORD *)v22 = 0;
  }
  v9 =v46;

// v28 v29 是 wcp.dll 的实例句柄
  v28 =LoadLibraryW(v18);
  v29 =v28;
  vpfnSetIsolationIMalloc = GetProcAddress(v28,"SetIsolationIMalloc");
  vpfnGetIdentityAuthority = GetProcAddress(v29,"GetIdentityAuthority");
  vpfnGetSystemStore = GetProcAddress(v29,"GetSystemStore");
  vpfnOpenExistingOfflineStore = GetProcAddress(v29,"OpenExistingOfflineStore");
  vpfnWcpInitialize = GetProcAddress(v29,"WcpInitialize");
  vpfnWcpShutdown = GetProcAddress(v29,"WcpShutdown");
  vpfnWcpSetHelperCallback = (__int32(__stdcall *)(struct ICBSHelper *))GetProcAddress(v29, "WcpSetHelperCallback");

  vpfnWcpSetHelperCallback((struct ICBSHelper *)&vCsiHelper);
  v32 =(int (__stdcall*)(int*))vpfnWcpInitialize;
  if (!vpfnWcpInitialize || gulpWcpCookie )
  {
LABEL_56:
    hLibModule =v29;
    goto LABEL_57;
  }

  v46 =0;

  v33 = vpfnWcpInitialize(&v46);
  v27 =v33;
  if (_InterlockedCompareExchange((volatile signed__int32 *)&gulpWcpCookie,v46, 0) )
  {
    v43 =v46;
    vpfnWcpShutdown (v43);
  }
 
LABEL_57:
  if (lpLibFileName )
    operator delete((void *)(lpLibFileName -2));
  return v27;
}
// 100023C0: using guessed type wchar_taWcp_dll[8];
// 1019B5BC: using guessed type __int32 (__stdcall*vpfnWcpSetHelperCallback)(struct ICBSHelper *);
// 1019B8A0: using guessed type int vCsiHelper;
// 1019BA9C: using guessed type unsigned __int32gulpWcpCookie;