蛋疼 待验证
.text:1000C855 cycle_big: ; CODE XREF: sus_sub_1000C520+3D2j
.text:1000C855 push 1
.text:1000C857 mov ecx, ebx
.text:1000C859 call GetNextBufferDword
.text:1000C85E mov edx, [esi+3Ch]
.text:1000C861 mov ecx, [esp+304h+buffer_base]
.text:1000C865 mov [ecx+edx], eax
.text:1000C868 push 1
.text:1000C86A mov ecx, ebx
.text:1000C86C call GetNextBufferDword
.text:1000C871 mov [esp+304h+tainted_dwrod], eax
.text:1000C875 cmp eax, 8
.text:1000C878 jbe short loc_1000C87F
.text:1000C87A mov eax, 8
.text:1000C87F
.text:1000C87F loc_1000C87F: ; CODE XREF: sus_sub_1000C520+358j
.text:1000C87F mov edx, [esi+3Ch]
.text:1000C882 mov ecx, [esp+304h+buffer_base]
.text:1000C886 xor edi, edi
.text:1000C888 mov [ecx+edx+4], eax
.text:1000C88C cmp [esp+304h+tainted_dwrod], edi
.text:1000C890 jbe short loc_1000C8BA
.text:1000C892
.text:1000C892 small_cycle: ; CODE XREF: sus_sub_1000C520+398j
.text:1000C892 push 1
.text:1000C894 mov ecx, ebx ; while(index<tainted_dword)
.text:1000C894 ; {
.text:1000C894 ;
.text:1000C894 ; if (index<8)
.text:1000C894 ; {
.text:1000C894 ; v1 = GetNeXTBufferDword();
.text:1000C894 ; v2[index]=v1
.text:1000C894 ; }
.text:1000C894 ; else
.text:1000C894 ; {
.text:1000C894 ; GetNeXTBufferDword();
.text:1000C894 ; }
.text:1000C894 ; index++;
.text:1000C894 ; }
.text:1000C896 cmp edi, 8
.text:1000C899 jnb short loc_1000C8AE
.text:1000C89B call GetNextBufferDword
.text:1000C8A0 mov edx, [esp+304h+index]
.text:1000C8A4 mov ecx, [esi+3Ch]
.text:1000C8A7 add edx, edi
.text:1000C8A9 mov [ecx+edx*4], eax
.text:1000C8AC jmp short loc_1000C8B3
.text:1000C8AE ; ---------------------------------------------------------------------------
.text:1000C8AE
.text:1000C8AE loc_1000C8AE: ; CODE XREF: sus_sub_1000C520+379j
.text:1000C8AE call GetNextBufferDword
.text:1000C8B3
.text:1000C8B3 loc_1000C8B3: ; CODE XREF: sus_sub_1000C520+38Cj
.text:1000C8B3 inc edi
.text:1000C8B4 cmp edi, [esp+304h+tainted_dwrod]
.text:1000C8B8 jb short small_cycle
.text:1000C8BA
.text:1000C8BA loc_1000C8BA: ; CODE XREF: sus_sub_1000C520+370j
.text:1000C8BA push 1
.text:1000C8BC push 4
.text:1000C8BE mov ecx, ebx
.text:1000C8C0 call GetNextBuffer
.text:1000C8C5 test eax, eax
.text:1000C8C7 jz short loc_1000C8CD
.text:1000C8C9 mov eax, [eax]
.text:1000C8CB jmp short loc_1000C8CF
.text:1000C8CD ; ---------------------------------------------------------------------------
.text:1000C8CD
.text:1000C8CD loc_1000C8CD: ; CODE XREF: sus_sub_1000C520+3A7j
.text:1000C8CD xor eax, eax
.text:1000C8CF
.text:1000C8CF loc_1000C8CF: ; CODE XREF: sus_sub_1000C520+3ABj
.text:1000C8CF mov ecx, [esp+304h+buffer_base]
.text:1000C8D3 mov edx, [esi+3Ch]
.text:1000C8D6 add [esp+304h+index], 0Bh
.text:1000C8DB mov [ecx+edx+8], eax
.text:1000C8DF mov eax, [esp+304h+var_2AC]
.text:1000C8E3 inc eax
.text:1000C8E4 add ecx, 2Ch
.text:1000C8E7 mov [esp+304h+var_2AC], eax
.text:1000C8EB mov [esp+304h+buffer_base], ecx
.text:1000C8EF cmp eax, [esi+38h]
.text:1000C8F2 jb cycle_big
3382
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
