/* This file was generated by the Hex-Rays decompiler version 8.4.0.240320.

1. /* This file was generated by the Hex-Rays decompiler version 8.4.0.240320.
2. Copyright (c) 2007-2021 Hex-Rays <[email protected]>
3.  
4. Detected compiler: Visual C++
5. */
6.  
7. #include <windows.h>
8. #include <defs.h>
9.  
10.  
11. //-------------------------------------------------------------------------
12. // Function declarations
13.  
14. #define __thiscall __cdecl // Test compile in C mode
15.  
16. int __cdecl sub_10001000(int a1);
17. int __cdecl sub_10001020(int a1);
18. int __cdecl sub_10001040(int a1, int a2, int a3);
19. DWORD __cdecl sub_10001060(LPCSTR lpFileName, LONG lDistanceToMove, LONG DistanceToMoveHigh);
20. int __cdecl sub_100010C0(unsigned __int8 *a1, int a2);
21. unsigned int __cdecl sub_10001190(char *a1, int a2);
22. WCHAR *__cdecl sub_10001260(LPCCH lpMultiByteStr);
23. CHAR *__cdecl sub_100012B0(LPCWCH lpWideCharStr);
24. int __cdecl sub_10001300(char *lpAddress);
25. LPVOID __cdecl sub_10001440(char *a1, int a2, int a3, int a4);
26. // int *__userpurge sub_10001A50@<eax>(int a1@<eax>, int *hMem);
27. BOOL __cdecl sub_10001AB0(int a1);
28. int __cdecl sub_10001AD0(LPCVOID lpBuffer, SIZE_T dwSize); // idb
29. int __cdecl sub_10001B30(int (__thiscall *a1)(int), int a2, int a3);
30. int __cdecl sub_10001B70(_BYTE *a1, int a2, _DWORD *a3);
31. int __cdecl sub_10001C10(_BYTE *a1, unsigned int *a2, _DWORD *a3);
32. int __cdecl sub_10001E80(int a1, LPCSTR lpName); // idb
33. int __cdecl sub_100026B0(DWORD th32ProcessID, int (__stdcall *a2)(_DWORD, _DWORD, _DWORD, _DWORD, _DWORD, _DWORD, int, int, int, int));
34. int __cdecl sub_10002780(int a1, int (__stdcall *a2)(_DWORD, _DWORD, _DWORD, _DWORD, _DWORD, _DWORD, int, int, int, int), int a3);
35. int __cdecl sub_100027E0(int (__stdcall *a1)(_DWORD, _DWORD, _DWORD, _DWORD, _DWORD, _DWORD, int, int, int, int));
36. char *__cdecl sub_100028B0(char *a1, int a2);
37. int __cdecl sub_10002B20(unsigned int a1, char a2);
38. char *__cdecl sub_10002B40(char *Destination, int Count);
39. int sub_10002BD0();
40. _DWORD *__thiscall sub_10002BF0(_DWORD *this);
41. int __thiscall sub_10002C20(_DWORD *this);
42. int __thiscall sub_10002C40(_DWORD *this);
43. BOOL __thiscall sub_10002C60(int *this, LPCSTR lpString);
44. void __thiscall sub_10002CE0(_DWORD *this, int a2);
45. int __thiscall sub_10002D10(_DWORD *this, HWND hWnd, int a3, int a4, int a5, int a6);
46. _DWORD *__thiscall sub_10002DF0(_DWORD *this, int a2, int a3);
47. BOOL __thiscall sub_10002E60(_DWORD *this, LPCCH lpMultiByteStr, LPCCH a3);
48. int __thiscall sub_10002EE0(_DWORD *this, int a2);
49. CHAR *__thiscall sub_10002F10(void *this, int a2, LPCSTR lpString);
50. unsigned int __stdcall sub_100030D0(wchar_t *String2, const wchar_t **a2);
51. _DWORD *__cdecl sub_100031C0(int a1, int a2);
52. _DWORD *__thiscall sub_10003210(_DWORD *this);
53. _DWORD *__thiscall sub_10003260(_DWORD *this, int a2, int a3, int a4, int a5);
54. int __stdcall sub_100032E0(int a1, int a2, int a3);
55. HMODULE __cdecl sub_10003320(HMODULE *a1, int a2, LPCSTR *a3);
56. HMODULE __cdecl sub_10003340(HMODULE *a1, int a2, LPCSTR *a3);
57. _DWORD *__cdecl sub_10003360(_DWORD *a1, int a2, int *a3);
58. char *__cdecl sub_100033C0(char *a1, int a2, char **a3);
59. FARPROC __cdecl sub_100034F0(HMODULE hModule, int a2, int a3);
60. int __cdecl sub_10003580(int *a1, int a2, int (__thiscall **a3)(int));
61. int __cdecl sub_100037D0(int *a1, int a2, int a3);
62. int __cdecl sub_10003880(_DWORD *a1, int a2, int a3);
63. int __cdecl sub_100038F0(int *a1, int a2, _DWORD **a3);
64. BOOL __cdecl sub_10003950(BOOL *a1, int a2, int *a3);
65. _DWORD *__cdecl sub_10003970(_DWORD *a1, int a2, int *a3);
66. LPVOID __cdecl sub_10003AB0(_DWORD *a1, int a2, int a3);
67. int __cdecl sub_10003AF0(int *a1, int a2, char **a3);
68. _DWORD *__cdecl sub_10003B10(_DWORD *a1, int a2, _DWORD *a3);
69. _DWORD *__cdecl sub_10003B30(_DWORD *a1, int a2, int a3);
70. _DWORD *__cdecl sub_10003BA0(_DWORD *a1, int a2, LPCCH *a3);
71. int __cdecl sub_10003C20(_DWORD *a1, int a2, int a3);
72. _DWORD *__cdecl sub_10003CB0(_DWORD *a1, int a2, int a3);
73. DWORD __cdecl sub_10003D60(DWORD *a1, int a2, int a3);
74. int __cdecl sub_10003D90(int *a1, int a2, int *a3);
75. int __cdecl sub_10003DB0(int *a1, int a2, int *a3);
76. int __cdecl sub_10003DD0(int *a1, int a2, int *a3);
77. int __cdecl sub_10003E00(int *a1, int a2, int *a3);
78. int __cdecl sub_10003E30(int *a1, int a2, LPCSTR *a3);
79. int __cdecl sub_10003F00(int *a1, int a2, int a3);
80. int __cdecl sub_10003F30(int *a1, int a2, int (__stdcall **a3)(_DWORD, _DWORD, _DWORD, _DWORD, _DWORD, _DWORD, int, int, int, int));
81. char *__cdecl sub_10003F50(char **a1, int a2, int a3);
82. int __cdecl sub_10003F80(int *a1, int a2, unsigned int *a3);
83. char *__cdecl sub_10003FB0(char **a1, int a2, int a3);
84. unsigned int __cdecl sub_10003FE0(_DWORD *a1, int a2, int a3);
85. BOOL __cdecl sub_10004010(BOOL *a1, int a2, HMODULE *a3);
86. char __cdecl sub_10004030(_DWORD *a1, int a2, int a3);
87. FARPROC __cdecl sub_100040D0(int *a1, int a2, HMODULE hModule);
88. int __cdecl sub_100043C0(int a1);
89. BOOL __cdecl sub_100043D0(CHAR **a1, int a2, int *a3);
90. int **__cdecl sub_10004410(int **a1, int a2, int ***a3);
91. _DWORD *__cdecl sub_100044C0(_DWORD *a1, int a2, int a3);
92. _DWORD *__cdecl sub_10004500(_DWORD *a1, int a2, int a3);
93. void __cdecl sub_10004530(int a1, int a2, void ***a3);
94. int __cdecl sub_10004550(int *a1, int a2, int a3);
95. BOOL __cdecl sub_10004580(BOOL *a1, int a2, int a3);
96. void __cdecl sub_100045B0(int a1, int a2, int a3);
97. int __cdecl sub_100045D0(int ***a1, int a2, int **a3);
98. int __cdecl sub_10004620(int ***a1, int a2, int **a3);
99. int __cdecl sub_10004670(int ***a1, int a2, int **a3);
100. _DWORD *__cdecl sub_100046C0(_DWORD *a1, int a2, int **a3);
101. int __cdecl sub_10004740(_DWORD *a1, int a2, int **a3);
102. void __cdecl sub_10004790(_DWORD *a1, int a2, int **a3);
103. int __cdecl sub_10004A20(int *a1, int a2, int a3);
104. CHAR *__cdecl sub_10004A50(CHAR **a1, int a2, int a3);
105. int __stdcall sub_10004A80(int a1, int (__stdcall *a2)(_DWORD, _DWORD, _DWORD), int a3);
106. void *GetNewInf();
107. // BOOL __stdcall Module32Next(HANDLE hSnapshot, LPMODULEENTRY32 lpme);
108. // BOOL __stdcall Module32First(HANDLE hSnapshot, LPMODULEENTRY32 lpme);
109. // HANDLE __stdcall CreateToolhelp32Snapshot(DWORD dwFlags, DWORD th32ProcessID);
110. // BOOL __stdcall Process32Next(HANDLE hSnapshot, LPPROCESSENTRY32 lppe);
111. // BOOL __stdcall Process32First(HANDLE hSnapshot, LPPROCESSENTRY32 lppe);
112. // int __stdcall GdiplusStartup(_DWORD, _DWORD, _DWORD); weak
113. // int __stdcall GdiplusShutdown(_DWORD); weak
114. // int __stdcall GdipImageRotateFlip(_DWORD, _DWORD); weak
115. // int __stdcall GdipDeleteGraphics(_DWORD); weak
116. // int __stdcall GdipDrawImageRectI(_DWORD, _DWORD, _DWORD, _DWORD, _DWORD, _DWORD); weak
117. // int __stdcall GdipCreateFromHDC(_DWORD, _DWORD); weak
118. // int __stdcall GdipGetImageHeight(_DWORD, _DWORD); weak
119. // int __stdcall GdipGetImageWidth(_DWORD, _DWORD); weak
120. // int __stdcall GdipSaveImageToFile(_DWORD, _DWORD, _DWORD, _DWORD); weak
121. // int __stdcall GdipGetImageEncoders(_DWORD, _DWORD, _DWORD); weak
122. // int __stdcall GdipGetImageEncodersSize(_DWORD, _DWORD); weak
123. // int __stdcall GdipLoadImageFromFile(_DWORD, _DWORD); weak
124. // int __stdcall GdipAlloc(_DWORD); weak
125. // int __stdcall GdipSaveAdd(_DWORD, _DWORD); weak
126. // int __stdcall GdipSaveAddImage(_DWORD, _DWORD, _DWORD); weak
127. // int __stdcall GdipDisposeImage(_DWORD); weak
128. // int __stdcall GdipLoadImageFromFileICM(_DWORD, _DWORD); weak
129. // int __stdcall GdipCloneImage(_DWORD, _DWORD); weak
130. // int __stdcall GdipGetImageThumbnail(_DWORD, _DWORD, _DWORD, _DWORD, _DWORD, _DWORD); weak
131. // int __stdcall GdipGetImagePaletteSize(_DWORD, _DWORD); weak
132. // int __stdcall GdipGetImagePalette(_DWORD, _DWORD, _DWORD); weak
133. // int __stdcall GdipSetImagePalette(_DWORD, _DWORD); weak
134. // int __stdcall GdipGetImageRawFormat(_DWORD, _DWORD); weak
135. // char *__cdecl strncpy(char *Destination, const char *Source, size_t Count);
136. void __cdecl sub_10004C8F(LPVOID lpMem);
137. // int __cdecl wcscmp(const wchar_t *String1, const wchar_t *String2);
138. // void *__cdecl malloc(size_t Size);
139. // int __cdecl _nh_malloc(size_t Size, int); idb
140. LPVOID __cdecl sub_10004DEB(unsigned int a1);
141. void __cdecl sub_10004F5F(LPVOID lpMem);
142. int __cdecl sub_10004F6A(size_t Size); // idb
143. char __cdecl sub_100054F7(int a1);
144. int sub_10005524();
145. int __cdecl sub_1000566C(int a1);
146. BOOL sub_100056C9();
147. // _DWORD __cdecl __sbh_heap_init(_DWORD); weak
148. // _DWORD __cdecl __sbh_find_block(_DWORD); weak
149. _DWORD *__cdecl sub_100057E4(_DWORD *a1, int a2);
150. // _DWORD __cdecl __sbh_alloc_block(_DWORD); weak
151. void **sub_10005FC2();
152. void **__cdecl sub_10006106(void **lpMem);
153. void __cdecl sub_1000615C(int a1);
154. unsigned int __cdecl sub_1000621E(unsigned int a1, void ***a2, unsigned int *a3);
155. void __cdecl sub_10006275(int a1, int a2, _BYTE *a3);
156. int __cdecl sub_100062BA(unsigned int a1);
157. int __cdecl sub_100064C2(int a1, unsigned int a2, unsigned int a3);
158. // _DWORD __cdecl _lock(_DWORD); weak
159. // _DWORD __cdecl _unlock(_DWORD); weak
160. // int __cdecl _except_handler3(int, PVOID TargetFrame, int); idb
161. // int __cdecl _callnewh(size_t Size);
162. // void __cdecl __noreturn terminate(); idb
163. void __thiscall __noreturn sub_100076E9(EXCEPTION_POINTERS *this);
164. int *__cdecl sub_10007EDE(DWORD NumberOfBytesWritten);
165. // int __cdecl strtol(const char *String, char **EndPtr, int Radix);
166. // char *__cdecl strchr(const char *Str, int Val);
167. // char *__cdecl strstr(const char *Str, const char *SubStr);
168. // int __cdecl strncmp(const char *Str1, const char *Str2, size_t MaxCount);
169. // void *__cdecl memcpy(void *, const void *Src, size_t Size);
170. // void *__cdecl memset(void *, int Val, size_t Size);
171. // _DWORD __cdecl _ld12cvt(_DWORD, _DWORD, _DWORD); weak
172. int __cdecl sub_10008DF3(int a1, int a2);
173. int __cdecl sub_10008E09(int a1, int a2);
174. int __cdecl sub_10008E1F(int a1, int a2);
175. int __cdecl sub_10008E4C(int a1, int a2);
176. // char *__cdecl strcpy(char *Destination, const char *Source);
177. // char *__cdecl strcat(char *Destination, const char *Source);
178. // size_t __cdecl strlen(const char *Str);
179. // LONG __stdcall __CxxUnhandledExceptionFilter(struct _EXCEPTION_POINTERS *ExceptionInfo); idb
180. LONG (__stdcall *sub_100091CA())(struct _EXCEPTION_POINTERS *ExceptionInfo);
181. LPTOP_LEVEL_EXCEPTION_FILTER sub_100091DB();
182. int __cdecl sub_100092C4(int a1, int a2);
183. // _DWORD __cdecl __crtMessageBoxA(_DWORD, _DWORD, _DWORD); weak
184. // _DWORD __cdecl __strgtold12(_DWORD, _DWORD, _DWORD, _DWORD, _DWORD, _DWORD, _DWORD); weak
185.  
186. //-------------------------------------------------------------------------
187. // Data declarations
188.  
189. _UNKNOWN loc_10002B70; // weak
190. // extern BOOL (__stdcall *LookupPrivilegeValueA)(LPCSTR lpSystemName, LPCSTR lpName, PLUID lpLuid);
191. // extern BOOL (__stdcall *AdjustTokenPrivileges)(HANDLE TokenHandle, BOOL DisableAllPrivileges, PTOKEN_PRIVILEGES NewState, DWORD BufferLength, PTOKEN_PRIVILEGES PreviousState, PDWORD ReturnLength);
192. // extern BOOL (__stdcall *OpenProcessToken)(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle);
193. // extern int (__stdcall *MultiByteToWideChar)(UINT CodePage, DWORD dwFlags, LPCCH lpMultiByteStr, int cbMultiByte, LPWSTR lpWideCharStr, int cchWideChar);
194. // extern UINT (__stdcall *GetACP)();
195. // extern int (__stdcall *WideCharToMultiByte)(UINT CodePage, DWORD dwFlags, LPCWCH lpWideCharStr, int cchWideChar, LPSTR lpMultiByteStr, int cbMultiByte, LPCCH lpDefaultChar, LPBOOL lpUsedDefaultChar);
196. // extern BOOL (__stdcall *WriteProcessMemory)(HANDLE hProcess, LPVOID lpBaseAddress, LPCVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesWritten);
197. // extern HANDLE (__stdcall *GetCurrentProcess)();
198. // extern BOOL (__stdcall *VirtualFree)(LPVOID lpAddress, SIZE_T dwSize, DWORD dwFreeType);
199. // extern BOOL (__stdcall *VirtualProtect)(LPVOID lpAddress, SIZE_T dwSize, DWORD flNewProtect, PDWORD lpflOldProtect);
200. // extern SIZE_T (__stdcall *VirtualQuery)(LPCVOID lpAddress, PMEMORY_BASIC_INFORMATION lpBuffer, SIZE_T dwLength);
201. // extern LPVOID (__stdcall *VirtualAlloc)(LPVOID lpAddress, SIZE_T dwSize, DWORD flAllocationType, DWORD flProtect);
202. // extern HLOCAL (__stdcall *LocalFree)(HLOCAL hMem);
203. // extern HANDLE (__stdcall *CreateRemoteThread)(HANDLE hProcess, LPSECURITY_ATTRIBUTES lpThreadAttributes, SIZE_T dwStackSize, LPTHREAD_START_ROUTINE lpStartAddress, LPVOID lpParameter, DWORD dwCreationFlags, LPDWORD lpThreadId);
204. // extern BOOL (__stdcall *VirtualFreeEx)(HANDLE hProcess, LPVOID lpAddress, SIZE_T dwSize, DWORD dwFreeType);
205. // extern LPVOID (__stdcall *VirtualAllocEx)(HANDLE hProcess, LPVOID lpAddress, SIZE_T dwSize, DWORD flAllocationType, DWORD flProtect);
206. // extern HANDLE (__stdcall *OpenProcess)(DWORD dwDesiredAccess, BOOL bInheritHandle, DWORD dwProcessId);
207. // extern DWORD (__stdcall *GetLastError)();
208. // extern void (__stdcall *SetLastError)(DWORD dwErrCode);
209. // extern HANDLE (__stdcall *CreateFileA)(LPCSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile);
210. // extern int (__stdcall *lstrlenA)(LPCSTR lpString);
211. // extern HMODULE (__stdcall *GetModuleHandleA)(LPCSTR lpModuleName);
212. // extern HMODULE (__stdcall *LoadLibraryA)(LPCSTR lpLibFileName);
213. // extern FARPROC (__stdcall *GetProcAddress)(HMODULE hModule, LPCSTR lpProcName);
214. // extern HANDLE (__stdcall *CreateThread)(LPSECURITY_ATTRIBUTES lpThreadAttributes, SIZE_T dwStackSize, LPTHREAD_START_ROUTINE lpStartAddress, LPVOID lpParameter, DWORD dwCreationFlags, LPDWORD lpThreadId);
215. // extern HLOCAL (__stdcall *LocalAlloc)(UINT uFlags, SIZE_T uBytes);
216. // extern DWORD (__stdcall *GetCurrentProcessId)();
217. // extern BOOL (__stdcall *FreeLibrary)(HMODULE hLibModule);
218. // extern DWORD (__stdcall *SetFilePointer)(HANDLE hFile, LONG lDistanceToMove, PLONG lpDistanceToMoveHigh, DWORD dwMoveMethod);
219. // extern BOOL (__stdcall *SetEndOfFile)(HANDLE hFile);
220. // extern BOOL (__stdcall *CloseHandle)(HANDLE hObject);
221. // extern LPTOP_LEVEL_EXCEPTION_FILTER (__stdcall *SetUnhandledExceptionFilter)(LPTOP_LEVEL_EXCEPTION_FILTER lpTopLevelExceptionFilter);
222. // extern BOOL (__stdcall *WriteFile)(HANDLE hFile, LPCVOID lpBuffer, DWORD nNumberOfBytesToWrite, LPDWORD lpNumberOfBytesWritten, LPOVERLAPPED lpOverlapped);
223. // extern HANDLE (__stdcall *GetStdHandle)(DWORD nStdHandle);
224. // extern BOOL (__stdcall *HeapFree)(HANDLE hHeap, DWORD dwFlags, LPVOID lpMem);
225. // extern LPVOID (__stdcall *HeapAlloc)(HANDLE hHeap, DWORD dwFlags, SIZE_T dwBytes);
226. // extern DWORD (__stdcall *GetModuleFileNameA)(HMODULE hModule, LPSTR lpFilename, DWORD nSize);
227. // extern DWORD (__stdcall *GetEnvironmentVariableA)(LPCSTR lpName, LPSTR lpBuffer, DWORD nSize);
228. // extern BOOL (__stdcall *GetVersionExA)(LPOSVERSIONINFOA lpVersionInformation);
229. // extern BOOL (__stdcall *HeapDestroy)(HANDLE hHeap);
230. // extern HANDLE (__stdcall *HeapCreate)(DWORD flOptions, SIZE_T dwInitialSize, SIZE_T dwMaximumSize);
231. // extern BOOL (__stdcall *SHGetSpecialFolderPathA)(HWND hwnd, LPSTR pszPath, int csidl, BOOL fCreate);
232. // extern HDC (__stdcall *GetDC)(HWND hWnd);
233. // extern BOOL (__stdcall *ExitWindowsEx)(UINT uFlags, DWORD dwReason);
234. // extern int (__stdcall *ReleaseDC)(HWND hWnd, HDC hDC);
235. void *off_1000C1C0 = &loc_10003190; // weak
236. _SCOPETABLE_ENTRY stru_1000C2E8[2] = { { -1, NULL, &loc_1000773A }, { 0, &loc_10007726, &loc_1000772A } }; // weak
237. wchar_t aImageGif[] = L"image/gif"; // idb
238. _UNKNOWN unk_1000F0E8; // weak
239. CHAR aGdi32Dll[] = "gdi32.dll"; // idb
240. CHAR LibFileName[] = "user32.dll"; // idb
241. char aKernel32Dll_0[13] = "kernel32.dll"; // weak
242. char asc_10011B2C[2] = "-"; // weak
243. void *off_10011B60 = &off_10011B60; // weak
244. LPVOID off_10011B64 = &off_10011B60; // idb
245. int dword_10011B70 = -1; // weak
246. void **off_10013B80 = &off_10011B60; // weak
247. int dword_10013B84 = 480; // weak
248. void (__cdecl __noreturn *off_10013C74)() = &terminate; // weak
249. int dword_10013CA0[] = { 2 }; // weak
250. char *off_10013CA4 = "R6002\r\n- floating point not loaded\r\n"; // weak
251. int dword_10013D30 = 1; // weak
252. _UNKNOWN unk_10013F48; // weak
253. _UNKNOWN unk_10013F60; // weak
254. HANDLE TokenHandle = NULL; // idb
255. char byte_1001485C[32] =
256. {
257. '\0',
258. '\0',
259. '\0',
260. '\0',
261. '\0',
262. '\0',
263. '\0',
264. '\0',
265. '\0',
266. '\0',
267. '\0',
268. '\0',
269. '\0',
270. '\0',
271. '\0',
272. '\0',
273. '\0',
274. '\0',
275. '\0',
276. '\0',
277. '\0',
278. '\0',
279. '\0',
280. '\0',
281. '\0',
282. '\0',
283. '\0',
284. '\0',
285. '\0',
286. '\0',
287. '\0',
288. '\0'
289. }; // weak
290. HANDLE hProcess = NULL; // idb
291. LPCVOID lpBuffer = NULL; // idb
292. LPVOID lpAddress = NULL; // idb
293. LPVOID lpBaseAddress = NULL; // idb
294. LPVOID dword_10014890 = NULL; // idb
295. int dword_10014894[] = { 0 }; // weak
296. SIZE_T nSize = 0u; // idb
297. int dword_1001489C = 0; // weak
298. int dword_100148A0 = 0; // weak
299. int dword_100148A4 = 0; // weak
300. int dword_100148D8 = 0; // weak
301. int dword_100148E0 = 0; // weak
302. int dword_100148E4 = 0; // weak
303. int dword_100148E8 = 0; // weak
304. int dword_100148EC = 0; // weak
305. int dword_10014930 = 0; // weak
306. int (__stdcall *dword_10014934)(_DWORD, _DWORD, _DWORD) = NULL; // weak
307. int dword_1001494C = 0; // weak
308. int dword_10014950 = 0; // weak
309. int dword_10014954 = 0; // weak
310. int dword_100149B8 = 0; // idb
311. LPTOP_LEVEL_EXCEPTION_FILTER lpfn = NULL; // idb
312. int dword_10015018; // weak
313. int dword_1001501C; // weak
314. void *dword_10015020; // idb
315. int dword_10015024; // weak
316. LPVOID lpMem; // idb
317. int dword_1001502C; // weak
318. HANDLE hHeap; // idb
319. int dword_10015034; // weak
320.  
321.  
322. //----- (10001000) --------------------------------------------------------
323. int __cdecl sub_10001000(int a1)
324. {
325. return sub_100032E0(2024, a1, 0);
326. }
327.  
328. //----- (10001020) --------------------------------------------------------
329. int __cdecl sub_10001020(int a1)
330. {
331. return sub_100032E0(2025, a1, 0);
332. }
333.  
334. //----- (10001040) --------------------------------------------------------
335. int __cdecl sub_10001040(int a1, int a2, int a3)
336. {
337. return sub_100032E0(2025, a2, a3);
338. }
339.  
340. //----- (10001060) --------------------------------------------------------
341. DWORD __cdecl sub_10001060(LPCSTR lpFileName, LONG lDistanceToMove, LONG DistanceToMoveHigh)
342. {
343. DWORD v3; // edi
344. HANDLE FileA; // eax
345. void *v5; // esi
346.  
347. v3 = 0;
348. FileA = CreateFileA(lpFileName, 0x40000000u, 0, 0, 1u, 0x80u, 0);
349. v5 = FileA;
350. if ( FileA != (HANDLE)-1 )
351. {
352. v3 = SetFilePointer(FileA, lDistanceToMove, &DistanceToMoveHigh, 0);
353. if ( v3 )
354. v3 = SetEndOfFile(v5);
355. CloseHandle(v5);
356. }
357. return v3;
358. }
359.  
360. //----- (100010C0) --------------------------------------------------------
361. int __cdecl sub_100010C0(unsigned __int8 *a1, int a2)
362. {
363. int result; // eax
364. int v3; // ecx
365. int v4; // edi
366. _WORD *v5; // esi
367. char *v6; // edx
368. int v7; // eax
369. char v8; // bl
370. _BYTE *v9; // edx
371. char v10; // al
372. unsigned __int8 v11; // [esp+8h] [ebp+4h]
373. unsigned __int8 v12; // [esp+Eh] [ebp+Ah]
374.  
375. result = sub_10001000(2 * a2);
376. v4 = result;
377. if ( result )
378. {
379. v5 = (_WORD *)result;
380. LOBYTE(v3) = *a1;
381. v6 = (char *)(a1 + 1);
382. v11 = *a1;
383. if ( v11 )
384. {
385. do
386. {
387. v7 = v11;
388. if ( (v11 & 0x80) != 0 )
389. {
390. LOBYTE(v7) = v11 & 0xC0;
391. if ( v7 == 192 )
392. {
393. v8 = *v6;
394. v9 = v6 + 1;
395. v10 = v3 & 0xF;
396. LOBYTE(v3) = *v9;
397. v6 = v9 + 1;
398. v12 = v3 & 0x3F;
399. LOWORD(v3) = (unsigned __int8)v3;
400. LOBYTE(v3) = v10;
401. v3 = (v8 & 0x3F | (v3 << 6)) << 6;
402. *v5 = v3 | v12;
403. }
404. else
405. {
406. LOWORD(v3) = v3 & 0x1F;
407. LOWORD(v7) = *v6++ & 0x3F;
408. v3 = v7 | (v3 << 6);
409. *v5 = v3;
410. }
411. }
412. else
413. {
414. *v5 = v3 & 0x7F;
415. }
416. LOBYTE(v3) = *v6;
417. ++v5;
418. ++v6;
419. v11 = v3;
420. }
421. while ( (_BYTE)v3 );
422. }
423. *v5 = 0;
424. return v4;
425. }
426. return result;
427. }
428. // 10001133: variable 'v3' is possibly undefined
429.  
430. //----- (10001190) --------------------------------------------------------
431. unsigned int __cdecl sub_10001190(char *a1, int a2)
432. {
433. unsigned int result; // eax
434. _BYTE *v3; // ebp
435. char *v4; // esi
436. _BYTE *v5; // ecx
437. unsigned int v6; // edx
438. char v7; // bl
439. _BYTE *v8; // ecx
440. char v9; // dl
441. int v10; // esi
442. void *v11; // ebx
443.  
444. result = sub_10001000(3 * a2 + 1);
445. v3 = (_BYTE *)result;
446. if ( result )
447. {
448. v4 = a1;
449. v5 = (_BYTE *)result;
450. if ( a2 > 0 )
451. {
452. do
453. {
454. LOWORD(result) = *(_WORD *)v4;
455. if ( *(_WORD *)v4 < 0x800u )
456. {
457. if ( (unsigned __int16)result < 0x80u )
458. {
459. *v5 = result & 0x7F;
460. }
461. else
462. {
463. result >>= 6;
464. v9 = *(_WORD *)v4 & 0x3F | 0x80;
465. *v5++ = result & 0x1F | 0xC0;
466. *v5 = v9;
467. }
468. }
469. else
470. {
471. v6 = result;
472. result >>= 12;
473. v7 = *(_WORD *)v4 & 0x3F | 0x80;
474. *v5 = result & 0xF | 0xE0;
475. v8 = v5 + 1;
476. *v8 = (v6 >> 6) & 0x3F | 0x80;
477. v5 = v8 + 1;
478. *v5 = v7;
479. }
480. v4 += 2;
481. ++v5;
482. }
483. while ( v4 - a1 < a2 );
484. }
485. *v5 = 0;
486. v10 = v5 - v3 + 1;
487. v11 = (void *)sub_10001000(v10);
488. if ( v11 )
489. qmemcpy(v11, v3, v10);
490. sub_10001020((int)v3);
491. return (unsigned int)v11;
492. }
493. return result;
494. }
495.  
496. //----- (10001260) --------------------------------------------------------
497. WCHAR *__cdecl sub_10001260(LPCCH lpMultiByteStr)
498. {
499. UINT ACP; // eax
500. int v2; // esi
501. WCHAR *v3; // edi
502. UINT v4; // eax
503.  
504. ACP = GetACP();
505. v2 = MultiByteToWideChar(ACP, 0, lpMultiByteStr, -1, 0, 0);
506. v3 = (WCHAR *)sub_10001000(2 * v2 + 4);
507. v4 = GetACP();
508. MultiByteToWideChar(v4, 0, lpMultiByteStr, -1, v3, v2);
509. return v3;
510. }
511.  
512. //----- (100012B0) --------------------------------------------------------
513. CHAR *__cdecl sub_100012B0(LPCWCH lpWideCharStr)
514. {
515. UINT ACP; // eax
516. int v2; // esi
517. CHAR *v3; // edi
518. UINT v4; // eax
519.  
520. ACP = GetACP();
521. v2 = WideCharToMultiByte(ACP, 0, lpWideCharStr, -1, 0, 0, 0, 0);
522. v3 = (CHAR *)sub_10001000(v2 + 2);
523. v4 = GetACP();
524. WideCharToMultiByte(v4, 0, lpWideCharStr, -1, v3, v2, 0, 0);
525. return v3;
526. }
527.  
528. //----- (10001300) --------------------------------------------------------
529. int __cdecl sub_10001300(char *lpAddress)
530. {
531. int v1; // esi
532. char *v2; // ebp
533. int v3; // ecx
534. void *v4; // edi
535. char *v5; // eax
536. bool v6; // cc
537. int result; // eax
538. int v8; // eax
539. HANDLE CurrentProcess; // eax
540. char v10[20]; // [esp+10h] [ebp-30h] BYREF
541. struct _MEMORY_BASIC_INFORMATION Buffer; // [esp+24h] [ebp-1Ch] BYREF
542.  
543. v1 = *(_DWORD *)lpAddress;
544. v2 = lpAddress;
545. v3 = 0;
546. v4 = (void *)*((_DWORD *)lpAddress + 1);
547. v5 = lpAddress + 8;
548. v6 = *(_DWORD *)lpAddress <= 0;
549. lpAddress = 0;
550. if ( !v6 )
551. {
552. do
553. {
554. v10[v3] = v5[v3];
555. lpAddress = (char *)++v3;
556. }
557. while ( v3 < v1 );
558. }
559. lpAddress = (char *)VirtualQuery(v4, &Buffer, 0x1Cu);
560. if ( lpAddress != (char *)28 )
561. return 0;
562. result = (int)Buffer.BaseAddress;
563. if ( Buffer.BaseAddress )
564. {
565. result = VirtualProtect(Buffer.BaseAddress, Buffer.RegionSize, 0x40u, &Buffer.Protect);
566. if ( result )
567. {
568. v8 = 0;
569. for ( lpAddress = 0; v8 < v1; lpAddress = (char *)++v8 )
570. {
571. if ( *((_BYTE *)v4 + v8) != v10[v8] )
572. break;
573. }
574. if ( v8 == v1 )
575. {
576. VirtualProtect(Buffer.BaseAddress, Buffer.RegionSize, 0x20u, &Buffer.Protect);
577. VirtualFree(v2, 0, 0x1000u);
578. return 0;
579. }
580. else
581. {
582. CurrentProcess = GetCurrentProcess();
583. result = WriteProcessMemory(CurrentProcess, v4, v10, 5u, (SIZE_T *)&lpAddress);
584. if ( result )
585. {
586. if ( lpAddress == (char *)5 )
587. {
588. VirtualProtect(Buffer.BaseAddress, Buffer.RegionSize, 0x20u, &Buffer.Protect);
589. VirtualFree(v2, 0, 0x8000u);
590. return 1;
591. }
592. else
593. {
594. return 0;
595. }
596. }
597. }
598. }
599. }
600. return result;
601. }
602. // 10001300: using guessed type char var_30[20];
603.  
604. //----- (10001440) --------------------------------------------------------
605. LPVOID __cdecl sub_10001440(char *a1, int a2, int a3, int a4)
606. {
607. _DWORD *v4; // eax
608. char *v5; // ecx
609. _DWORD *v6; // eax
610. SIZE_T v7; // edi
611. _BYTE *v8; // eax
612. void *v9; // edi
613. char *v10; // ecx
614. SIZE_T v11; // eax
615. HANDLE CurrentProcess; // eax
616. int v14; // eax
617. HANDLE v15; // eax
618. SIZE_T NumberOfBytesWritten; // [esp+10h] [ebp-C0h] BYREF
619. LPVOID lpAddress; // [esp+14h] [ebp-BCh]
620. char Buffer; // [esp+18h] [ebp-B8h] BYREF
621. int v19; // [esp+19h] [ebp-B7h]
622. char v20; // [esp+1Dh] [ebp-B3h]
623. char v21; // [esp+1Eh] [ebp-B2h]
624. char v22; // [esp+1Fh] [ebp-B1h]
625. char v23; // [esp+20h] [ebp-B0h]
626. char v24; // [esp+21h] [ebp-AFh]
627. char v25; // [esp+22h] [ebp-AEh]
628. char v26; // [esp+23h] [ebp-ADh]
629. char v27; // [esp+24h] [ebp-ACh]
630. char v28; // [esp+25h] [ebp-ABh]
631. char v29; // [esp+26h] [ebp-AAh]
632. char v30; // [esp+27h] [ebp-A9h]
633. char v31; // [esp+28h] [ebp-A8h]
634. char v32; // [esp+29h] [ebp-A7h]
635. char v33; // [esp+2Ah] [ebp-A6h]
636. char v34; // [esp+2Bh] [ebp-A5h]
637. char v35; // [esp+2Ch] [ebp-A4h]
638. char v36; // [esp+2Dh] [ebp-A3h]
639. char v37; // [esp+2Eh] [ebp-A2h]
640. char v38; // [esp+2Fh] [ebp-A1h]
641. char v39; // [esp+30h] [ebp-A0h]
642. char v40; // [esp+31h] [ebp-9Fh]
643. char v41; // [esp+32h] [ebp-9Eh]
644. char v42; // [esp+33h] [ebp-9Dh]
645. char v43; // [esp+34h] [ebp-9Ch]
646. char v44; // [esp+35h] [ebp-9Bh]
647. char v45; // [esp+36h] [ebp-9Ah]
648. char v46; // [esp+37h] [ebp-99h]
649. char v47; // [esp+38h] [ebp-98h]
650. char v48; // [esp+39h] [ebp-97h]
651. char v49; // [esp+3Ah] [ebp-96h]
652. char v50; // [esp+3Bh] [ebp-95h]
653. char v51; // [esp+3Ch] [ebp-94h]
654. char v52; // [esp+3Dh] [ebp-93h]
655. char v53; // [esp+3Eh] [ebp-92h]
656. char v54; // [esp+3Fh] [ebp-91h]
657. char v55; // [esp+40h] [ebp-90h]
658. char v56; // [esp+41h] [ebp-8Fh]
659. char v57; // [esp+42h] [ebp-8Eh]
660. char v58; // [esp+43h] [ebp-8Dh]
661. char v59; // [esp+44h] [ebp-8Ch]
662. char v60; // [esp+45h] [ebp-8Bh]
663. char v61; // [esp+46h] [ebp-8Ah]
664. char v62; // [esp+47h] [ebp-89h]
665. char v63; // [esp+48h] [ebp-88h]
666. char v64; // [esp+49h] [ebp-87h]
667. char v65; // [esp+4Ah] [ebp-86h]
668. char v66; // [esp+4Bh] [ebp-85h]
669. char v67; // [esp+4Ch] [ebp-84h]
670. char v68; // [esp+4Dh] [ebp-83h]
671. char v69; // [esp+4Eh] [ebp-82h]
672. char v70; // [esp+4Fh] [ebp-81h]
673. char v71; // [esp+50h] [ebp-80h]
674. char v72; // [esp+51h] [ebp-7Fh]
675. char v73; // [esp+52h] [ebp-7Eh]
676. char v74; // [esp+53h] [ebp-7Dh]
677. char v75; // [esp+54h] [ebp-7Ch]
678. char v76; // [esp+55h] [ebp-7Bh]
679. char v77; // [esp+56h] [ebp-7Ah]
680. char v78; // [esp+57h] [ebp-79h]
681. char v79; // [esp+58h] [ebp-78h]
682. char v80; // [esp+59h] [ebp-77h]
683. char v81; // [esp+5Ah] [ebp-76h]
684. char v82; // [esp+5Bh] [ebp-75h]
685. char v83; // [esp+5Ch] [ebp-74h]
686. char v84; // [esp+5Dh] [ebp-73h]
687. char v85; // [esp+5Eh] [ebp-72h]
688. char v86; // [esp+5Fh] [ebp-71h]
689. char v87; // [esp+60h] [ebp-70h]
690. char v88; // [esp+61h] [ebp-6Fh]
691. char v89; // [esp+62h] [ebp-6Eh]
692. char v90; // [esp+63h] [ebp-6Dh]
693. char v91; // [esp+64h] [ebp-6Ch]
694. char v92; // [esp+65h] [ebp-6Bh]
695. char v93; // [esp+66h] [ebp-6Ah]
696. char v94; // [esp+67h] [ebp-69h]
697. char v95; // [esp+68h] [ebp-68h]
698. char v96; // [esp+69h] [ebp-67h]
699. char v97; // [esp+6Ah] [ebp-66h]
700. char v98; // [esp+6Bh] [ebp-65h]
701. char v99; // [esp+6Ch] [ebp-64h]
702. char v100; // [esp+6Dh] [ebp-63h]
703. char v101; // [esp+6Eh] [ebp-62h]
704. char v102; // [esp+6Fh] [ebp-61h]
705. char v103; // [esp+70h] [ebp-60h]
706. char v104; // [esp+71h] [ebp-5Fh]
707. char v105; // [esp+72h] [ebp-5Eh]
708. char v106; // [esp+73h] [ebp-5Dh]
709. char v107; // [esp+74h] [ebp-5Ch]
710. char v108; // [esp+75h] [ebp-5Bh]
711. char v109; // [esp+76h] [ebp-5Ah]
712. char v110; // [esp+77h] [ebp-59h]
713. char v111; // [esp+78h] [ebp-58h]
714. char v112; // [esp+79h] [ebp-57h]
715. char v113; // [esp+7Ah] [ebp-56h]
716. char v114; // [esp+7Bh] [ebp-55h]
717. char v115; // [esp+7Ch] [ebp-54h]
718. char v116; // [esp+7Dh] [ebp-53h]
719. char v117; // [esp+7Eh] [ebp-52h]
720. char v118; // [esp+7Fh] [ebp-51h]
721. int v119; // [esp+80h] [ebp-50h]
722. char v120; // [esp+84h] [ebp-4Ch]
723. char v121; // [esp+85h] [ebp-4Bh]
724. char v122; // [esp+86h] [ebp-4Ah]
725. char v123; // [esp+87h] [ebp-49h]
726. char v124; // [esp+88h] [ebp-48h]
727. char v125; // [esp+89h] [ebp-47h]
728. char v126; // [esp+8Ah] [ebp-46h]
729. char v127; // [esp+8Bh] [ebp-45h]
730. char v128; // [esp+8Ch] [ebp-44h]
731. char v129; // [esp+8Dh] [ebp-43h]
732. char v130; // [esp+8Eh] [ebp-42h]
733. char v131; // [esp+8Fh] [ebp-41h]
734. char v132; // [esp+90h] [ebp-40h]
735. char v133; // [esp+91h] [ebp-3Fh]
736. char v134; // [esp+92h] [ebp-3Eh]
737. char v135; // [esp+93h] [ebp-3Dh]
738. char v136; // [esp+94h] [ebp-3Ch]
739. char v137; // [esp+95h] [ebp-3Bh]
740. char v138; // [esp+96h] [ebp-3Ah]
741. char v139; // [esp+97h] [ebp-39h]
742. char v140; // [esp+98h] [ebp-38h]
743. char v141; // [esp+99h] [ebp-37h]
744. char v142[21]; // [esp+9Ah] [ebp-36h] BYREF
745. char *v143; // [esp+AFh] [ebp-21h]
746. struct _MEMORY_BASIC_INFORMATION v144; // [esp+B4h] [ebp-1Ch] BYREF
747.  
748. Buffer = -125;
749. v19 = 1686716652;
750. v20 = 36;
751. v21 = 60;
752. v22 = -125;
753. v23 = 68;
754. v24 = 36;
755. v25 = 60;
756. v26 = 64;
757. v27 = -119;
758. v28 = 68;
759. v29 = 36;
760. v30 = 56;
761. v31 = -119;
762. v32 = 92;
763. v33 = 36;
764. v34 = 52;
765. v35 = -119;
766. v36 = 76;
767. v37 = 36;
768. v38 = 48;
769. v39 = -119;
770. v40 = 84;
771. v41 = 36;
772. v42 = 44;
773. v43 = -119;
774. v44 = 108;
775. v45 = 36;
776. v46 = 40;
777. v47 = -119;
778. v48 = 116;
779. v49 = 36;
780. v50 = 36;
781. v51 = -119;
782. v52 = 124;
783. v53 = 36;
784. v54 = 32;
785. v55 = -115;
786. v56 = 68;
787. v57 = 36;
788. v58 = 60;
789. v59 = -119;
790. v60 = 68;
791. v61 = 36;
792. v62 = 28;
793. v63 = -115;
794. v64 = 68;
795. v65 = 36;
796. v66 = 56;
797. v67 = -119;
798. v68 = 68;
799. v69 = 36;
800. v70 = 24;
801. v71 = -115;
802. v72 = 68;
803. v73 = 36;
804. v74 = 52;
805. v75 = -119;
806. v76 = 68;
807. v77 = 36;
808. v78 = 20;
809. v79 = -115;
810. v80 = 68;
811. v81 = 36;
812. v82 = 48;
813. v83 = -119;
814. v84 = 68;
815. v85 = 36;
816. v86 = 16;
817. v87 = -115;
818. v89 = 36;
819. v93 = 36;
820. v97 = 36;
821. v101 = 36;
822. v105 = 36;
823. v106 = 36;
824. v109 = 36;
825. v113 = 36;
826. v117 = 36;
827. v95 = -115;
828. v103 = -115;
829. v111 = -115;
830. v137 = 88;
831. v140 = 88;
832. v88 = 68;
833. v90 = 44;
834. v91 = -119;
835. v92 = 68;
836. v94 = 12;
837. v96 = 68;
838. v98 = 40;
839. v99 = -119;
840. v100 = 68;
841. v102 = 8;
842. v104 = 68;
843. v107 = -119;
844. v108 = 68;
845. v110 = 4;
846. v112 = 68;
847. v114 = 32;
848. v115 = -119;
849. v116 = 4;
850. v118 = -72;
851. v119 = 0;
852. v120 = -1;
853. v121 = -48;
854. v122 = 95;
855. v123 = 94;
856. v124 = 93;
857. v125 = 90;
858. v126 = 89;
859. v127 = 91;
860. v128 = -125;
861. v129 = -8;
862. v130 = 0;
863. v131 = 15;
864. v132 = -124;
865. v133 = 3;
866. v134 = 0;
867. v135 = 0;
868. v136 = 0;
869. v138 = 92;
870. v139 = -61;
871. v141 = 92;
872. memset(v142, 144, 20);
873. v142[20] = -23;
874. v143 = 0;
875. if ( a3 < 5 )
876. return 0;
877. if ( a3 > 20 )
878. return 0;
879. v4 = VirtualAlloc(0, a3 + 183, 0x1000u, 4u);
880. if ( !v4 )
881. return 0;
882. v5 = (char *)v4;
883. *v4 = a3;
884. v6 = v4 + 1;
885. v7 = 0;
886. lpAddress = v5;
887. *v6 = a1;
888. v8 = v6 + 1;
889. for ( NumberOfBytesWritten = 0; (int)NumberOfBytesWritten < a3; ++NumberOfBytesWritten )
890. {
891. *v8++ = *(_BYTE *)(v7 + a2);
892. v7 = NumberOfBytesWritten + 1;
893. }
894. v9 = v5 + 28;
895. v119 = a4;
896. v10 = (char *)(a1 - (v5 + 28) + a3 - 155);
897. v11 = 0;
898. for ( NumberOfBytesWritten = 0; (int)NumberOfBytesWritten < a3; ++NumberOfBytesWritten )
899. {
900. v142[v11] = *(_BYTE *)(v11 + a2);
901. v11 = NumberOfBytesWritten + 1;
902. }
903. v143 = v10;
904. CurrentProcess = GetCurrentProcess();
905. if ( !WriteProcessMemory(CurrentProcess, v9, &Buffer, 0x9Bu, &NumberOfBytesWritten)
906. || NumberOfBytesWritten != 155
907. || (NumberOfBytesWritten = VirtualQuery(a1, &v144, 0x1Cu), NumberOfBytesWritten != 28)
908. || !VirtualProtect(v144.BaseAddress, v144.RegionSize, 0x40u, &v144.Protect) )
909. {
910. VirtualFree(lpAddress, 0, 0x1000u);
911. return 0;
912. }
913. v14 = 0;
914. NumberOfBytesWritten = 0;
915. do
916. {
917. if ( a1[v14] != *(_BYTE *)(v14 + a2) )
918. break;
919. NumberOfBytesWritten = ++v14;
920. }
921. while ( v14 < a3 );
922. if ( v14 != a3 )
923. goto LABEL_21;
924. Buffer = -23;
925. v19 = (_BYTE *)v9 - a1 - 5;
926. v15 = GetCurrentProcess();
927. if ( !WriteProcessMemory(v15, a1, &Buffer, 5u, &NumberOfBytesWritten) )
928. {
929. VirtualProtect(v144.BaseAddress, v144.RegionSize, v144.Protect, &v144.Protect);
930. VirtualFree(lpAddress, 0, 0x1000u);
931. return 0;
932. }
933. if ( NumberOfBytesWritten != 5 )
934. {
935. LABEL_21:
936. VirtualProtect(v144.BaseAddress, v144.RegionSize, v144.Protect, &v144.Protect);
937. VirtualFree(lpAddress, 0, 0x1000u);
938. return 0;
939. }
940. VirtualProtect(v144.BaseAddress, v144.RegionSize, v144.Protect, &v144.Protect);
941. return lpAddress;
942. }
943. // 100017E7: conditional instruction was optimized away because %arg_8.4 is in (5..14)
944. // 10001828: conditional instruction was optimized away because %arg_8.4 is in (5..14)
945. // 10001938: conditional instruction was optimized away because %arg_8.4 is in (5..14)
946.  
947. //----- (10001A50) --------------------------------------------------------
948. int *__userpurge sub_10001A50@<eax>(int a1@<eax>, int *hMem)
949. {
950. int *v2; // esi
951. int *v3; // ecx
952. int v4; // edx
953. int v6; // [esp-4h] [ebp-10h] BYREF
954. int (__cdecl *v7)(int); // [esp+4h] [ebp-8h]
955. int *v8; // [esp+8h] [ebp-4h]
956.  
957. v6 = a1;
958. v8 = &v6;
959. v2 = hMem;
960. v3 = hMem + 1;
961. v7 = (int (__cdecl *)(int))*hMem;
962. if ( hMem[1] > 0 )
963. {
964. v4 = hMem[1];
965. do
966. {
967. hMem = ++v3;
968. v6 = *v3;
969. --v4;
970. }
971. while ( v4 );
972. }
973. if ( !LocalFree(v2) )
974. return (int *)v7(v6);
975. return hMem;
976. }
977.  
978. //----- (10001AB0) --------------------------------------------------------
979. BOOL __cdecl sub_10001AB0(int a1)
980. {
981. return VirtualFree((LPVOID)(a1 - 4), 0, 0x8000u);
982. }
983.  
984. //----- (10001AD0) --------------------------------------------------------
985. int __cdecl sub_10001AD0(LPCVOID lpBuffer, SIZE_T dwSize)
986. {
987. void *v2; // esi
988. SIZE_T NumberOfBytesWritten; // [esp+8h] [ebp-4h] BYREF
989.  
990. NumberOfBytesWritten = 0;
991. v2 = VirtualAlloc(0, dwSize, 0x1000u, 0x40u);
992. if ( v2 )
993. {
994. if ( WriteProcessMemory((HANDLE)0xFFFFFFFF, v2, lpBuffer, dwSize, &NumberOfBytesWritten)
995. && NumberOfBytesWritten == dwSize )
996. {
997. return (int)v2 + 4;
998. }
999. VirtualFree(v2, dwSize, 0x8000u);
1000. }
1001. return 0;
1002. }
1003.  
1004. //----- (10001B30) --------------------------------------------------------
1005. int __cdecl sub_10001B30(int (__thiscall *a1)(int), int a2, int a3)
1006. {
1007. int v3; // edi
1008. int v4; // eax
1009.  
1010. v3 = *(_DWORD *)(a3 + 4) >> 2;
1011. v4 = a3 + 8 + 4 * v3 - 4;
1012. while ( v3 )
1013. {
1014. --v3;
1015. v4 -= 4;
1016. }
1017. return a1(a2);
1018. }
1019.  
1020. //----- (10001B70) --------------------------------------------------------
1021. int __cdecl sub_10001B70(_BYTE *a1, int a2, _DWORD *a3)
1022. {
1023. _BYTE *v4; // edi
1024. int v6; // ecx
1025. __int16 v7; // ax
1026. char v8; // bl
1027. _BYTE *v9; // edi
1028. char v10; // bl
1029. int v11; // [esp+Ch] [ebp-4h]
1030.  
1031. if ( a3 )
1032. *a3 = 0;
1033. v11 = sub_10001000(2 * a2 + 1);
1034. if ( !v11 )
1035. return 0;
1036. v4 = (_BYTE *)v11;
1037. v6 = a2;
1038. do
1039. {
1040. v7 = 16 * (unsigned __int8)*a1;
1041. LOBYTE(v7) = *a1 & 0xF;
1042. if ( SHIBYTE(v7) <= 9 )
1043. v8 = HIBYTE(v7) + 48;
1044. else
1045. v8 = ((unsigned __int8)*a1 >> 4) + 55;
1046. *v4 = v8;
1047. v9 = v4 + 1;
1048. if ( (char)v7 <= 9 )
1049. v10 = v7 + 48;
1050. else
1051. v10 = v7 + 55;
1052. *v9 = v10;
1053. v4 = v9 + 1;
1054. ++a1;
1055. --v6;
1056. }
1057. while ( v6 > 0 );
1058. *v4 = 0;
1059. if ( a3 )
1060. *a3 = 1;
1061. return v11;
1062. }
1063.  
1064. //----- (10001C10) --------------------------------------------------------
1065. int __cdecl sub_10001C10(_BYTE *a1, unsigned int *a2, _DWORD *a3)
1066. {
1067. unsigned int v4; // [esp+18h] [ebp-1Ch]
1068. int v5; // [esp+1Ch] [ebp-18h]
1069. char v6; // [esp+24h] [ebp-10h]
1070. char v7; // [esp+24h] [ebp-10h]
1071. unsigned int j; // [esp+28h] [ebp-Ch]
1072. char v9; // [esp+2Ch] [ebp-8h]
1073. char v10; // [esp+2Ch] [ebp-8h]
1074. char v11; // [esp+2Ch] [ebp-8h]
1075. _BYTE *i; // [esp+30h] [ebp-4h]
1076. _BYTE *v13; // [esp+30h] [ebp-4h]
1077. char *v14; // [esp+3Ch] [ebp+8h]
1078.  
1079. v4 = 0;
1080. if ( a3 )
1081. *a3 = 0;
1082. *a2 = 0;
1083. if ( !a1 )
1084. goto LABEL_23;
1085. for ( i = a1; *i; ++i )
1086. ++v4;
1087. if ( v4 >= 2 && (v5 = sub_10001000(v4 >> 1)) != 0 )
1088. {
1089. v13 = (_BYTE *)v5;
1090. for ( j = 0; j < v4 >> 1; ++j )
1091. {
1092. v9 = *a1;
1093. switch ( *a1 )
1094. {
1095. case '0':
1096. case '1':
1097. case '2':
1098. case '3':
1099. case '4':
1100. case '5':
1101. case '6':
1102. case '7':
1103. case '8':
1104. case '9':
1105. v10 = v9 - 48;
1106. break;
1107. case 'A':
1108. case 'B':
1109. case 'C':
1110. case 'D':
1111. case 'E':
1112. case 'F':
1113. v10 = v9 - 55;
1114. break;
1115. case 'a':
1116. case 'b':
1117. case 'c':
1118. case 'd':
1119. case 'e':
1120. case 'f':
1121. v10 = v9 - 87;
1122. break;
1123. default:
1124. goto LABEL_23;
1125. }
1126. v11 = 16 * v10;
1127. v14 = a1 + 1;
1128. v6 = *v14;
1129. switch ( *v14 )
1130. {
1131. case '0':
1132. case '1':
1133. case '2':
1134. case '3':
1135. case '4':
1136. case '5':
1137. case '6':
1138. case '7':
1139. case '8':
1140. case '9':
1141. v7 = v6 - 48;
1142. break;
1143. case 'A':
1144. case 'B':
1145. case 'C':
1146. case 'D':
1147. case 'E':
1148. case 'F':
1149. v7 = v6 - 55;
1150. break;
1151. case 'a':
1152. case 'b':
1153. case 'c':
1154. case 'd':
1155. case 'e':
1156. case 'f':
1157. v7 = v6 - 87;
1158. break;
1159. default:
1160. goto LABEL_23;
1161. }
1162. a1 = v14 + 1;
1163. *v13++ = v11 | v7;
1164. }
1165. *a2 = j;
1166. if ( a3 )
1167. *a3 = 1;
1168. return v5;
1169. }
1170. else
1171. {
1172. LABEL_23:
1173. *a2 = j;
1174. if ( a3 )
1175. *a3 = 0;
1176. return v5;
1177. }
1178. }
1179. // 10001DD4: variable 'j' is possibly undefined
1180. // 10001DE5: variable 'v5' is possibly undefined
1181.  
1182. //----- (10001E80) --------------------------------------------------------
1183. int __cdecl sub_10001E80(int a1, LPCSTR lpName)
1184. {
1185. HANDLE CurrentProcess; // eax
1186. DWORD LastError; // eax
1187. char *v5; // eax
1188. char *v6; // eax
1189. int i; // [esp+Ch] [ebp-A0h]
1190. unsigned int v8; // [esp+Ch] [ebp-A0h]
1191. SIZE_T v9; // [esp+10h] [ebp-9Ch]
1192. int v10; // [esp+14h] [ebp-98h]
1193. unsigned int v11; // [esp+18h] [ebp-94h]
1194. SIZE_T v12; // [esp+1Ch] [ebp-90h]
1195. int v13; // [esp+20h] [ebp-8Ch]
1196. int v14; // [esp+24h] [ebp-88h]
1197. int v15; // [esp+28h] [ebp-84h]
1198. DWORD ThreadId; // [esp+2Ch] [ebp-80h] BYREF
1199. HANDLE v17; // [esp+30h] [ebp-7Ch]
1200. char Buffer[15]; // [esp+34h] [ebp-78h] BYREF
1201. int v19; // [esp+43h] [ebp-69h]
1202. char v20; // [esp+47h] [ebp-65h]
1203. char v21; // [esp+48h] [ebp-64h]
1204. char v22; // [esp+49h] [ebp-63h]
1205. char v23; // [esp+4Ah] [ebp-62h]
1206. int v24; // [esp+4Bh] [ebp-61h]
1207. char v25; // [esp+4Fh] [ebp-5Dh]
1208. char v26; // [esp+50h] [ebp-5Ch]
1209. char v27; // [esp+51h] [ebp-5Bh]
1210. char v28; // [esp+52h] [ebp-5Ah]
1211. char v29; // [esp+53h] [ebp-59h]
1212. char v30; // [esp+54h] [ebp-58h]
1213. char v31; // [esp+55h] [ebp-57h]
1214. char v32; // [esp+56h] [ebp-56h]
1215. char v33; // [esp+57h] [ebp-55h]
1216. char v34; // [esp+58h] [ebp-54h]
1217. char v35; // [esp+59h] [ebp-53h]
1218. char v36; // [esp+5Ah] [ebp-52h]
1219. char v37; // [esp+5Bh] [ebp-51h]
1220. char v38; // [esp+5Ch] [ebp-50h]
1221. char v39; // [esp+5Dh] [ebp-4Fh]
1222. char v40; // [esp+5Eh] [ebp-4Eh]
1223. char v41; // [esp+5Fh] [ebp-4Dh]
1224. char v42; // [esp+60h] [ebp-4Ch]
1225. char v43; // [esp+61h] [ebp-4Bh]
1226. char v44; // [esp+62h] [ebp-4Ah]
1227. char v45; // [esp+63h] [ebp-49h]
1228. char v46; // [esp+64h] [ebp-48h]
1229. char v47; // [esp+65h] [ebp-47h]
1230. char v48; // [esp+66h] [ebp-46h]
1231. char v49; // [esp+67h] [ebp-45h]
1232. char v50; // [esp+68h] [ebp-44h]
1233. char v51; // [esp+69h] [ebp-43h]
1234. char v52; // [esp+6Ah] [ebp-42h]
1235. char v53; // [esp+6Bh] [ebp-41h]
1236. char v54; // [esp+6Ch] [ebp-40h]
1237. char v55; // [esp+6Dh] [ebp-3Fh]
1238. char v56; // [esp+6Eh] [ebp-3Eh]
1239. char v57; // [esp+6Fh] [ebp-3Dh]
1240. char v58; // [esp+70h] [ebp-3Ch]
1241. char v59; // [esp+71h] [ebp-3Bh]
1242. char v60; // [esp+72h] [ebp-3Ah]
1243. char v61; // [esp+73h] [ebp-39h]
1244. char v62; // [esp+74h] [ebp-38h]
1245. char v63; // [esp+75h] [ebp-37h]
1246. char v64; // [esp+76h] [ebp-36h]
1247. char v65; // [esp+77h] [ebp-35h]
1248. char v66; // [esp+78h] [ebp-34h]
1249. char v67; // [esp+79h] [ebp-33h]
1250. char v68; // [esp+7Ah] [ebp-32h]
1251. char v69; // [esp+7Bh] [ebp-31h]
1252. char v70; // [esp+7Ch] [ebp-30h]
1253. char v71; // [esp+7Dh] [ebp-2Fh]
1254. char v72; // [esp+7Eh] [ebp-2Eh]
1255. char v73; // [esp+7Fh] [ebp-2Dh]
1256. char v74; // [esp+80h] [ebp-2Ch]
1257. char v75; // [esp+81h] [ebp-2Bh]
1258. char v76; // [esp+82h] [ebp-2Ah]
1259. char v77; // [esp+83h] [ebp-29h]
1260. char v78; // [esp+84h] [ebp-28h]
1261. char v79; // [esp+85h] [ebp-27h]
1262. int v80; // [esp+86h] [ebp-26h]
1263. __int16 v81; // [esp+8Ah] [ebp-22h]
1264. SIZE_T NumberOfBytesWritten; // [esp+8Ch] [ebp-20h] BYREF
1265. LPTHREAD_START_ROUTINE lpStartAddress; // [esp+90h] [ebp-1Ch]
1266. SIZE_T v84; // [esp+94h] [ebp-18h] BYREF
1267. struct _TOKEN_PRIVILEGES NewState; // [esp+98h] [ebp-14h] BYREF
1268. BOOL v86; // [esp+A8h] [ebp-4h]
1269.  
1270. if ( a1 == 1 )
1271. {
1272. if ( TokenHandle )
1273. return (int)TokenHandle;
1274. CurrentProcess = GetCurrentProcess();
1275. if ( OpenProcessToken(CurrentProcess, 0xF01FFu, &TokenHandle) )
1276. return (int)TokenHandle;
1277. }
1278. switch ( a1 )
1279. {
1280. case 2:
1281. v86 = LookupPrivilegeValueA(0, lpName, &NewState.Privileges[0].Luid);
1282. if ( !v86 )
1283. return 0;
1284. NewState.PrivilegeCount = 1;
1285. NewState.Privileges[0].Attributes = 2;
1286. SetLastError(0);
1287. v86 = AdjustTokenPrivileges(TokenHandle, 0, &NewState, 0, 0, 0);
1288. LastError = GetLastError();
1289. v86 = LastError == 0;
1290. if ( !LastError )
1291. strcpy(byte_1001485C, lpName);
1292. return v86;
1293. case 4:
1294. if ( !hProcess )
1295. hProcess = OpenProcess(0x1F0FFFu, 0, (DWORD)lpName);
1296. return (int)hProcess;
1297. case 8:
1298. return ExitWindowsEx((UINT)lpName, 0);
1299. }
1300. if ( a1 != 16 )
1301. goto LABEL_29;
1302. if ( lpName == (LPCSTR)1 )
1303. {
1304. if ( hProcess )
1305. {
1306. v86 = !CloseHandle(hProcess);
1307. if ( v86 )
1308. hProcess = 0;
1309. }
1310. return v86;
1311. }
1312. if ( lpName == (LPCSTR)2 )
1313. {
1314. if ( TokenHandle )
1315. {
1316. v86 = !CloseHandle(hProcess);
1317. if ( v86 )
1318. TokenHandle = 0;
1319. }
1320. return v86;
1321. }
1322. else
1323. {
1324. LABEL_29:
1325. switch ( a1 )
1326. {
1327. case ' ':
1328. dword_10014894[0] = 4;
1329. Buffer[0] = -117;
1330. Buffer[1] = -20;
1331. Buffer[2] = 85;
1332. Buffer[3] = -125;
1333. Buffer[4] = -20;
1334. Buffer[5] = 32;
1335. Buffer[6] = -72;
1336. Buffer[7] = 35;
1337. Buffer[8] = 16;
1338. Buffer[9] = 0;
1339. Buffer[10] = 0;
1340. Buffer[11] = -119;
1341. Buffer[12] = 69;
1342. Buffer[13] = -8;
1343. Buffer[14] = -72;
1344. v19 = 4132;
1345. v20 = -119;
1346. v21 = 69;
1347. v22 = -12;
1348. v23 = -72;
1349. v24 = 4133;
1350. v25 = -119;
1351. v26 = 69;
1352. v27 = -16;
1353. v28 = 104;
1354. v29 = 22;
1355. v30 = 3;
1356. v31 = 1;
1357. v32 = 0;
1358. v33 = -117;
1359. v34 = 69;
1360. v35 = -16;
1361. v36 = -117;
1362. v37 = 72;
1363. v38 = 4;
1364. v39 = -125;
1365. v40 = -64;
1366. v41 = 8;
1367. v42 = 73;
1368. v43 = -117;
1369. v44 = 28;
1370. v45 = -120;
1371. v46 = 83;
1372. v47 = -125;
1373. v48 = -7;
1374. v49 = 0;
1375. v50 = 126;
1376. v51 = 2;
1377. v52 = -21;
1378. v53 = -12;
1379. v54 = -117;
1380. v55 = 69;
1381. v56 = -16;
1382. v57 = -1;
1383. v58 = 16;
1384. v59 = -117;
1385. v60 = 28;
1386. v61 = 36;
1387. v62 = -127;
1388. v63 = -5;
1389. v64 = 22;
1390. v65 = 3;
1391. v66 = 1;
1392. v67 = 0;
1393. v68 = 116;
1394. v69 = 3;
1395. v70 = 92;
1396. v71 = -21;
1397. v72 = -14;
1398. v73 = -125;
1399. v74 = -60;
1400. v75 = 36;
1401. v76 = 93;
1402. v77 = -117;
1403. v78 = -27;
1404. v79 = -61;
1405. v80 = 0;
1406. v81 = 0;
1407. if ( lpAddress )
1408. {
1409. return 0;
1410. }
1411. else
1412. {
1413. lpAddress = VirtualAllocEx(hProcess, 0, 0x64u, 0x1000u, 0x40u);
1414. if ( lpAddress
1415. && (lpBaseAddress = VirtualAllocEx(hProcess, 0, 0x64u, 0x1000u, 0x40u)) != 0
1416. && (dword_10014890 = VirtualAllocEx(hProcess, 0, 0x1F4u, 0x1000u, 0x40u)) != 0
1417. && (v19 = (int)dword_10014890,
1418. v24 = (int)lpBaseAddress,
1419. WriteProcessMemory(hProcess, lpAddress, Buffer, 0x58u, &NumberOfBytesWritten))
1420. && NumberOfBytesWritten == 88 )
1421. {
1422. return (int)lpAddress;
1423. }
1424. else
1425. {
1426. if ( lpAddress )
1427. VirtualFreeEx(hProcess, lpAddress, 0x64u, 0x8000u);
1428. if ( lpBaseAddress )
1429. VirtualFreeEx(hProcess, lpBaseAddress, 0x64u, 0x8000u);
1430. lpAddress = 0;
1431. lpBaseAddress = 0;
1432. return 0;
1433. }
1434. }
1435. case '@':
1436. v15 = 1;
1437. dword_100148A0 = dword_100148A4;
1438. dword_100148A4 = dword_10014894[0] - 5;
1439. if ( dword_10014894[0] - 5 < 0 )
1440. dword_100148A4 = 0;
1441. if ( !WriteProcessMemory(hProcess, lpBaseAddress, &dword_100148A0, 4 * dword_100148A4 + 8, &v84) )
1442. v15 = 0;
1443. if ( lpBuffer && !WriteProcessMemory(hProcess, dword_10014890, lpBuffer, nSize, &v84) )
1444. v15 = 0;
1445. dword_1001489C = 0;
1446. nSize = 0;
1447. dword_10014894[0] = 4;
1448. lpStartAddress = (LPTHREAD_START_ROUTINE)lpAddress;
1449. if ( v15 == 1 )
1450. v17 = CreateRemoteThread(hProcess, 0, 0, lpStartAddress, 0, 0, &ThreadId);
1451. if ( !v17 )
1452. v15 = 0;
1453. if ( lpBuffer )
1454. sub_10001020((int)lpBuffer);
1455. lpBuffer = 0;
1456. return v15;
1457. case 'A':
1458. v14 = dword_10014894[0];
1459. dword_10014894[dword_10014894[0]] = (int)lpName;
1460. dword_10014894[0] = v14 + 1;
1461. return 1;
1462. case 'B':
1463. v13 = dword_10014894[0];
1464. v12 = nSize;
1465. v11 = *((_DWORD *)lpName + 1);
1466. if ( nSize )
1467. lpBuffer = (LPCVOID)sub_10001040((int)lpBuffer, v11, nSize + v11);
1468. else
1469. lpBuffer = (LPCVOID)sub_10001000(v11);
1470. if ( lpBuffer )
1471. {
1472. v5 = (char *)lpBuffer + v12;
1473. qmemcpy((char *)lpBuffer + v12, lpName + 8, v11);
1474. if ( v5 )
1475. {
1476. dword_10014894[v13] = (int)dword_10014890 + v12;
1477. nSize = v12 + v11;
1478. dword_10014894[0] = v13 + 1;
1479. return 1;
1480. }
1481. else
1482. {
1483. return 0;
1484. }
1485. }
1486. else
1487. {
1488. return 0;
1489. }
1490. case 'C':
1491. v10 = dword_10014894[0];
1492. v9 = nSize;
1493. for ( i = 0; lpName[i]; ++i )
1494. ;
1495. v8 = i + 1;
1496. if ( nSize )
1497. lpBuffer = (LPCVOID)sub_10001040((int)lpBuffer, v8, nSize + v8);
1498. else
1499. lpBuffer = (LPCVOID)sub_10001000(v8);
1500. if ( lpBuffer )
1501. {
1502. v6 = (char *)lpBuffer + v9;
1503. qmemcpy((char *)lpBuffer + v9, lpName, v8);
1504. if ( v6 )
1505. {
1506. dword_10014894[v10] = (int)dword_10014890 + v9;
1507. nSize = v9 + v8;
1508. dword_10014894[0] = v10 + 1;
1509. return 1;
1510. }
1511. else
1512. {
1513. return 0;
1514. }
1515. }
1516. else
1517. {
1518. return 0;
1519. }
1520. default:
1521. return 0;
1522. }
1523. }
1524. }
1525. // 10014894: using guessed type int dword_10014894[];
1526. // 1001489C: using guessed type int dword_1001489C;
1527. // 100148A0: using guessed type int dword_100148A0;
1528. // 100148A4: using guessed type int dword_100148A4;
1529.  
1530. //----- (100026B0) --------------------------------------------------------
1531. int __cdecl sub_100026B0(
1532. DWORD th32ProcessID,
1533. int (__stdcall *a2)(_DWORD, _DWORD, _DWORD, _DWORD, _DWORD, _DWORD, int, int, int, int))
1534. {
1535. int i; // [esp+Ch] [ebp-22Ch]
1536. MODULEENTRY32 me; // [esp+10h] [ebp-228h] BYREF
1537. HANDLE hSnapshot; // [esp+234h] [ebp-4h]
1538.  
1539. i = -1;
1540. me.dwSize = 548;
1541. hSnapshot = CreateToolhelp32Snapshot(8u, th32ProcessID);
1542. if ( hSnapshot == (HANDLE)-1 )
1543. return -1;
1544. if ( Module32First(hSnapshot, &me) )
1545. {
1546. for ( i = sub_10002780((int)&me, a2, 0); i != 1; i = sub_10002780((int)&me, a2, 0) )
1547. {
1548. if ( !Module32Next(hSnapshot, &me) )
1549. break;
1550. }
1551. }
1552. CloseHandle(hSnapshot);
1553. return i;
1554. }
1555.  
1556. //----- (10002780) --------------------------------------------------------
1557. int __cdecl sub_10002780(
1558. int a1,
1559. int (__stdcall *a2)(_DWORD, _DWORD, _DWORD, _DWORD, _DWORD, _DWORD, int, int, int, int),
1560. int a3)
1561. {
1562. int v3; // ecx
1563. int *v4; // ecx
1564. int v6; // [esp-Ch] [ebp-Ch]
1565. int v7; // [esp-8h] [ebp-8h]
1566. int v8; // [esp-4h] [ebp-4h]
1567.  
1568. if ( a3 )
1569. {
1570. v8 = a1 + 36;
1571. v3 = a1 + 32;
1572. v7 = *(_DWORD *)(a1 + 32);
1573. }
1574. else
1575. {
1576. v8 = a1 + 288;
1577. v3 = a1 + 32;
1578. v7 = a1 + 32;
1579. }
1580. v4 = (int *)(v3 - 4);
1581. v6 = *v4--;
1582. return a2(*(v4 - 6), *(v4 - 5), *(v4 - 4), *(v4 - 3), *(v4 - 2), *(v4 - 1), *v4, v6, v7, v8);
1583. }
1584.  
1585. //----- (100027E0) --------------------------------------------------------
1586. int __cdecl sub_100027E0(int (__stdcall *a1)(_DWORD, _DWORD, _DWORD, _DWORD, _DWORD, _DWORD, int, int, int, int))
1587. {
1588. int i; // [esp+Ch] [ebp-130h]
1589. PROCESSENTRY32 pe; // [esp+10h] [ebp-12Ch] BYREF
1590. HANDLE hSnapshot; // [esp+138h] [ebp-4h]
1591.  
1592. i = -1;
1593. pe.dwSize = 296;
1594. hSnapshot = CreateToolhelp32Snapshot(0xFu, 0);
1595. if ( hSnapshot == (HANDLE)-1 )
1596. return -1;
1597. if ( Process32First(hSnapshot, &pe) )
1598. {
1599. for ( i = sub_10002780((int)&pe, a1, 1); i != 1; i = sub_10002780((int)&pe, a1, 1) )
1600. {
1601. if ( !Process32Next(hSnapshot, &pe) )
1602. break;
1603. }
1604. }
1605. CloseHandle(hSnapshot);
1606. return i;
1607. }
1608.  
1609. //----- (100028B0) --------------------------------------------------------
1610. char *__cdecl sub_100028B0(char *a1, int a2)
1611. {
1612. _BYTE *v3; // [esp+Ch] [ebp-24h]
1613. LPCCH lpMultiByteStr; // [esp+10h] [ebp-20h]
1614. char *v5; // [esp+14h] [ebp-1Ch]
1615. int v6; // [esp+18h] [ebp-18h] BYREF
1616. char *v7; // [esp+1Ch] [ebp-14h]
1617. char *v8; // [esp+20h] [ebp-10h]
1618. char *v9; // [esp+24h] [ebp-Ch]
1619. CHAR *i; // [esp+28h] [ebp-8h]
1620. _BYTE *v11; // [esp+2Ch] [ebp-4h]
1621.  
1622. v8 = 0;
1623. v5 = (char *)sub_10001000(600);
1624. if ( v5 )
1625. {
1626. v7 = v5;
1627. lpMultiByteStr = (LPCCH)sub_10001000(300);
1628. if ( lpMultiByteStr )
1629. {
1630. i = (CHAR *)lpMultiByteStr;
1631. while ( 1 )
1632. {
1633. while ( (unsigned __int8)*a1 >= 0x80u )
1634. {
1635. while ( (unsigned __int8)*a1 > 0x7Fu && *a1 )
1636. *i++ = *a1++;
1637. *i = 0;
1638. if ( a2 )
1639. {
1640. for ( i = (CHAR *)lpMultiByteStr; *i; ++i )
1641. {
1642. *v7++ = 37;
1643. v8 = (char *)sub_10001B70(i, 1, &v6);
1644. *v7++ = *v8;
1645. *v7++ = v8[1];
1646. sub_10001020((int)v8);
1647. }
1648. }
1649. else
1650. {
1651. v9 = (char *)sub_10001260(lpMultiByteStr);
1652. v3 = (_BYTE *)sub_10001190(v9, 2 * strlen(lpMultiByteStr) + 2);
1653. v11 = v3;
1654. i = (CHAR *)lpMultiByteStr;
1655. while ( *v11 )
1656. {
1657. *i++ = 37;
1658. v8 = (char *)sub_10001B70(v11, 1, &v6);
1659. *i++ = *v8;
1660. *i++ = v8[1];
1661. sub_10001020((int)v8);
1662. ++v11;
1663. }
1664. *i = 0;
1665. sub_10001020((int)v9);
1666. sub_10001020((int)v3);
1667. qmemcpy(v7, lpMultiByteStr, strlen(lpMultiByteStr));
1668. v7 += strlen(lpMultiByteStr);
1669. i = (CHAR *)lpMultiByteStr;
1670. }
1671. }
1672. if ( !*a1 )
1673. break;
1674. *v7++ = *a1++;
1675. }
1676. }
1677. *v7 = 0;
1678. }
1679. return v5;
1680. }
1681.  
1682. //----- (10002B20) --------------------------------------------------------
1683. int __cdecl sub_10002B20(unsigned int a1, char a2)
1684. {
1685. return (a1 >> a2) & 1;
1686. }
1687.  
1688. //----- (10002B40) --------------------------------------------------------
1689. char *__cdecl sub_10002B40(char *Destination, int Count)
1690. {
1691. char *result; // eax
1692. const char *v3; // ebp
1693. signed int v4; // eax
1694. char *v5; // ecx
1695. char v6; // dl
1696.  
1697. result = (char *)sub_10001000(Count);
1698. v3 = result;
1699. if ( result )
1700. {
1701. v4 = 0;
1702. if ( Count > 0 )
1703. {
1704. v5 = (char *)&v3[Count - 1];
1705. do
1706. {
1707. v6 = Destination[v4++];
1708. *v5-- = v6;
1709. }
1710. while ( v4 < Count );
1711. }
1712. strncpy(Destination, v3, Count);
1713. sub_10001020((int)v3);
1714. return Destination;
1715. }
1716. return result;
1717. }
1718.  
1719. //----- (10002BD0) --------------------------------------------------------
1720. int sub_10002BD0()
1721. {
1722. int result; // eax
1723.  
1724. result = 0;
1725. dword_100148E0 = 1;
1726. dword_100148E4 = 0;
1727. dword_100148E8 = 0;
1728. dword_100148EC = 0;
1729. return result;
1730. }
1731. // 100148E0: using guessed type int dword_100148E0;
1732. // 100148E4: using guessed type int dword_100148E4;
1733. // 100148E8: using guessed type int dword_100148E8;
1734. // 100148EC: using guessed type int dword_100148EC;
1735.  
1736. //----- (10002BF0) --------------------------------------------------------
1737. _DWORD *__thiscall sub_10002BF0(_DWORD *this)
1738. {
1739. GdiplusStartup(&dword_100148D8, &dword_100148E0, 0);
1740. *this = 0;
1741. this[1] = 0;
1742. return this;
1743. }
1744. // 10004ACE: using guessed type int __stdcall GdiplusStartup(_DWORD, _DWORD, _DWORD);
1745. // 100148D8: using guessed type int dword_100148D8;
1746. // 100148E0: using guessed type int dword_100148E0;
1747.  
1748. //----- (10002C20) --------------------------------------------------------
1749. int __thiscall sub_10002C20(_DWORD *this)
1750. {
1751. sub_10002C40(this);
1752. return GdiplusShutdown(dword_100148D8);
1753. }
1754. // 10004AD4: using guessed type int __stdcall GdiplusShutdown(_DWORD);
1755. // 100148D8: using guessed type int dword_100148D8;
1756.  
1757. //----- (10002C40) --------------------------------------------------------
1758. int __thiscall sub_10002C40(_DWORD *this)
1759. {
1760. int (__thiscall ***v2)(_DWORD, int); // ecx
1761. int result; // eax
1762.  
1763. v2 = (int (__thiscall ***)(_DWORD, int))this[1];
1764. if ( v2 )
1765. {
1766. result = (**v2)(v2, 1);
1767. this[1] = 0;
1768. }
1769. return result;
1770. }
1771.  
1772. //----- (10002C60) --------------------------------------------------------
1773. BOOL __thiscall sub_10002C60(int *this, LPCSTR lpString)
1774. {
1775. int *v2; // esi
1776. WCHAR *v3; // edi
1777. int v4; // esi
1778. int v5; // eax
1779. void *v6; // esp
1780. _DWORD *v7; // eax
1781. int v8; // ecx
1782. WCHAR v10[6]; // [esp+0h] [ebp-10h] BYREF
1783. int *v11; // [esp+Ch] [ebp-4h]
1784.  
1785. v2 = this;
1786. v11 = this;
1787. sub_10002C40(this);
1788. if ( lpString )
1789. {
1790. v4 = lstrlenA(lpString) + 1;
1791. v5 = 2 * v4 + 3;
1792. LOBYTE(v5) = v5 & 0xFC;
1793. v6 = alloca(v5);
1794. v3 = v10;
1795. v10[0] = 0;
1796. MultiByteToWideChar(0, 0, lpString, -1, v10, v4);
1797. v2 = v11;
1798. }
1799. else
1800. {
1801. v3 = 0;
1802. }
1803. v7 = sub_100031C0((int)v3, *v2);
1804. v2[1] = (int)v7;
1805. v8 = v7[2];
1806. v7[2] = 0;
1807. return v8 == 0;
1808. }
1809.  
1810. //----- (10002CE0) --------------------------------------------------------
1811. void __thiscall sub_10002CE0(_DWORD *this, int a2)
1812. {
1813. int v2; // esi
1814. int v3; // eax
1815.  
1816. v2 = this[1];
1817. if ( v2 )
1818. {
1819. v3 = GdipImageRotateFlip(*(_DWORD *)(v2 + 4), a2);
1820. if ( v3 )
1821. *(_DWORD *)(v2 + 8) = v3;
1822. }
1823. }
1824. // 10004ADA: using guessed type int __stdcall GdipImageRotateFlip(_DWORD, _DWORD);
1825.  
1826. //----- (10002D10) --------------------------------------------------------
1827. int __thiscall sub_10002D10(_DWORD *this, HWND hWnd, int a3, int a4, int a5, int a6)
1828. {
1829. int result; // eax
1830. HDC v8; // ebx
1831. int v9; // edi
1832. int ImageWidth; // eax
1833. int v11; // edi
1834. int v12; // edi
1835. int ImageHeight; // eax
1836. int v14; // esi
1837. int v15; // eax
1838. int v16; // esi
1839.  
1840. result = (int)GetDC(hWnd);
1841. v8 = (HDC)result;
1842. if ( result )
1843. {
1844. if ( !a5 )
1845. {
1846. v9 = this[1];
1847. a5 = 0;
1848. ImageWidth = GdipGetImageWidth(*(_DWORD *)(v9 + 4), &a5);
1849. if ( ImageWidth )
1850. *(_DWORD *)(v9 + 8) = ImageWidth;
1851. }
1852. v11 = a6;
1853. if ( !a6 )
1854. {
1855. v12 = this[1];
1856. a6 = 0;
1857. ImageHeight = GdipGetImageHeight(*(_DWORD *)(v12 + 4), &a6);
1858. if ( ImageHeight )
1859. *(_DWORD *)(v12 + 8) = ImageHeight;
1860. v11 = a6;
1861. }
1862. a6 = 0;
1863. GdipCreateFromHDC(v8, &a6);
1864. v14 = this[1];
1865. if ( v14 )
1866. v15 = *(_DWORD *)(v14 + 4);
1867. else
1868. v15 = 0;
1869. v16 = a6;
1870. a5 = GdipDrawImageRectI(a6, v15, a3, a4, a5, v11);
1871. ReleaseDC(hWnd, v8);
1872. GdipDeleteGraphics(v16);
1873. return 1;
1874. }
1875. return result;
1876. }
1877. // 10004AE0: using guessed type int __stdcall GdipDeleteGraphics(_DWORD);
1878. // 10004AE6: using guessed type int __stdcall GdipDrawImageRectI(_DWORD, _DWORD, _DWORD, _DWORD, _DWORD, _DWORD);
1879. // 10004AEC: using guessed type int __stdcall GdipCreateFromHDC(_DWORD, _DWORD);
1880. // 10004AF2: using guessed type int __stdcall GdipGetImageHeight(_DWORD, _DWORD);
1881. // 10004AF8: using guessed type int __stdcall GdipGetImageWidth(_DWORD, _DWORD);
1882.  
1883. //----- (10002DF0) --------------------------------------------------------
1884. _DWORD *__thiscall sub_10002DF0(_DWORD *this, int a2, int a3)
1885. {
1886. int v3; // ebx
1887. int v5; // edi
1888. int ImageWidth; // eax
1889. int v7; // eax
1890. int v8; // edi
1891. int ImageHeight; // eax
1892.  
1893. v3 = a2;
1894. if ( !a2 )
1895. {
1896. v5 = this[1];
1897. a2 = 0;
1898. ImageWidth = GdipGetImageWidth(*(_DWORD *)(v5 + 4), &a2);
1899. if ( ImageWidth )
1900. *(_DWORD *)(v5 + 8) = ImageWidth;
1901. v3 = a2;
1902. }
1903. v7 = a3;
1904. if ( !a3 )
1905. {
1906. v8 = this[1];
1907. a2 = 0;
1908. ImageHeight = GdipGetImageHeight(*(_DWORD *)(v8 + 4), &a2);
1909. if ( ImageHeight )
1910. *(_DWORD *)(v8 + 8) = ImageHeight;
1911. v7 = a2;
1912. }
1913. return sub_10003260((_DWORD *)this[1], v3, v7, 0, 0);
1914. }
1915. // 10004AF2: using guessed type int __stdcall GdipGetImageHeight(_DWORD, _DWORD);
1916. // 10004AF8: using guessed type int __stdcall GdipGetImageWidth(_DWORD, _DWORD);
1917.  
1918. //----- (10002E60) --------------------------------------------------------
1919. BOOL __thiscall sub_10002E60(_DWORD *this, LPCCH lpMultiByteStr, LPCCH a3)
1920. {
1921. WCHAR *v4; // edi
1922. WCHAR *v5; // eax
1923. int v6; // esi
1924. int v7; // eax
1925. bool v9; // [esp+Ch] [ebp-14h]
1926. int v10[4]; // [esp+10h] [ebp-10h] BYREF
1927.  
1928. v4 = sub_10001260(lpMultiByteStr);
1929. v5 = sub_10001260(a3);
1930. v9 = (sub_100030D0(v5, (const wchar_t **)v10) & 0x80000000) == 0;
1931. v6 = this[1];
1932. v7 = GdipSaveImageToFile(*(_DWORD *)(v6 + 4), v4, v10, 0);
1933. if ( v7 )
1934. *(_DWORD *)(v6 + 8) = v7;
1935. sub_10001020((int)v4);
1936. sub_10001020((int)a3);
1937. return v9;
1938. }
1939. // 10004AFE: using guessed type int __stdcall GdipSaveImageToFile(_DWORD, _DWORD, _DWORD, _DWORD);
1940.  
1941. //----- (10002EE0) --------------------------------------------------------
1942. int __thiscall sub_10002EE0(_DWORD *this, int a2)
1943. {
1944. void (__thiscall ***v4)(_DWORD, int); // ecx
1945.  
1946. if ( !a2 )
1947. return 0;
1948. v4 = (void (__thiscall ***)(_DWORD, int))this[1];
1949. if ( v4 )
1950. (**v4)(v4, 1);
1951. this[1] = a2;
1952. return 1;
1953. }
1954.  
1955. //----- (10002F10) --------------------------------------------------------
1956. CHAR *__thiscall sub_10002F10(void *this, int a2, LPCSTR lpString)
1957. {
1958. int v3; // esi
1959. WCHAR *v5; // edi
1960. int v6; // esi
1961. int v7; // eax
1962. void *v8; // esp
1963. int v9; // eax
1964. CHAR *result; // eax
1965. int v11; // edi
1966. int v12; // eax
1967. int v13; // esi
1968. int v14; // eax
1969. CHAR *v15; // esi
1970. WCHAR *v16; // edi
1971. int v17; // esi
1972. int v18; // eax
1973. void *v19; // esp
1974. WCHAR v20[6]; // [esp+0h] [ebp-44h] BYREF
1975. int v21[8]; // [esp+Ch] [ebp-38h] BYREF
1976. int v22[4]; // [esp+2Ch] [ebp-18h] BYREF
1977. int v23; // [esp+3Ch] [ebp-8h]
1978. int v24; // [esp+40h] [ebp-4h] BYREF
1979. LPCSTR lpStringa; // [esp+50h] [ebp+Ch]
1980. LPCSTR lpStringb; // [esp+50h] [ebp+Ch]
1981.  
1982. v3 = (int)this;
1983. v21[1] = 690120444;
1984. v21[3] = 1537801356;
1985. v21[0] = 1;
1986. v21[2] = 1203743808;
1987. v21[5] = 1;
1988. v23 = (int)this;
1989. v21[4] = -564812151;
1990. v21[6] = 4;
1991. v21[7] = (int)&v24;
1992. if ( (sub_100030D0(aImageGif, (const wchar_t **)v22) & 0x80000000) != 0 )
1993. return 0;
1994. v24 = 18;
1995. if ( lpString )
1996. {
1997. v6 = lstrlenA(lpString) + 1;
1998. v7 = 2 * v6 + 3;
1999. LOBYTE(v7) = v7 & 0xFC;
2000. v8 = alloca(v7);
2001. v5 = v20;
2002. v20[0] = 0;
2003. MultiByteToWideChar(0, 0, lpString, -1, v20, v6);
2004. v3 = v23;
2005. }
2006. else
2007. {
2008. v5 = 0;
2009. }
2010. lpStringa = *(LPCSTR *)(v3 + 4);
2011. v9 = GdipSaveImageToFile(*((_DWORD *)lpStringa + 1), v5, v22, v21);
2012. if ( v9 )
2013. {
2014. *((_DWORD *)lpStringa + 2) = v9;
2015. return 0;
2016. }
2017. result = (CHAR *)a2;
2018. v11 = *(_DWORD *)(v3 + 4);
2019. v24 = 23;
2020. if ( a2 )
2021. {
2022. v12 = GdipSaveAddImage(*(_DWORD *)(v11 + 4), *(_DWORD *)(a2 + 4), v21);
2023. if ( v12 )
2024. {
2025. *(_DWORD *)(v11 + 8) = v12;
2026. return 0;
2027. }
2028. else
2029. {
2030. v13 = *(_DWORD *)(v3 + 4);
2031. v24 = 20;
2032. v14 = GdipSaveAdd(*(_DWORD *)(v13 + 4), v21);
2033. if ( v14 )
2034. {
2035. *(_DWORD *)(v13 + 8) = v14;
2036. return 0;
2037. }
2038. else
2039. {
2040. v15 = (CHAR *)GdipAlloc(16);
2041. lpStringb = v15;
2042. if ( !v15 )
2043. return 0;
2044. if ( lpString )
2045. {
2046. v17 = lstrlenA(lpString) + 1;
2047. v18 = 2 * v17 + 3;
2048. LOBYTE(v18) = v18 & 0xFC;
2049. v19 = alloca(v18);
2050. v16 = v20;
2051. v20[0] = 0;
2052. MultiByteToWideChar(0, 0, lpString, -1, v20, v17);
2053. v15 = (CHAR *)lpStringb;
2054. }
2055. else
2056. {
2057. v16 = 0;
2058. }
2059. *(_DWORD *)v15 = &off_1000C1C0;
2060. *((_DWORD *)v15 + 1) = 0;
2061. *((_DWORD *)v15 + 2) = GdipLoadImageFromFile(v16, v15 + 4);
2062. return v15;
2063. }
2064. }
2065. }
2066. else
2067. {
2068. *(_DWORD *)(v11 + 8) = 2;
2069. }
2070. return result;
2071. }
2072. // 10004AFE: using guessed type int __stdcall GdipSaveImageToFile(_DWORD, _DWORD, _DWORD, _DWORD);
2073. // 10004B10: using guessed type int __stdcall GdipLoadImageFromFile(_DWORD, _DWORD);
2074. // 10004B16: using guessed type int __stdcall GdipAlloc(_DWORD);
2075. // 10004B1C: using guessed type int __stdcall GdipSaveAdd(_DWORD, _DWORD);
2076. // 10004B22: using guessed type int __stdcall GdipSaveAddImage(_DWORD, _DWORD, _DWORD);
2077. // 1000C1C0: using guessed type void *off_1000C1C0;
2078.  
2079. //----- (100030D0) --------------------------------------------------------
2080. unsigned int __stdcall sub_100030D0(wchar_t *String2, const wchar_t **a2)
2081. {
2082. unsigned int v2; // esi
2083. const wchar_t **v3; // ebx
2084. const wchar_t **v4; // edi
2085. const wchar_t **v6; // ecx
2086. unsigned int v7; // [esp+10h] [ebp-8h] BYREF
2087. size_t Size; // [esp+14h] [ebp-4h] BYREF
2088.  
2089. v2 = 0;
2090. v7 = 0;
2091. Size = 0;
2092. GdipGetImageEncodersSize(&v7, &Size);
2093. if ( !Size )
2094. return -1;
2095. v3 = (const wchar_t **)malloc(Size);
2096. if ( !v3 )
2097. return -1;
2098. GdipGetImageEncoders(v7, Size, v3);
2099. if ( !v7 )
2100. {
2101. LABEL_7:
2102. sub_10004C8F(v3);
2103. return -1;
2104. }
2105. v4 = v3 + 12;
2106. while ( wcscmp(*v4, String2) )
2107. {
2108. ++v2;
2109. v4 += 19;
2110. if ( v2 >= v7 )
2111. goto LABEL_7;
2112. }
2113. v6 = &v3[19 * v2];
2114. *a2 = *v6;
2115. a2[1] = v6[1];
2116. a2[2] = v6[2];
2117. a2[3] = v6[3];
2118. sub_10004C8F(v3);
2119. return v2;
2120. }
2121. // 10004B04: using guessed type int __stdcall GdipGetImageEncoders(_DWORD, _DWORD, _DWORD);
2122. // 10004B0A: using guessed type int __stdcall GdipGetImageEncodersSize(_DWORD, _DWORD);
2123.  
2124. //----- (100031C0) --------------------------------------------------------
2125. _DWORD *__cdecl sub_100031C0(int a1, int a2)
2126. {
2127. _DWORD *v2; // esi
2128. _DWORD *v4; // [esp-4h] [ebp-8h]
2129.  
2130. v2 = (_DWORD *)GdipAlloc(16);
2131. if ( !v2 )
2132. return 0;
2133. *v2 = &off_1000C1C0;
2134. v2[1] = 0;
2135. v4 = v2 + 1;
2136. if ( a2 )
2137. v2[2] = GdipLoadImageFromFileICM(a1, v4);
2138. else
2139. v2[2] = GdipLoadImageFromFile(a1, v4);
2140. return v2;
2141. }
2142. // 10004B10: using guessed type int __stdcall GdipLoadImageFromFile(_DWORD, _DWORD);
2143. // 10004B16: using guessed type int __stdcall GdipAlloc(_DWORD);
2144. // 10004B34: using guessed type int __stdcall GdipLoadImageFromFileICM(_DWORD, _DWORD);
2145. // 1000C1C0: using guessed type void *off_1000C1C0;
2146.  
2147. //----- (10003210) --------------------------------------------------------
2148. _DWORD *__thiscall sub_10003210(_DWORD *this)
2149. {
2150. int v2; // eax
2151. _DWORD *result; // eax
2152. int v4; // ecx
2153. int v5; // [esp+4h] [ebp-4h] BYREF
2154.  
2155. v5 = 0;
2156. v2 = GdipCloneImage(this[1], &v5);
2157. if ( v2 )
2158. this[2] = v2;
2159. result = (_DWORD *)GdipAlloc(16);
2160. if ( !result )
2161. return 0;
2162. v4 = v5;
2163. result[2] = this[2];
2164. *result = &off_1000C1C0;
2165. result[1] = v4;
2166. return result;
2167. }
2168. // 10004B16: using guessed type int __stdcall GdipAlloc(_DWORD);
2169. // 10004B3A: using guessed type int __stdcall GdipCloneImage(_DWORD, _DWORD);
2170. // 1000C1C0: using guessed type void *off_1000C1C0;
2171.  
2172. //----- (10003260) --------------------------------------------------------
2173. _DWORD *__thiscall sub_10003260(_DWORD *this, int a2, int a3, int a4, int a5)
2174. {
2175. int ImageThumbnail; // eax
2176. _DWORD *result; // eax
2177. int v8; // ecx
2178. int v9; // [esp-18h] [ebp-20h]
2179. int v10; // [esp+4h] [ebp-4h] BYREF
2180.  
2181. v9 = this[1];
2182. v10 = 0;
2183. ImageThumbnail = GdipGetImageThumbnail(v9, a2, a3, &v10, a4, a5);
2184. if ( ImageThumbnail )
2185. this[2] = ImageThumbnail;
2186. result = (_DWORD *)GdipAlloc(16);
2187. if ( result )
2188. {
2189. v8 = v10;
2190. result[2] = this[2];
2191. *result = &off_1000C1C0;
2192. result[1] = v8;
2193. }
2194. else
2195. {
2196. GdipDisposeImage(v10);
2197. return 0;
2198. }
2199. return result;
2200. }
2201. // 10004B16: using guessed type int __stdcall GdipAlloc(_DWORD);
2202. // 10004B2E: using guessed type int __stdcall GdipDisposeImage(_DWORD);
2203. // 10004B40: using guessed type int __stdcall GdipGetImageThumbnail(_DWORD, _DWORD, _DWORD, _DWORD, _DWORD, _DWORD);
2204. // 1000C1C0: using guessed type void *off_1000C1C0;
2205.  
2206. //----- (100032E0) --------------------------------------------------------
2207. int __stdcall sub_100032E0(int a1, int a2, int a3)
2208. {
2209. int result; // eax
2210.  
2211. if ( dword_10014934 )
2212. {
2213. result = dword_10014934(a1, a2, a3);
2214. dword_10014930 = result;
2215. }
2216. else
2217. {
2218. dword_10014930 = 0;
2219. return 0;
2220. }
2221. return result;
2222. }
2223. // 10014930: using guessed type int dword_10014930;
2224. // 10014934: using guessed type int (__stdcall *dword_10014934)(_DWORD, _DWORD, _DWORD);
2225.  
2226. //----- (10003320) --------------------------------------------------------
2227. HMODULE __cdecl sub_10003320(HMODULE *a1, int a2, LPCSTR *a3)
2228. {
2229. HMODULE result; // eax
2230.  
2231. result = GetModuleHandleA(*a3);
2232. *a1 = result;
2233. a1[2] = (HMODULE)-2147482879;
2234. return result;
2235. }
2236.  
2237. //----- (10003340) --------------------------------------------------------
2238. HMODULE __cdecl sub_10003340(HMODULE *a1, int a2, LPCSTR *a3)
2239. {
2240. HMODULE result; // eax
2241.  
2242. result = LoadLibraryA(*a3);
2243. *a1 = result;
2244. return result;
2245. }
2246.  
2247. //----- (10003360) --------------------------------------------------------
2248. _DWORD *__cdecl sub_10003360(_DWORD *a1, int a2, int *a3)
2249. {
2250. int v3; // ecx
2251. _DWORD *result; // eax
2252.  
2253. v3 = *a3;
2254. result = (_DWORD *)a3[2];
2255. if ( result == (_DWORD *)-2147482879
2256. || result == (_DWORD *)-2147483135
2257. || result == (_DWORD *)-2147483391
2258. || result == (_DWORD *)-2147482367
2259. || result == (_DWORD *)-2147483646
2260. || result == (_DWORD *)-2147483642
2261. || result == (_DWORD *)-2147482623
2262. || result == (_DWORD *)-2147482111
2263. || result == (_DWORD *)-2147483645 )
2264. {
2265. *a1 = v3;
2266. }
2267. else
2268. {
2269. result = a1;
2270. *a1 = v3;
2271. }
2272. return result;
2273. }
2274.  
2275. //----- (100033C0) --------------------------------------------------------
2276. char *__cdecl sub_100033C0(char *a1, int a2, char **a3)
2277. {
2278. char *result; // eax
2279. int v4; // ecx
2280. int v5; // ecx
2281. int v6; // edx
2282. int v7; // ecx
2283. int v8; // edx
2284. char v9; // cl
2285. __int16 v10; // cx
2286.  
2287. result = *a3;
2288. if ( a3[5] )
2289. v4 = (int)a3[3];
2290. else
2291. v4 = 3;
2292. switch ( v4 )
2293. {
2294. case 1:
2295. v9 = *result;
2296. result = a1;
2297. *a1 = v9;
2298. *((_DWORD *)a1 + 2) = -2147483391;
2299. break;
2300. case 2:
2301. v10 = *(_WORD *)result;
2302. result = a1;
2303. *(_WORD *)a1 = v10;
2304. *((_DWORD *)a1 + 2) = -2147483135;
2305. break;
2306. case 3:
2307. v5 = *(_DWORD *)result;
2308. result = a1;
2309. *(_DWORD *)a1 = v5;
2310. *((_DWORD *)a1 + 2) = -2147482879;
2311. break;
2312. case 4:
2313. *(_DWORD *)a1 = *(_DWORD *)result;
2314. result = (char *)*((_DWORD *)result + 1);
2315. *((_DWORD *)a1 + 1) = result;
2316. *((_DWORD *)a1 + 2) = -2147482623;
2317. break;
2318. case 5:
2319. v8 = *(_DWORD *)result;
2320. result = a1;
2321. *(_DWORD *)a1 = v8;
2322. *((_DWORD *)a1 + 2) = -2147482367;
2323. break;
2324. case 6:
2325. *(_DWORD *)a1 = *(_DWORD *)result;
2326. result = (char *)*((_DWORD *)result + 1);
2327. *((_DWORD *)a1 + 1) = result;
2328. *((_DWORD *)a1 + 2) = -2147482111;
2329. break;
2330. case 7:
2331. v7 = *(_DWORD *)result;
2332. result = a1;
2333. *(_DWORD *)a1 = v7;
2334. *((_DWORD *)a1 + 2) = -2147483646;
2335. break;
2336. case 8:
2337. *(_DWORD *)a1 = *(_DWORD *)result;
2338. result = (char *)*((_DWORD *)result + 1);
2339. *((_DWORD *)a1 + 1) = result;
2340. *((_DWORD *)a1 + 2) = -2147483645;
2341. break;
2342. case 9:
2343. v6 = *(_DWORD *)result;
2344. result = a1;
2345. *(_DWORD *)a1 = v6;
2346. *((_DWORD *)a1 + 2) = -2147483642;
2347. break;
2348. case 10:
2349. *(_DWORD *)a1 = result;
2350. *((_DWORD *)a1 + 2) = -2147483644;
2351. break;
2352. case 11:
2353. *(_DWORD *)a1 = result;
2354. *((_DWORD *)a1 + 2) = -2147483643;
2355. break;
2356. default:
2357. *(_DWORD *)a1 = result;
2358. *((_DWORD *)a1 + 2) = -2147482879;
2359. break;
2360. }
2361. return result;
2362. }
2363.  
2364. //----- (100034F0) --------------------------------------------------------
2365. FARPROC __cdecl sub_100034F0(HMODULE hModule, int a2, int a3)
2366. {
2367. FARPROC result; // eax
2368. HMODULE v5; // esi
2369. int v6; // ebx
2370. HMODULE ModuleHandleA; // eax
2371. const CHAR *hModulea; // [esp+14h] [ebp+4h]
2372.  
2373. *((_DWORD *)hModule + 2) = -2147483642;
2374. hModulea = *(const CHAR **)a3;
2375. if ( !*(_DWORD *)(a3 + 20) )
2376. {
2377. v5 = *(HMODULE *)a3;
2378. v6 = 0;
2379. while ( 1 )
2380. {
2381. if ( v6 )
2382. {
2383. if ( v6 == 1 )
2384. {
2385. ModuleHandleA = GetModuleHandleA(LibFileName);
2386. }
2387. else
2388. {
2389. if ( v6 != 2 )
2390. goto LABEL_11;
2391. ModuleHandleA = GetModuleHandleA(aGdi32Dll);
2392. }
2393. }
2394. else
2395. {
2396. ModuleHandleA = GetModuleHandleA(aKernel32Dll_0);
2397. }
2398. v5 = ModuleHandleA;
2399. LABEL_11:
2400. result = GetProcAddress(v5, hModulea);
2401. *(_DWORD *)hModule = result;
2402. if ( !result && ++v6 < 3 )
2403. continue;
2404. return result;
2405. }
2406. }
2407. result = GetProcAddress(*(HMODULE *)(a3 + 12), *(LPCSTR *)a3);
2408. *(_DWORD *)hModule = result;
2409. return result;
2410. }
2411.  
2412. //----- (10003580) --------------------------------------------------------
2413. int __cdecl sub_10003580(int *a1, int a2, int (__thiscall **a3)(int))
2414. {
2415. int *v3; // ebp
2416. int (__thiscall **v4)(int); // esi
2417. int v5; // edi
2418. int v6; // eax
2419. float *v7; // ebx
2420. unsigned int v8; // ebp
2421. int v9; // eax
2422. int v10; // edx
2423. int result; // eax
2424. int v12; // [esp+10h] [ebp-8h]
2425. int (__thiscall *v13)(int); // [esp+14h] [ebp-4h]
2426.  
2427. v3 = a1;
2428. a1[2] = -2147482623;
2429. v13 = *a3;
2430. v4 = 0;
2431. v5 = 3;
2432. if ( a3[5] )
2433. v6 = (int)a3[3];
2434. else
2435. v6 = 3;
2436. switch ( v6 )
2437. {
2438. case 1:
2439. a1[2] = -2147483391;
2440. break;
2441. case 2:
2442. a1[2] = -2147483135;
2443. break;
2444. case 3:
2445. a1[2] = -2147482879;
2446. break;
2447. case 4:
2448. a1[2] = -2147482623;
2449. break;
2450. case 5:
2451. a1[2] = -2147482367;
2452. break;
2453. case 6:
2454. a1[2] = -2147482111;
2455. break;
2456. case 7:
2457. a1[2] = -2147483646;
2458. break;
2459. case 8:
2460. a1[2] = -2147483645;
2461. break;
2462. case 9:
2463. a1[2] = -2147483642;
2464. break;
2465. case 10:
2466. a1[2] = -2147483644;
2467. break;
2468. default:
2469. a1[2] = -2147483643;
2470. break;
2471. }
2472. if ( a2 <= 3 )
2473. goto LABEL_40;
2474. v7 = (float *)(a3 + 9);
2475. while ( 1 )
2476. {
2477. v8 = *((_DWORD *)v7 + 2);
2478. if ( !v8 )
2479. break;
2480. if ( !v4 )
2481. {
2482. v4 = (int (__thiscall **)(int))sub_10001000(128);
2483. a3 = v4;
2484. if ( !v4 )
2485. {
2486. result = (int)a1;
2487. *a1 = 0;
2488. a1[1] = 0;
2489. return result;
2490. }
2491. }
2492. if ( v8 > 0x80000101 )
2493. {
2494. if ( v8 > 0x80000401 )
2495. {
2496. if ( v8 == -2147482367 )
2497. {
2498. *(float *)&v4[v5 - 1] = (float)(__int64)*v7;
2499. goto LABEL_37;
2500. }
2501. if ( v8 == -2147482111 )
2502. {
2503. LABEL_35:
2504. v12 = (__int64)*(double *)v7;
2505. ++v5;
2506. v7 += 3;
2507. *(double *)&v4[v5 - 2] = (double)v12;
2508. goto LABEL_37;
2509. }
2510. LABEL_34:
2511. v4[v5 - 1] = *(int (__thiscall **)(int))v7;
2512. goto LABEL_37;
2513. }
2514. if ( v8 == -2147482623 )
2515. {
2516. v4[v5 - 1] = *(int (__thiscall **)(int))v7;
2517. v4[v5++] = (int (__thiscall *)(int))*((_DWORD *)v7 + 1);
2518. v7 += 3;
2519. goto LABEL_37;
2520. }
2521. if ( v8 != -2147483135 && v8 != -2147482879 )
2522. goto LABEL_34;
2523. }
2524. else if ( v8 != -2147483391 )
2525. {
2526. switch ( v8 )
2527. {
2528. case 0x80000002:
2529. case 0x80000006:
2530. goto LABEL_30;
2531. case 0x80000003:
2532. goto LABEL_35;
2533. case 0x80000004:
2534. v4[v5 - 1] = *(int (__thiscall **)(int))v7;
2535. break;
2536. case 0x80000005:
2537. v4[v5 - 1] = *(int (__thiscall **)(int))v7;
2538. break;
2539. default:
2540. goto LABEL_34;
2541. }
2542. goto LABEL_37;
2543. }
2544. LABEL_30:
2545. v4[v5 - 1] = *(int (__thiscall **)(int))v7;
2546. LABEL_37:
2547. ++v5;
2548. v7 += 3;
2549. if ( v5 >= a2 )
2550. goto LABEL_38;
2551. }
2552. if ( !v4 )
2553. {
2554. v4 = (int (__thiscall **)(int))sub_10001000(16);
2555. a3 = v4;
2556. }
2557. LABEL_38:
2558. if ( v5 > 31 )
2559. goto LABEL_42;
2560. v3 = a1;
2561. LABEL_40:
2562. *v4 = (int (__thiscall *)(int))1;
2563. v4[1] = (int (__thiscall *)(int))(4 * v5 - 12);
2564. *v3 = sub_10001B30(v13, 0, (int)v4);
2565. v9 = v3[2];
2566. v3[1] = v10;
2567. if ( v9 == -2147483643 )
2568. *v3 -= 8;
2569. LABEL_42:
2570. result = (int)a3;
2571. if ( a3 )
2572. return sub_10001020((int)a3);
2573. return result;
2574. }
2575. // 1000373E: variable 'v10' is possibly undefined
2576.  
2577. //----- (100037D0) --------------------------------------------------------
2578. int __cdecl sub_100037D0(int *a1, int a2, int a3)
2579. {
2580. int result; // eax
2581. _DWORD *v4; // [esp+Ch] [ebp-Ch]
2582. _DWORD *v5; // [esp+Ch] [ebp-Ch]
2583. _DWORD *v6; // [esp+10h] [ebp-8h]
2584. int v7; // [esp+14h] [ebp-4h]
2585. int v8; // [esp+14h] [ebp-4h]
2586.  
2587. v4 = *(_DWORD **)a3;
2588. v6 = *(_DWORD **)(a3 + 12);
2589. a1[2] = -2147483644;
2590. if ( v4 && *v4 == 1 && (v5 = v4 + 1, (int)*v5 > 0) )
2591. {
2592. v8 = sub_10001B70((_BYTE *)v5 + 4, *v5, v6);
2593. if ( v6 )
2594. *v6 = 1;
2595. result = v8;
2596. *a1 = v8;
2597. }
2598. else
2599. {
2600. if ( v6 )
2601. *v6 = 0;
2602. result = v7;
2603. *a1 = v7;
2604. }
2605. return result;
2606. }
2607. // 10003867: variable 'v7' is possibly undefined
2608.  
2609. //----- (10003880) --------------------------------------------------------
2610. int __cdecl sub_10003880(_DWORD *a1, int a2, int a3)
2611. {
2612. _BYTE *v3; // ecx
2613. const void *v4; // ebp
2614. _DWORD *v5; // ebx
2615. int result; // eax
2616. _DWORD *v7; // [esp-4h] [ebp-18h]
2617. unsigned int v8; // [esp+10h] [ebp-4h] BYREF
2618.  
2619. v3 = *(_BYTE **)a3;
2620. v7 = *(_DWORD **)(a3 + 12);
2621. v8 = 0;
2622. v4 = (const void *)sub_10001C10(v3, &v8, v7);
2623. v5 = (_DWORD *)sub_10001000(v8 + 8);
2624. qmemcpy(v5 + 2, v4, v8);
2625. *v5 = 1;
2626. v5[1] = v8;
2627. result = sub_10001020((int)v4);
2628. *a1 = v5;
2629. return result;
2630. }
2631.  
2632. //----- (100038F0) --------------------------------------------------------
2633. int __cdecl sub_100038F0(int *a1, int a2, _DWORD **a3)
2634. {
2635. int result; // eax
2636. _DWORD *lpBuffer; // [esp+Ch] [ebp-8h]
2637. int dwSize; // [esp+10h] [ebp-4h]
2638.  
2639. if ( **a3 == 1 && (lpBuffer = *a3 + 1, dwSize = *lpBuffer + 4, dwSize > 0) )
2640. {
2641. result = sub_10001AD0(lpBuffer, dwSize);
2642. *a1 = result;
2643. }
2644. else
2645. {
2646. result = (int)a1;
2647. *a1 = 0;
2648. }
2649. return result;
2650. }
2651.  
2652. //----- (10003950) --------------------------------------------------------
2653. BOOL __cdecl sub_10003950(BOOL *a1, int a2, int *a3)
2654. {
2655. BOOL result; // eax
2656.  
2657. result = sub_10001AB0(*a3);
2658. *a1 = result;
2659. return result;
2660. }
2661.  
2662. //----- (10003970) --------------------------------------------------------
2663. _DWORD *__cdecl sub_10003970(_DWORD *a1, int a2, int *a3)
2664. {
2665. _DWORD *result; // eax
2666. int v4; // [esp+Ch] [ebp-20h]
2667. int v5; // [esp+14h] [ebp-18h]
2668. DWORD *lpThreadId; // [esp+18h] [ebp-14h]
2669. HANDLE Thread; // [esp+1Ch] [ebp-10h]
2670. _DWORD *v8; // [esp+20h] [ebp-Ch]
2671. int i; // [esp+24h] [ebp-8h]
2672. _DWORD *lpParameter; // [esp+28h] [ebp-4h]
2673.  
2674. Thread = 0;
2675. v5 = 0;
2676. v4 = *a3;
2677. v8 = (_DWORD *)a3[3];
2678. lpThreadId = (DWORD *)a3[6];
2679. if ( v8 )
2680. {
2681. v8 = (_DWORD *)*v8;
2682. if ( *v8 > 1u )
2683. goto LABEL_10;
2684. v5 = v8[1] / 4;
2685. }
2686. if ( v5 <= 30 )
2687. {
2688. lpParameter = LocalAlloc(0, 4 * v5 + 8);
2689. if ( lpParameter )
2690. {
2691. *lpParameter = v4;
2692. lpParameter[1] = v5;
2693. for ( i = 0; i < v5; ++i )
2694. lpParameter[i + 2] = v8[i + 2];
2695. Thread = CreateThread(0, 0, (LPTHREAD_START_ROUTINE)sub_10001A50, lpParameter, 0, lpThreadId);
2696. }
2697. }
2698. LABEL_10:
2699. a1[2] = -2147482879;
2700. result = a1;
2701. *a1 = Thread;
2702. return result;
2703. }
2704.  
2705. //----- (10003AB0) --------------------------------------------------------
2706. LPVOID __cdecl sub_10003AB0(_DWORD *a1, int a2, int a3)
2707. {
2708. LPVOID result; // eax
2709.  
2710. a1[2] = -2147482879;
2711. result = sub_10001440(
2712. *(char **)a3,
2713. *(_DWORD *)(a3 + 12) + 8,
2714. *(_DWORD *)(*(_DWORD *)(a3 + 12) + 4),
2715. *(_DWORD *)(a3 + 24));
2716. *a1 = result;
2717. return result;
2718. }
2719.  
2720. //----- (10003AF0) --------------------------------------------------------
2721. int __cdecl sub_10003AF0(int *a1, int a2, char **a3)
2722. {
2723. int result; // eax
2724.  
2725. a1[2] = -2147483646;
2726. result = sub_10001300(*a3);
2727. *a1 = result;
2728. return result;
2729. }
2730.  
2731. //----- (10003B10) --------------------------------------------------------
2732. _DWORD *__cdecl sub_10003B10(_DWORD *a1, int a2, _DWORD *a3)
2733. {
2734. _DWORD *result; // eax
2735.  
2736. result = a1;
2737. a1[2] = -2147482623;
2738. *a1 = *a3;
2739. a1[1] = 0;
2740. return result;
2741. }
2742.  
2743. //----- (10003B30) --------------------------------------------------------
2744. _DWORD *__cdecl sub_10003B30(_DWORD *a1, int a2, int a3)
2745. {
2746. CHAR *v3; // eax
2747. CHAR *v4; // ebx
2748. int v6; // esi
2749. CHAR *v7; // ebp
2750. _DWORD *result; // eax
2751.  
2752. a1[2] = -2147483644;
2753. v3 = sub_100012B0((LPCWCH)(*(_DWORD *)a3 + 8));
2754. v4 = v3;
2755. if ( *v3 )
2756. {
2757. while ( *++v3 )
2758. ;
2759. }
2760. v6 = v3 - v4 + 1;
2761. v7 = (CHAR *)sub_10001000(v6);
2762. if ( v7 )
2763. qmemcpy(v7, v4, v6);
2764. sub_10001020((int)v4);
2765. result = a1;
2766. *a1 = v7;
2767. return result;
2768. }
2769.  
2770. //----- (10003BA0) --------------------------------------------------------
2771. _DWORD *__cdecl sub_10003BA0(_DWORD *a1, int a2, LPCCH *a3)
2772. {
2773. WCHAR *v3; // eax
2774. WCHAR *i; // ebp
2775. int v5; // esi
2776. _DWORD *v6; // ebx
2777. _DWORD *result; // eax
2778.  
2779. a1[2] = -2147483643;
2780. v3 = sub_10001260(*a3);
2781. for ( i = v3; *v3; ++v3 )
2782. ;
2783. v5 = (char *)v3 - (char *)i + 10;
2784. v6 = (_DWORD *)sub_10001000(v5);
2785. if ( v6 )
2786. {
2787. qmemcpy(v6 + 2, i, v5 - 8);
2788. *v6 = 1;
2789. v6[1] = v5 - 8;
2790. }
2791. sub_10001020((int)i);
2792. result = a1;
2793. *a1 = v6;
2794. return result;
2795. }
2796.  
2797. //----- (10003C20) --------------------------------------------------------
2798. int __cdecl sub_10003C20(_DWORD *a1, int a2, int a3)
2799. {
2800. _BYTE *v3; // eax
2801. _BYTE *v4; // ebx
2802. unsigned int v6; // esi
2803. _DWORD *v7; // ebp
2804. int result; // eax
2805.  
2806. a1[2] = -2147483643;
2807. v3 = (_BYTE *)sub_10001190((char *)(*(_DWORD *)a3 + 8), *(_DWORD *)(*(_DWORD *)a3 + 4));
2808. v4 = v3;
2809. if ( *v3 )
2810. {
2811. while ( *++v3 )
2812. ;
2813. }
2814. v6 = v3 - v4 + 1;
2815. v7 = (_DWORD *)sub_10001000(v3 - v4 + 9);
2816. if ( v4 )
2817. {
2818. qmemcpy(v7 + 2, v4, v6);
2819. *v7 = 1;
2820. v7[1] = v6;
2821. }
2822. result = sub_10001020((int)v4);
2823. *a1 = v7;
2824. return result;
2825. }
2826.  
2827. //----- (10003CB0) --------------------------------------------------------
2828. _DWORD *__cdecl sub_10003CB0(_DWORD *a1, int a2, int a3)
2829. {
2830. _WORD *v3; // eax
2831. _BYTE *v4; // ebx
2832. int v5; // eax
2833. unsigned int v6; // ebp
2834. _DWORD *result; // eax
2835. _DWORD *v8; // [esp+14h] [ebp+Ch]
2836.  
2837. a1[2] = -2147483643;
2838. v3 = (_WORD *)sub_100010C0((unsigned __int8 *)(*(_DWORD *)a3 + 8), *(_DWORD *)(*(_DWORD *)a3 + 4));
2839. v4 = v3;
2840. if ( v3 )
2841. {
2842. for ( ; *v3; ++v3 )
2843. ;
2844. v5 = ((char *)v3 - v4) >> 1;
2845. v6 = 2 * v5 + 2;
2846. v8 = (_DWORD *)sub_10001000(2 * v5 + 10);
2847. qmemcpy(v8 + 2, v4, v6);
2848. sub_10001020((int)v4);
2849. result = v8;
2850. v8[1] = v6;
2851. *v8 = 1;
2852. *a1 = v8;
2853. }
2854. else
2855. {
2856. result = (_DWORD *)sub_10001000(8);
2857. result[1] = 0;
2858. *result = 1;
2859. *a1 = result;
2860. }
2861. return result;
2862. }
2863.  
2864. //----- (10003D60) --------------------------------------------------------
2865. DWORD __cdecl sub_10003D60(DWORD *a1, int a2, int a3)
2866. {
2867. DWORD result; // eax
2868.  
2869. a1[2] = -2147483646;
2870. result = sub_10001060(*(LPCSTR *)a3, *(_DWORD *)(a3 + 12), 0);
2871. *a1 = result;
2872. return result;
2873. }
2874.  
2875. //----- (10003D90) --------------------------------------------------------
2876. int __cdecl sub_10003D90(int *a1, int a2, int *a3)
2877. {
2878. int result; // eax
2879.  
2880. a1[2] = -2147482879;
2881. result = sub_10001000(*a3);
2882. *a1 = result;
2883. return result;
2884. }
2885.  
2886. //----- (10003DB0) --------------------------------------------------------
2887. int __cdecl sub_10003DB0(int *a1, int a2, int *a3)
2888. {
2889. int result; // eax
2890.  
2891. a1[2] = -2147483646;
2892. result = sub_10001020(*a3);
2893. *a1 = result;
2894. return result;
2895. }
2896.  
2897. //----- (10003DD0) --------------------------------------------------------
2898. int __cdecl sub_10003DD0(int *a1, int a2, int *a3)
2899. {
2900. int result; // eax
2901.  
2902. a1[2] = -2147482879;
2903. result = sub_10001040(*a3, a3[3], a3[6]);
2904. *a1 = result;
2905. return result;
2906. }
2907.  
2908. //----- (10003E00) --------------------------------------------------------
2909. int __cdecl sub_10003E00(int *a1, int a2, int *a3)
2910. {
2911. const CHAR *v3; // eax
2912. int result; // eax
2913.  
2914. v3 = 0;
2915. if ( a3[5] )
2916. v3 = (const CHAR *)a3[3];
2917. a1[2] = -2147482879;
2918. result = sub_10001E80(*a3, v3);
2919. *a1 = result;
2920. return result;
2921. }
2922.  
2923. //----- (10003E30) --------------------------------------------------------
2924. int __cdecl sub_10003E30(int *a1, int a2, LPCSTR *a3)
2925. {
2926. LPCSTR *v3; // esi
2927. int result; // eax
2928. int v5; // eax
2929. const CHAR *v6; // edi
2930. const CHAR *v7; // [esp-4h] [ebp-10h]
2931.  
2932. v3 = a3;
2933. a1[2] = -2147482879;
2934. *a1 = 0;
2935. result = sub_10001E80(65, *a3);
2936. while ( result )
2937. {
2938. v5 = (int)v3[5];
2939. v3 += 3;
2940. if ( v5 > -2147483391 )
2941. {
2942. if ( v5 > -2147482623 )
2943. {
2944. if ( v5 != -2147482367 )
2945. {
2946. if ( v5 != -2147482111 )
2947. goto LABEL_19;
2948. LABEL_17:
2949. v6 = v3[1];
2950. result = sub_10001E80(65, *v3);
2951. if ( !result )
2952. return result;
2953. v7 = v6;
2954. goto LABEL_12;
2955. }
2956. }
2957. else
2958. {
2959. if ( v5 == -2147482623 )
2960. goto LABEL_17;
2961. if ( v5 != -2147483135 && v5 != -2147482879 )
2962. {
2963. LABEL_19:
2964. result = sub_10001E80(64, 0);
2965. *a1 = result;
2966. return result;
2967. }
2968. }
2969. }
2970. else if ( v5 != -2147483391 )
2971. {
2972. switch ( v5 )
2973. {
2974. case -2147483646:
2975. case -2147483642:
2976. break;
2977. case -2147483645:
2978. goto LABEL_17;
2979. case -2147483644:
2980. result = sub_10001E80(67, *v3);
2981. continue;
2982. case -2147483643:
2983. result = sub_10001E80(66, *v3);
2984. continue;
2985. default:
2986. goto LABEL_19;
2987. }
2988. }
2989. v7 = *v3;
2990. LABEL_12:
2991. result = sub_10001E80(65, v7);
2992. }
2993. return result;
2994. }
2995.  
2996. //----- (10003F00) --------------------------------------------------------
2997. int __cdecl sub_10003F00(int *a1, int a2, int a3)
2998. {
2999. DWORD CurrentProcessId; // eax
3000. int result; // eax
3001.  
3002. CurrentProcessId = *(_DWORD *)a3;
3003. if ( !*(_DWORD *)a3 )
3004. CurrentProcessId = GetCurrentProcessId();
3005. a1[2] = -2147482879;
3006. result = sub_100026B0(
3007. CurrentProcessId,
3008. *(int (__stdcall **)(_DWORD, _DWORD, _DWORD, _DWORD, _DWORD, _DWORD, int, int, int, int))(a3 + 12));
3009. *a1 = result;
3010. return result;
3011. }
3012.  
3013. //----- (10003F30) --------------------------------------------------------
3014. int __cdecl sub_10003F30(
3015. int *a1,
3016. int a2,
3017. int (__stdcall **a3)(_DWORD, _DWORD, _DWORD, _DWORD, _DWORD, _DWORD, int, int, int, int))
3018. {
3019. int result; // eax
3020.  
3021. a1[2] = -2147482879;
3022. result = sub_100027E0(*a3);
3023. *a1 = result;
3024. return result;
3025. }
3026.  
3027. //----- (10003F50) --------------------------------------------------------
3028. char *__cdecl sub_10003F50(char **a1, int a2, int a3)
3029. {
3030. char *result; // eax
3031.  
3032. a1[2] = (char *)-2147483644;
3033. result = sub_100028B0(*(char **)a3, *(_DWORD *)(a3 + 12));
3034. *a1 = result;
3035. return result;
3036. }
3037.  
3038. //----- (10003F80) --------------------------------------------------------
3039. int __cdecl sub_10003F80(int *a1, int a2, unsigned int *a3)
3040. {
3041. int result; // eax
3042.  
3043. a1[2] = -2147482879;
3044. result = sub_10002B20(*a3, a3[3]);
3045. *a1 = result;
3046. return result;
3047. }
3048.  
3049. //----- (10003FB0) --------------------------------------------------------
3050. char *__cdecl sub_10003FB0(char **a1, int a2, int a3)
3051. {
3052. char *result; // eax
3053.  
3054. a1[2] = (char *)-2147482879;
3055. result = sub_10002B40(*(char **)a3, *(_DWORD *)(a3 + 12));
3056. *a1 = result;
3057. return result;
3058. }
3059.  
3060. //----- (10003FE0) --------------------------------------------------------
3061. unsigned int __cdecl sub_10003FE0(_DWORD *a1, int a2, int a3)
3062. {
3063. unsigned int result; // eax
3064. void *v4; // ebx
3065.  
3066. a1[2] = -2147483646;
3067. result = *(_DWORD *)(a3 + 24);
3068. v4 = *(void **)a3;
3069. qmemcpy(*(void **)a3, *(const void **)(a3 + 12), result);
3070. *a1 = v4;
3071. return result;
3072. }
3073.  
3074. //----- (10004010) --------------------------------------------------------
3075. BOOL __cdecl sub_10004010(BOOL *a1, int a2, HMODULE *a3)
3076. {
3077. BOOL result; // eax
3078.  
3079. result = FreeLibrary(*a3);
3080. *a1 = result;
3081. a1[2] = -2147483646;
3082. return result;
3083. }
3084.  
3085. //----- (10004030) --------------------------------------------------------
3086. char __cdecl sub_10004030(_DWORD *a1, int a2, int a3)
3087. {
3088. unsigned int v3; // eax
3089. unsigned int *v4; // edx
3090.  
3091. a1[2] = -2147483646;
3092. *a1 = 1;
3093. v3 = *(_DWORD *)(a3 + 20);
3094. v4 = *(unsigned int **)a3;
3095. if ( v3 > 0x80000201 )
3096. {
3097. if ( v3 > 0x80000501 )
3098. {
3099. if ( v3 == -2147482111 )
3100. goto LABEL_15;
3101. }
3102. else
3103. {
3104. switch ( v3 )
3105. {
3106. case 0x80000501:
3107. *v4 = *(_DWORD *)(a3 + 12);
3108. return v3;
3109. case 0x80000301:
3110. goto LABEL_16;
3111. case 0x80000401:
3112. goto LABEL_15;
3113. }
3114. }
3115. LABEL_19:
3116. *a1 = 0;
3117. return v3;
3118. }
3119. if ( v3 == -2147483135 )
3120. {
3121. *(_WORD *)v4 = *(_WORD *)(a3 + 12);
3122. return v3;
3123. }
3124. if ( v3 > 0x80000006 )
3125. {
3126. if ( v3 == -2147483391 )
3127. {
3128. LOBYTE(v3) = *(_BYTE *)(a3 + 12);
3129. *(_BYTE *)v4 = v3;
3130. return v3;
3131. }
3132. goto LABEL_19;
3133. }
3134. if ( v3 == -2147483642 || v3 == -2147483646 )
3135. {
3136. LABEL_16:
3137. v3 = *(_DWORD *)(a3 + 12);
3138. *v4 = v3;
3139. return v3;
3140. }
3141. if ( v3 == -2147483645 )
3142. {
3143. LABEL_15:
3144. v3 = *(_DWORD *)(a3 + 12);
3145. *v4 = v3;
3146. v4[1] = *(_DWORD *)(a3 + 16);
3147. return v3;
3148. }
3149. *a1 = 0;
3150. return v3;
3151. }
3152.  
3153. //----- (100040D0) --------------------------------------------------------
3154. FARPROC __cdecl sub_100040D0(int *a1, int a2, HMODULE hModule)
3155. {
3156. int *v3; // ebx
3157. HMODULE v4; // edi
3158. HMODULE v5; // ebp
3159. FARPROC result; // eax
3160. HMODULE v7; // esi
3161. int v8; // eax
3162. HMODULE ModuleHandleA; // eax
3163. int v10; // eax
3164. int v11; // esi
3165. HMODULE v12; // edi
3166. unsigned int v13; // ebx
3167. int v14; // eax
3168. int v15; // edx
3169. int i; // [esp+10h] [ebp-8h]
3170. int v17; // [esp+10h] [ebp-8h]
3171. int (__thiscall *ProcAddress)(int); // [esp+14h] [ebp-4h]
3172.  
3173. v3 = a1;
3174. v4 = hModule;
3175. a1[2] = -2147482623;
3176. v5 = 0;
3177. if ( !*((_DWORD *)hModule + 5) )
3178. {
3179. v7 = hModule;
3180. v8 = 0;
3181. for ( i = 0; ; v8 = i )
3182. {
3183. if ( v8 )
3184. {
3185. if ( v8 == 1 )
3186. {
3187. ModuleHandleA = GetModuleHandleA(LibFileName);
3188. }
3189. else
3190. {
3191. if ( v8 != 2 )
3192. goto LABEL_13;
3193. ModuleHandleA = GetModuleHandleA(aGdi32Dll);
3194. }
3195. }
3196. else
3197. {
3198. ModuleHandleA = GetModuleHandleA(aKernel32Dll_0);
3199. }
3200. v7 = ModuleHandleA;
3201. LABEL_13:
3202. ProcAddress = (int (__thiscall *)(int))GetProcAddress(v7, *(LPCSTR *)hModule);
3203. if ( ProcAddress )
3204. {
3205. v4 = hModule;
3206. goto LABEL_17;
3207. }
3208. result = (FARPROC)++i;
3209. if ( i >= 3 )
3210. goto LABEL_3;
3211. }
3212. }
3213. result = GetProcAddress(*((HMODULE *)hModule + 3), *(LPCSTR *)hModule);
3214. ProcAddress = (int (__thiscall *)(int))result;
3215. if ( !result )
3216. {
3217. LABEL_3:
3218. a1[2] = -2147483646;
3219. *a1 = 0;
3220. return result;
3221. }
3222. LABEL_17:
3223. if ( *((_DWORD *)v4 + 8) )
3224. v10 = *((_DWORD *)v4 + 6);
3225. else
3226. v10 = 3;
3227. switch ( v10 )
3228. {
3229. case 1:
3230. a1[2] = -2147483391;
3231. break;
3232. case 2:
3233. a1[2] = -2147483135;
3234. break;
3235. case 3:
3236. a1[2] = -2147482879;
3237. break;
3238. case 4:
3239. a1[2] = -2147482623;
3240. break;
3241. case 5:
3242. a1[2] = -2147482367;
3243. break;
3244. case 6:
3245. a1[2] = -2147482111;
3246. break;
3247. case 7:
3248. a1[2] = -2147483646;
3249. break;
3250. case 8:
3251. a1[2] = -2147483645;
3252. break;
3253. case 9:
3254. a1[2] = -2147483642;
3255. break;
3256. case 10:
3257. a1[2] = -2147483644;
3258. break;
3259. default:
3260. a1[2] = -2147483643;
3261. break;
3262. }
3263. v11 = 3;
3264. if ( a2 <= 3 )
3265. goto LABEL_56;
3266. v12 = v4 + 9;
3267. while ( 1 )
3268. {
3269. v13 = *((_DWORD *)v12 + 2);
3270. if ( !v13 )
3271. break;
3272. if ( !v5 )
3273. {
3274. v5 = (HMODULE)sub_10001000(128);
3275. hModule = v5;
3276. if ( !v5 )
3277. {
3278. result = (FARPROC)a1;
3279. *a1 = 0;
3280. a1[1] = 0;
3281. return result;
3282. }
3283. }
3284. if ( v13 > 0x80000101 )
3285. {
3286. if ( v13 > 0x80000401 )
3287. {
3288. if ( v13 == -2147482367 )
3289. {
3290. *((float *)v5 + v11 - 1) = (float)(__int64)*(float *)v12;
3291. goto LABEL_53;
3292. }
3293. if ( v13 == -2147482111 )
3294. {
3295. LABEL_51:
3296. v17 = (__int64)*(double *)v12;
3297. ++v11;
3298. v12 += 3;
3299. *(double *)(v5 + v11 - 2) = (double)v17;
3300. goto LABEL_53;
3301. }
3302. LABEL_50:
3303. *((_DWORD *)v5 + v11 - 1) = *(_DWORD *)v12;
3304. goto LABEL_53;
3305. }
3306. if ( v13 == -2147482623 )
3307. {
3308. *((_DWORD *)v5 + v11 - 1) = *(_DWORD *)v12;
3309. v5[v11++] = v12[1];
3310. v12 += 3;
3311. goto LABEL_53;
3312. }
3313. if ( v13 != -2147483135 && v13 != -2147482879 )
3314. goto LABEL_50;
3315. }
3316. else if ( v13 != -2147483391 )
3317. {
3318. switch ( v13 )
3319. {
3320. case 0x80000002:
3321. case 0x80000006:
3322. goto LABEL_46;
3323. case 0x80000003:
3324. goto LABEL_51;
3325. case 0x80000004:
3326. *((_DWORD *)v5 + v11 - 1) = *(_DWORD *)v12;
3327. break;
3328. case 0x80000005:
3329. *((_DWORD *)v5 + v11 - 1) = *(_DWORD *)v12;
3330. break;
3331. default:
3332. goto LABEL_50;
3333. }
3334. goto LABEL_53;
3335. }
3336. LABEL_46:
3337. *((_DWORD *)v5 + v11 - 1) = *(_DWORD *)v12;
3338. LABEL_53:
3339. ++v11;
3340. v12 += 3;
3341. if ( v11 >= a2 )
3342. goto LABEL_54;
3343. }
3344. if ( !v5 )
3345. {
3346. v5 = (HMODULE)sub_10001000(16);
3347. hModule = v5;
3348. }
3349. LABEL_54:
3350. if ( v11 > 31 )
3351. goto LABEL_58;
3352. v3 = a1;
3353. LABEL_56:
3354. *(_DWORD *)v5 = 1;
3355. *((_DWORD *)v5 + 1) = 4 * v11 - 12;
3356. *v3 = sub_10001B30(ProcAddress, 0, (int)v5);
3357. v14 = v3[2];
3358. v3[1] = v15;
3359. if ( v14 == -2147483643 )
3360. *v3 -= 8;
3361. LABEL_58:
3362. result = (FARPROC)hModule;
3363. if ( hModule )
3364. return (FARPROC)sub_10001020((int)hModule);
3365. return result;
3366. }
3367. // 10004327: variable 'v15' is possibly undefined
3368.  
3369. //----- (100043C0) --------------------------------------------------------
3370. int __cdecl sub_100043C0(int a1)
3371. {
3372. int result; // eax
3373.  
3374. __debugbreak();
3375. result = a1;
3376. *(_DWORD *)(a1 + 8) = 0;
3377. return result;
3378. }
3379.  
3380. //----- (100043D0) --------------------------------------------------------
3381. BOOL __cdecl sub_100043D0(CHAR **a1, int a2, int *a3)
3382. {
3383. CHAR *v3; // esi
3384. BOOL result; // eax
3385.  
3386. v3 = (CHAR *)sub_10001000(512);
3387. a1[2] = (CHAR *)-2147483644;
3388. result = SHGetSpecialFolderPathA(0, v3, *a3, 0);
3389. *a1 = v3;
3390. return result;
3391. }
3392.  
3393. //----- (10004410) --------------------------------------------------------
3394. int **__cdecl sub_10004410(int **a1, int a2, int ***a3)
3395. {
3396. _DWORD *v3; // eax
3397. int *v4; // eax
3398. int *v5; // ecx
3399. int **result; // eax
3400. int *v7; // esi
3401.  
3402. v3 = (_DWORD *)sub_10004F6A(8u);
3403. if ( v3 )
3404. v4 = sub_10002BF0(v3);
3405. else
3406. v4 = 0;
3407. **a3 = v4;
3408. v5 = **a3;
3409. if ( !v5 )
3410. {
3411. LABEL_9:
3412. result = a1;
3413. *a1 = 0;
3414. goto LABEL_10;
3415. }
3416. if ( !sub_10002C60(v5, (LPCSTR)a3[3]) )
3417. {
3418. v7 = **a3;
3419. if ( v7 )
3420. {
3421. sub_10002C20(v7);
3422. sub_10004F5F(v7);
3423. }
3424. goto LABEL_9;
3425. }
3426. result = a1;
3427. *a1 = **a3;
3428. LABEL_10:
3429. result[2] = (int *)1;
3430. return result;
3431. }
3432.  
3433. //----- (100044C0) --------------------------------------------------------
3434. _DWORD *__cdecl sub_100044C0(_DWORD *a1, int a2, int a3)
3435. {
3436. int v3; // ecx
3437. _DWORD *result; // eax
3438.  
3439. v3 = sub_10002D10(
3440. **(_DWORD ***)a3,
3441. *(HWND *)(a3 + 12),
3442. *(_DWORD *)(a3 + 24),
3443. *(_DWORD *)(a3 + 36),
3444. *(_DWORD *)(a3 + 48),
3445. *(_DWORD *)(a3 + 60));
3446. result = a1;
3447. a1[2] = -2147483646;
3448. *a1 = v3 != 0;
3449. return result;
3450. }
3451.  
3452. //----- (10004500) --------------------------------------------------------
3453. _DWORD *__cdecl sub_10004500(_DWORD *a1, int a2, int a3)
3454. {
3455. _DWORD *result; // eax
3456.  
3457. result = sub_10002DF0(**(_DWORD ***)a3, *(_DWORD *)(a3 + 12), *(_DWORD *)(a3 + 24));
3458. *a1 = result;
3459. a1[2] = 2;
3460. return result;
3461. }
3462.  
3463. //----- (10004530) --------------------------------------------------------
3464. void __cdecl sub_10004530(int a1, int a2, void ***a3)
3465. {
3466. void *v3; // esi
3467.  
3468. v3 = **a3;
3469. if ( v3 )
3470. {
3471. sub_10002C20(**a3);
3472. sub_10004F5F(v3);
3473. }
3474. }
3475.  
3476. //----- (10004550) --------------------------------------------------------
3477. int __cdecl sub_10004550(int *a1, int a2, int a3)
3478. {
3479. _DWORD *v3; // ecx
3480. int result; // eax
3481.  
3482. v3 = **(_DWORD ***)a3;
3483. a1[2] = -2147483646;
3484. result = sub_10002EE0(v3, *(_DWORD *)(a3 + 12));
3485. *a1 = result;
3486. return result;
3487. }
3488.  
3489. //----- (10004580) --------------------------------------------------------
3490. BOOL __cdecl sub_10004580(BOOL *a1, int a2, int a3)
3491. {
3492. _DWORD *v3; // ecx
3493. BOOL result; // eax
3494.  
3495. v3 = **(_DWORD ***)a3;
3496. a1[2] = -2147483646;
3497. result = sub_10002E60(v3, *(LPCCH *)(a3 + 12), *(LPCCH *)(a3 + 24));
3498. *a1 = result;
3499. return result;
3500. }
3501.  
3502. //----- (100045B0) --------------------------------------------------------
3503. void __cdecl sub_100045B0(int a1, int a2, int a3)
3504. {
3505. _DWORD *v3; // ecx
3506.  
3507. v3 = **(_DWORD ***)a3;
3508. *(_DWORD *)(a1 + 8) = 0;
3509. sub_10002CE0(v3, *(_DWORD *)(a3 + 12));
3510. }
3511.  
3512. //----- (100045D0) --------------------------------------------------------
3513. int __cdecl sub_100045D0(int ***a1, int a2, int **a3)
3514. {
3515. int *v3; // ecx
3516. int v4; // eax
3517. int v5; // esi
3518. int result; // eax
3519. int **v7; // ecx
3520.  
3521. v3 = *a3;
3522. a3 = 0;
3523. v4 = *v3;
3524. a1[2] = (int **)-2147482879;
3525. v5 = *(_DWORD *)(v4 + 4);
3526. result = GdipGetImageHeight(*(_DWORD *)(v5 + 4), &a3);
3527. if ( result )
3528. {
3529. v7 = a3;
3530. *(_DWORD *)(v5 + 8) = result;
3531. *a1 = v7;
3532. }
3533. else
3534. {
3535. *a1 = a3;
3536. }
3537. return result;
3538. }
3539. // 10004AF2: using guessed type int __stdcall GdipGetImageHeight(_DWORD, _DWORD);
3540.  
3541. //----- (10004620) --------------------------------------------------------
3542. int __cdecl sub_10004620(int ***a1, int a2, int **a3)
3543. {
3544. int *v3; // ecx
3545. int v4; // eax
3546. int v5; // esi
3547. int result; // eax
3548. int **v7; // ecx
3549.  
3550. v3 = *a3;
3551. a3 = 0;
3552. v4 = *v3;
3553. a1[2] = (int **)-2147482879;
3554. v5 = *(_DWORD *)(v4 + 4);
3555. result = GdipGetImageWidth(*(_DWORD *)(v5 + 4), &a3);
3556. if ( result )
3557. {
3558. v7 = a3;
3559. *(_DWORD *)(v5 + 8) = result;
3560. *a1 = v7;
3561. }
3562. else
3563. {
3564. *a1 = a3;
3565. }
3566. return result;
3567. }
3568. // 10004AF8: using guessed type int __stdcall GdipGetImageWidth(_DWORD, _DWORD);
3569.  
3570. //----- (10004670) --------------------------------------------------------
3571. int __cdecl sub_10004670(int ***a1, int a2, int **a3)
3572. {
3573. int *v3; // ecx
3574. int v4; // eax
3575. int v5; // esi
3576. int result; // eax
3577. int **v7; // ecx
3578.  
3579. v3 = *a3;
3580. a3 = 0;
3581. v4 = *v3;
3582. a1[2] = (int **)-2147482879;
3583. v5 = *(_DWORD *)(v4 + 4);
3584. result = GdipGetImagePaletteSize(*(_DWORD *)(v5 + 4), &a3);
3585. if ( result )
3586. {
3587. v7 = a3;
3588. *(_DWORD *)(v5 + 8) = result;
3589. *a1 = v7;
3590. }
3591. else
3592. {
3593. *a1 = a3;
3594. }
3595. return result;
3596. }
3597. // 10004B46: using guessed type int __stdcall GdipGetImagePaletteSize(_DWORD, _DWORD);
3598.  
3599. //----- (100046C0) --------------------------------------------------------
3600. _DWORD *__cdecl sub_100046C0(_DWORD *a1, int a2, int **a3)
3601. {
3602. int *v3; // edi
3603. int v4; // ebx
3604. _DWORD *v5; // esi
3605. int v6; // ebx
3606. _DWORD *result; // eax
3607.  
3608. v3 = a3[3];
3609. v4 = **a3;
3610. v5 = (_DWORD *)sub_10001000((int)(v3 + 2));
3611. *v5 = 1;
3612. v5[1] = v3;
3613. a1[2] = -2147483643;
3614. v6 = *(_DWORD *)(v4 + 4);
3615. result = (_DWORD *)GdipGetImagePalette(*(_DWORD *)(v6 + 4), v5 + 2, v3);
3616. if ( result )
3617. {
3618. *(_DWORD *)(v6 + 8) = result;
3619. sub_10001020((int)v5);
3620. result = (_DWORD *)sub_10001000(8);
3621. *result = 1;
3622. result[1] = 0;
3623. *a1 = result;
3624. }
3625. else
3626. {
3627. *a1 = v5;
3628. }
3629. return result;
3630. }
3631. // 10004B4C: using guessed type int __stdcall GdipGetImagePalette(_DWORD, _DWORD, _DWORD);
3632.  
3633. //----- (10004740) --------------------------------------------------------
3634. int __cdecl sub_10004740(_DWORD *a1, int a2, int **a3)
3635. {
3636. int v3; // eax
3637. int v4; // ecx
3638. int v5; // esi
3639. int result; // eax
3640.  
3641. v3 = (int)(a3[3] + 2);
3642. v4 = **a3;
3643. a1[2] = -2147483646;
3644. v5 = *(_DWORD *)(v4 + 4);
3645. result = GdipSetImagePalette(*(_DWORD *)(v5 + 4), v3);
3646. if ( result )
3647. {
3648. *(_DWORD *)(v5 + 8) = result;
3649. *a1 = 0;
3650. }
3651. else
3652. {
3653. *a1 = 1;
3654. }
3655. return result;
3656. }
3657. // 10004B52: using guessed type int __stdcall GdipSetImagePalette(_DWORD, _DWORD);
3658.  
3659. //----- (10004790) --------------------------------------------------------
3660. void __cdecl sub_10004790(_DWORD *a1, int a2, int **a3)
3661. {
3662. int v3; // esi
3663. _BYTE *v4; // ebp
3664. void *v5; // ebx
3665. int v6; // esi
3666. int ImageRawFormat; // eax
3667. _BYTE *v8; // eax
3668. _BYTE *v9; // eax
3669. _BYTE *v10; // eax
3670. int v11; // [esp+10h] [ebp-4h] BYREF
3671. const char *v12; // [esp+20h] [ebp+Ch]
3672. const char *v13; // [esp+20h] [ebp+Ch]
3673. const char *v14; // [esp+20h] [ebp+Ch]
3674. const char *v15; // [esp+20h] [ebp+Ch]
3675. const char *v16; // [esp+20h] [ebp+Ch]
3676.  
3677. v3 = **a3;
3678. v4 = (_BYTE *)sub_10004F6A(0x10u);
3679. v5 = (void *)sub_10001000(36);
3680. memset(v5, 0, 0x20u);
3681. a1[2] = -2147483644;
3682. v6 = *(_DWORD *)(v3 + 4);
3683. ImageRawFormat = GdipGetImageRawFormat(*(_DWORD *)(v6 + 4), v4);
3684. if ( ImageRawFormat )
3685. {
3686. *(_DWORD *)(v6 + 8) = ImageRawFormat;
3687. }
3688. else
3689. {
3690. v8 = (_BYTE *)((int (__cdecl *)(_BYTE *, int))loc_10002B70)(v4, 4);
3691. v12 = (const char *)sub_10001B70(v8, 4, &v11);
3692. strcat((char *)v5, v12);
3693. sub_10001020((int)v12);
3694. strcat((char *)v5, asc_10011B2C);
3695. v9 = (_BYTE *)((int (__cdecl *)(_BYTE *, int))loc_10002B70)(v4 + 4, 2);
3696. v13 = (const char *)sub_10001B70(v9, 2, &v11);
3697. strcat((char *)v5, v13);
3698. sub_10001020((int)v13);
3699. strcat((char *)v5, asc_10011B2C);
3700. v10 = (_BYTE *)((int (__cdecl *)(_BYTE *, int))loc_10002B70)(v4 + 6, 2);
3701. v14 = (const char *)sub_10001B70(v10, 2, &v11);
3702. strcat((char *)v5, v14);
3703. sub_10001020((int)v14);
3704. strcat((char *)v5, asc_10011B2C);
3705. v15 = (const char *)sub_10001B70(v4 + 8, 2, &v11);
3706. strcat((char *)v5, v15);
3707. sub_10001020((int)v15);
3708. strcat((char *)v5, asc_10011B2C);
3709. v16 = (const char *)sub_10001B70(v4 + 10, 6, &v11);
3710. strcat((char *)v5, v16);
3711. sub_10001020((int)v16);
3712. }
3713. *a1 = v5;
3714. sub_10004F5F(v4);
3715. }
3716. // 10004B58: using guessed type int __stdcall GdipGetImageRawFormat(_DWORD, _DWORD);
3717.  
3718. //----- (10004A20) --------------------------------------------------------
3719. int __cdecl sub_10004A20(int *a1, int a2, int a3)
3720. {
3721. int result; // eax
3722. int v4; // [esp-8h] [ebp-Ch]
3723. int v5; // [esp-4h] [ebp-8h]
3724.  
3725. v5 = *(_DWORD *)(*(_DWORD *)a3 + 4);
3726. v4 = *(_DWORD *)a3 + 8;
3727. a1[2] = -2147483643;
3728. result = ((int (__cdecl *)(int, int))loc_10002B70)(v4, v5);
3729. *a1 = result;
3730. return result;
3731. }
3732.  
3733. //----- (10004A50) --------------------------------------------------------
3734. CHAR *__cdecl sub_10004A50(CHAR **a1, int a2, int a3)
3735. {
3736. void *v3; // ecx
3737. CHAR *result; // eax
3738. int v5; // [esp-8h] [ebp-Ch]
3739. const CHAR *v6; // [esp-4h] [ebp-8h]
3740.  
3741. v3 = **(void ***)a3;
3742. v6 = *(const CHAR **)(a3 + 24);
3743. v5 = *(_DWORD *)(a3 + 12);
3744. a1[2] = (CHAR *)2;
3745. result = sub_10002F10(v3, v5, v6);
3746. *a1 = result;
3747. return result;
3748. }
3749.  
3750. //----- (10004A80) --------------------------------------------------------
3751. int __stdcall sub_10004A80(int a1, int (__stdcall *a2)(_DWORD, _DWORD, _DWORD), int a3)
3752. {
3753. int result; // eax
3754.  
3755. result = 0;
3756. if ( a1 != 1 )
3757. return -1;
3758. dword_10014934 = a2;
3759. return result;
3760. }
3761. // 10014934: using guessed type int (__stdcall *dword_10014934)(_DWORD, _DWORD, _DWORD);
3762.  
3763. //----- (10004AA0) --------------------------------------------------------
3764. void *GetNewInf()
3765. {
3766. return &unk_1000F0E8;
3767. }
3768.  
3769. //----- (10004C8F) --------------------------------------------------------
3770. void __cdecl sub_10004C8F(LPVOID lpMem)
3771. {
3772. _DWORD *block; // eax
3773. bool v2; // zf
3774. _BYTE *v3; // eax
3775. void **v4; // [esp+Ch] [ebp-28h] BYREF
3776. _BYTE *v5; // [esp+10h] [ebp-24h]
3777. int v6; // [esp+14h] [ebp-20h] BYREF
3778. _DWORD *v7; // [esp+18h] [ebp-1Ch]
3779. CPPEH_RECORD ms_exc; // [esp+1Ch] [ebp-18h]
3780.  
3781. if ( lpMem )
3782. {
3783. if ( dword_10015034 == 3 )
3784. {
3785. _lock(9);
3786. ms_exc.registration.TryLevel = 0;
3787. block = (_DWORD *)__sbh_find_block(lpMem);
3788. v7 = block;
3789. if ( block )
3790. sub_100057E4(block, (int)lpMem);
3791. ms_exc.registration.TryLevel = -1;
3792. _unlock(9);
3793. v2 = v7 == 0;
3794. }
3795. else
3796. {
3797. if ( dword_10015034 != 2 )
3798. {
3799. LABEL_11:
3800. HeapFree(hHeap, 0, lpMem);
3801. return;
3802. }
3803. _lock(9);
3804. ms_exc.registration.TryLevel = 1;
3805. v3 = (_BYTE *)sub_1000621E((unsigned int)lpMem, &v4, (unsigned int *)&v6);
3806. v5 = v3;
3807. if ( v3 )
3808. sub_10006275((int)v4, v6, v3);
3809. ms_exc.registration.TryLevel = -1;
3810. _unlock(9);
3811. v2 = v5 == 0;
3812. }
3813. if ( !v2 )
3814. return;
3815. goto LABEL_11;
3816. }
3817. }
3818. // 100057B9: using guessed type _DWORD __cdecl __sbh_find_block(_DWORD);
3819. // 1000667B: using guessed type _DWORD __cdecl _lock(_DWORD);
3820. // 100066DC: using guessed type _DWORD __cdecl _unlock(_DWORD);
3821. // 10015034: using guessed type int dword_10015034;
3822.  
3823. //----- (10004DEB) --------------------------------------------------------
3824. LPVOID __cdecl sub_10004DEB(unsigned int a1)
3825. {
3826. LPVOID result; // eax
3827. unsigned int v2; // esi
3828. int v3; // eax
3829. SIZE_T v4; // eax
3830. void *v5; // [esp+Ch] [ebp-1Ch]
3831. int v6; // [esp+Ch] [ebp-1Ch]
3832.  
3833. if ( dword_10015034 == 3 )
3834. {
3835. if ( a1 <= dword_1001502C )
3836. {
3837. _lock(9);
3838. v5 = (void *)__sbh_alloc_block(a1);
3839. _unlock(9);
3840. result = v5;
3841. if ( v5 )
3842. return result;
3843. }
3844. goto LABEL_12;
3845. }
3846. if ( dword_10015034 != 2 )
3847. {
3848. LABEL_12:
3849. v3 = a1;
3850. if ( !a1 )
3851. v3 = 1;
3852. v4 = v3 + 15;
3853. LOBYTE(v4) = v4 & 0xF0;
3854. return HeapAlloc(hHeap, 0, v4);
3855. }
3856. if ( a1 )
3857. v2 = (a1 + 15) & 0xFFFFFFF0;
3858. else
3859. v2 = 16;
3860. if ( v2 > dword_10013B84 )
3861. return HeapAlloc(hHeap, 0, v2);
3862. _lock(9);
3863. v6 = sub_100062BA(v2 >> 4);
3864. _unlock(9);
3865. result = (LPVOID)v6;
3866. if ( !v6 )
3867. return HeapAlloc(hHeap, 0, v2);
3868. return result;
3869. }
3870. // 10005B0D: using guessed type _DWORD __cdecl __sbh_alloc_block(_DWORD);
3871. // 1000667B: using guessed type _DWORD __cdecl _lock(_DWORD);
3872. // 100066DC: using guessed type _DWORD __cdecl _unlock(_DWORD);
3873. // 10013B84: using guessed type int dword_10013B84;
3874. // 1001502C: using guessed type int dword_1001502C;
3875. // 10015034: using guessed type int dword_10015034;
3876.  
3877. //----- (10004F5F) --------------------------------------------------------
3878. void __cdecl sub_10004F5F(LPVOID lpMem)
3879. {
3880. sub_10004C8F(lpMem);
3881. }
3882.  
3883. //----- (10004F6A) --------------------------------------------------------
3884. int __cdecl sub_10004F6A(size_t Size)
3885. {
3886. return _nh_malloc(Size, 1);
3887. }
3888.  
3889. //----- (100054F7) --------------------------------------------------------
3890. char __cdecl sub_100054F7(int a1)
3891. {
3892. HMODULE ModuleHandleA; // eax
3893. int v2; // ecx
3894.  
3895. *(_DWORD *)a1 = 0;
3896. ModuleHandleA = GetModuleHandleA(0);
3897. if ( *(_WORD *)ModuleHandleA == 23117 )
3898. {
3899. v2 = *((_DWORD *)ModuleHandleA + 15);
3900. if ( v2 )
3901. {
3902. ModuleHandleA = (HMODULE)((char *)ModuleHandleA + v2);
3903. *(_BYTE *)a1 = *((_BYTE *)ModuleHandleA + 26);
3904. LOBYTE(ModuleHandleA) = *((_BYTE *)ModuleHandleA + 27);
3905. *(_BYTE *)(a1 + 1) = (_BYTE)ModuleHandleA;
3906. }
3907. }
3908. return (char)ModuleHandleA;
3909. }
3910.  
3911. //----- (10005524) --------------------------------------------------------
3912. int sub_10005524()
3913. {
3914. int result; // eax
3915. CHAR *i; // ecx
3916. char v2; // al
3917. CHAR *v3; // eax
3918. CHAR *j; // ecx
3919. char v5; // al
3920. char *v6; // eax
3921. const char *v7; // eax
3922. const char *v8; // ecx
3923. CHAR Buffer[4240]; // [esp+4h] [ebp-122Ch] BYREF
3924. CHAR Filename[260]; // [esp+1094h] [ebp-19Ch] BYREF
3925. struct _OSVERSIONINFOA VersionInformation; // [esp+1198h] [ebp-98h] BYREF
3926. char v12[4]; // [esp+122Ch] [ebp-4h] BYREF
3927.  
3928. VersionInformation.dwOSVersionInfoSize = 148;
3929. if ( GetVersionExA(&VersionInformation)
3930. && VersionInformation.dwPlatformId == 2
3931. && VersionInformation.dwMajorVersion >= 5 )
3932. {
3933. return 1;
3934. }
3935. if ( !GetEnvironmentVariableA("__MSVCRT_HEAP_SELECT", Buffer, 0x1090u) )
3936. goto LABEL_29;
3937. for ( i = Buffer; *i; ++i )
3938. {
3939. v2 = *i;
3940. if ( *i >= 97 && v2 <= 122 )
3941. *i = v2 - 32;
3942. }
3943. if ( !strncmp("__GLOBAL_HEAP_SELECTED", Buffer, 0x16u) )
3944. {
3945. v3 = Buffer;
3946. }
3947. else
3948. {
3949. GetModuleFileNameA(0, Filename, 0x104u);
3950. for ( j = Filename; *j; ++j )
3951. {
3952. v5 = *j;
3953. if ( *j >= 97 && v5 <= 122 )
3954. *j = v5 - 32;
3955. }
3956. v3 = strstr(Buffer, Filename);
3957. }
3958. if ( !v3 )
3959. goto LABEL_29;
3960. v6 = strchr(v3, 44);
3961. if ( !v6 )
3962. goto LABEL_29;
3963. v7 = v6 + 1;
3964. v8 = v7;
3965. while ( *v8 )
3966. {
3967. if ( *v8 == 59 )
3968. *v8 = 0;
3969. else
3970. ++v8;
3971. }
3972. result = strtol(v7, 0, 10);
3973. if ( result != 2 && result != 3 && result != 1 )
3974. {
3975. LABEL_29:
3976. sub_100054F7((int)v12);
3977. return 3 - (v12[0] < 6u);
3978. }
3979. return result;
3980. }
3981. // 10005524: using guessed type char var_4[4];
3982.  
3983. //----- (1000566C) --------------------------------------------------------
3984. int __cdecl sub_1000566C(int a1)
3985. {
3986. int v1; // eax
3987. void **v2; // eax
3988.  
3989. hHeap = HeapCreate(a1 == 0, 0x1000u, 0);
3990. if ( !hHeap )
3991. return 0;
3992. v1 = sub_10005524();
3993. dword_10015034 = v1;
3994. if ( v1 == 3 )
3995. {
3996. v2 = (void **)__sbh_heap_init(1016);
3997. }
3998. else
3999. {
4000. if ( v1 != 2 )
4001. return 1;
4002. v2 = sub_10005FC2();
4003. }
4004. if ( !v2 )
4005. {
4006. HeapDestroy(hHeap);
4007. return 0;
4008. }
4009. return 1;
4010. }
4011. // 10005771: using guessed type _DWORD __cdecl __sbh_heap_init(_DWORD);
4012. // 10015034: using guessed type int dword_10015034;
4013.  
4014. //----- (100056C9) --------------------------------------------------------
4015. BOOL sub_100056C9()
4016. {
4017. int v0; // ebx
4018. LPVOID *v1; // esi
4019. void **v2; // esi
4020. void *v3; // eax
4021.  
4022. if ( dword_10015034 == 3 )
4023. {
4024. v0 = 0;
4025. if ( dword_10015024 > 0 )
4026. {
4027. v1 = (LPVOID *)((char *)lpMem + 12);
4028. do
4029. {
4030. VirtualFree(*v1, 0x100000u, 0x4000u);
4031. VirtualFree(*v1, 0, 0x8000u);
4032. HeapFree(hHeap, 0, v1[1]);
4033. v1 += 5;
4034. ++v0;
4035. }
4036. while ( v0 < dword_10015024 );
4037. }
4038. HeapFree(hHeap, 0, lpMem);
4039. }
4040. else if ( dword_10015034 == 2 )
4041. {
4042. v2 = &off_10011B60;
4043. do
4044. {
4045. v3 = v2[4];
4046. if ( v3 )
4047. VirtualFree(v3, 0, 0x8000u);
4048. v2 = (void **)*v2;
4049. }
4050. while ( v2 != &off_10011B60 );
4051. }
4052. return HeapDestroy(hHeap);
4053. }
4054. // 10011B60: using guessed type void *off_10011B60;
4055. // 10015024: using guessed type int dword_10015024;
4056. // 10015034: using guessed type int dword_10015034;
4057.  
4058. //----- (100057E4) --------------------------------------------------------
4059. _DWORD *__cdecl sub_100057E4(_DWORD *a1, int a2)
4060. {
4061. _DWORD *result; // eax
4062. int *v3; // esi
4063. unsigned int v4; // edi
4064. int v5; // ecx
4065. char *v6; // ebx
4066. unsigned int v7; // edx
4067. _BYTE *v8; // ecx
4068. unsigned int v9; // ebx
4069. bool v10; // zf
4070. _BYTE *v11; // ecx
4071. unsigned int v12; // ebx
4072. unsigned int v13; // edx
4073. unsigned int v14; // ebx
4074. unsigned int v15; // esi
4075. unsigned int v16; // esi
4076. _DWORD *v17; // ecx
4077. LPVOID *v18; // eax
4078. _DWORD *v19; // [esp+Ch] [ebp-10h]
4079. int v20; // [esp+10h] [ebp-Ch]
4080. int v21; // [esp+14h] [ebp-8h]
4081. int v22; // [esp+18h] [ebp-4h]
4082. char *v23; // [esp+28h] [ebp+Ch]
4083. int *v24; // [esp+28h] [ebp+Ch]
4084. char v25; // [esp+2Bh] [ebp+Fh]
4085.  
4086. result = (_DWORD *)a1[4];
4087. v3 = (int *)(a2 - 4);
4088. v4 = (unsigned int)(a2 - a1[3]) >> 15;
4089. v19 = &result[129 * v4 + 81];
4090. v5 = *(_DWORD *)(a2 - 4) - 1;
4091. v22 = v5;
4092. if ( (v5 & 1) == 0 )
4093. {
4094. v6 = (char *)v3 + v5;
4095. v20 = *(int *)((char *)v3 + v5);
4096. v21 = *(_DWORD *)(a2 - 8);
4097. v23 = (char *)v3 + v5;
4098. if ( (v20 & 1) == 0 )
4099. {
4100. v7 = (v20 >> 4) - 1;
4101. if ( v7 > 0x3F )
4102. v7 = 63;
4103. if ( *((_DWORD *)v6 + 1) == *((_DWORD *)v6 + 2) )
4104. {
4105. if ( v7 >= 0x20 )
4106. {
4107. v11 = (char *)result + v7 + 4;
4108. v12 = ~(0x80000000 >> (v7 - 32));
4109. result[v4 + 49] &= v12;
4110. v10 = (*v11)-- == 1;
4111. if ( v10 )
4112. a1[1] &= v12;
4113. }
4114. else
4115. {
4116. v8 = (char *)result + v7 + 4;
4117. v9 = ~(0x80000000 >> v7);
4118. result[v4 + 17] &= v9;
4119. v10 = (*v8)-- == 1;
4120. if ( v10 )
4121. *a1 &= v9;
4122. }
4123. v5 = v22;
4124. v6 = v23;
4125. }
4126. v5 += v20;
4127. *(_DWORD *)(*((_DWORD *)v6 + 2) + 4) = *((_DWORD *)v6 + 1);
4128. v22 = v5;
4129. *(_DWORD *)(*((_DWORD *)v23 + 1) + 8) = *((_DWORD *)v23 + 2);
4130. }
4131. v13 = (v5 >> 4) - 1;
4132. if ( v13 > 0x3F )
4133. v13 = 63;
4134. if ( (v21 & 1) != 0 )
4135. {
4136. v14 = (unsigned int)a1;
4137. }
4138. else
4139. {
4140. v24 = (int *)((char *)v3 - v21);
4141. v14 = (v21 >> 4) - 1;
4142. if ( v14 > 0x3F )
4143. v14 = 63;
4144. v22 = v21 + v5;
4145. v13 = ((v21 + v5) >> 4) - 1;
4146. if ( v13 > 0x3F )
4147. v13 = 63;
4148. if ( v14 != v13 )
4149. {
4150. if ( v24[1] == v24[2] )
4151. {
4152. if ( v14 >= 0x20 )
4153. {
4154. v16 = ~(0x80000000 >> (v14 - 32));
4155. result[v4 + 49] &= v16;
4156. v10 = (*((_BYTE *)result + v14 + 4))-- == 1;
4157. if ( v10 )
4158. a1[1] &= v16;
4159. }
4160. else
4161. {
4162. v15 = ~(0x80000000 >> v14);
4163. result[v4 + 17] &= v15;
4164. v10 = (*((_BYTE *)result + v14 + 4))-- == 1;
4165. if ( v10 )
4166. *a1 &= v15;
4167. }
4168. }
4169. *(_DWORD *)(v24[2] + 4) = v24[1];
4170. *(_DWORD *)(v24[1] + 8) = v24[2];
4171. }
4172. v3 = v24;
4173. }
4174. if ( (v21 & 1) != 0 || v14 != v13 )
4175. {
4176. v17 = &v19[2 * v13];
4177. v3[1] = v17[1];
4178. v3[2] = (int)v17;
4179. v17[1] = v3;
4180. *(_DWORD *)(v3[1] + 8) = v3;
4181. if ( v3[1] == v3[2] )
4182. {
4183. v25 = *((_BYTE *)result + v13 + 4);
4184. *((_BYTE *)result + v13 + 4) = v25 + 1;
4185. if ( v13 >= 0x20 )
4186. {
4187. if ( !v25 )
4188. a1[1] |= 0x80000000 >> (v13 - 32);
4189. result[v4 + 49] |= 0x80000000 >> (v13 - 32);
4190. }
4191. else
4192. {
4193. if ( !v25 )
4194. *a1 |= 0x80000000 >> v13;
4195. result[v4 + 17] |= 0x80000000 >> v13;
4196. }
4197. }
4198. }
4199. *v3 = v22;
4200. *(int *)((char *)v3 + v22 - 4) = v22;
4201. result += 129 * v4 + 81;
4202. v10 = (*v19)-- == 1;
4203. if ( v10 )
4204. {
4205. if ( dword_10015020 )
4206. {
4207. VirtualFree((LPVOID)(*((_DWORD *)dword_10015020 + 3) + (dword_10015018 << 15)), 0x8000u, 0x4000u);
4208. *((_DWORD *)dword_10015020 + 2) |= 0x80000000 >> dword_10015018;
4209. *(_DWORD *)(*((_DWORD *)dword_10015020 + 4) + 4 * dword_10015018 + 196) = 0;
4210. --*(_BYTE *)(*((_DWORD *)dword_10015020 + 4) + 67);
4211. v18 = (LPVOID *)dword_10015020;
4212. if ( !*(_BYTE *)(*((_DWORD *)dword_10015020 + 4) + 67) )
4213. {
4214. *((_DWORD *)dword_10015020 + 1) &= ~1u;
4215. v18 = (LPVOID *)dword_10015020;
4216. }
4217. if ( v18[2] == (LPVOID)-1 )
4218. {
4219. VirtualFree(v18[3], 0, 0x8000u);
4220. HeapFree(hHeap, 0, *((LPVOID *)dword_10015020 + 4));
4221. memcpy(
4222. dword_10015020,
4223. (char *)dword_10015020 + 20,
4224. (size_t)lpMem + 20 * dword_10015024 - (_DWORD)dword_10015020 - 20);
4225. --dword_10015024;
4226. if ( a1 > dword_10015020 )
4227. a1 -= 5;
4228. dword_1001501C = (int)lpMem;
4229. }
4230. }
4231. result = a1;
4232. dword_10015018 = v4;
4233. dword_10015020 = a1;
4234. }
4235. }
4236. return result;
4237. }
4238. // 10015018: using guessed type int dword_10015018;
4239. // 1001501C: using guessed type int dword_1001501C;
4240. // 10015024: using guessed type int dword_10015024;
4241.  
4242. //----- (10005FC2) --------------------------------------------------------
4243. void **sub_10005FC2()
4244. {
4245. void **v0; // esi
4246. _DWORD *v1; // eax
4247. _DWORD *v2; // edi
4248. int *v3; // eax
4249. int v4; // ebp
4250. int v5; // edx
4251.  
4252. if ( dword_10011B70 == -1 )
4253. {
4254. v0 = &off_10011B60;
4255. }
4256. else
4257. {
4258. v0 = (void **)HeapAlloc(hHeap, 0, 0x2020u);
4259. if ( !v0 )
4260. return 0;
4261. }
4262. v1 = VirtualAlloc(0, 0x400000u, 0x2000u, 4u);
4263. v2 = v1;
4264. if ( !v1 )
4265. {
4266. LABEL_19:
4267. if ( v0 != &off_10011B60 )
4268. HeapFree(hHeap, 0, v0);
4269. return 0;
4270. }
4271. if ( !VirtualAlloc(v1, 0x10000u, 0x1000u, 4u) )
4272. {
4273. VirtualFree(v2, 0, 0x8000u);
4274. goto LABEL_19;
4275. }
4276. if ( v0 == &off_10011B60 )
4277. {
4278. if ( !off_10011B60 )
4279. off_10011B60 = &off_10011B60;
4280. if ( !off_10011B64 )
4281. off_10011B64 = &off_10011B60;
4282. }
4283. else
4284. {
4285. *v0 = &off_10011B60;
4286. v0[1] = off_10011B64;
4287. off_10011B64 = v0;
4288. *(_DWORD *)v0[1] = v0;
4289. }
4290. v0[5] = v2 + 0x100000;
4291. v3 = (int *)(v0 + 6);
4292. v0[3] = v0 + 38;
4293. v0[4] = v2;
4294. v0[2] = v0 + 6;
4295. v4 = 0;
4296. do
4297. {
4298. v5 = v4++ >= 16 ? -1 : 240;
4299. *v3 = v5;
4300. v3[1] = 241;
4301. v3 += 2;
4302. }
4303. while ( v4 < 1024 );
4304. memset(v2, 0, 0x10000u);
4305. while ( v2 < (_DWORD *)((char *)v0[4] + 0x10000) )
4306. {
4307. *((_BYTE *)v2 + 248) = -1;
4308. *v2 = v2 + 2;
4309. v2[1] = 240;
4310. v2 += 1024;
4311. }
4312. return v0;
4313. }
4314. // 10011B60: using guessed type void *off_10011B60;
4315. // 10011B70: using guessed type int dword_10011B70;
4316.  
4317. //----- (10006106) --------------------------------------------------------
4318. void **__cdecl sub_10006106(void **lpMem)
4319. {
4320. void **result; // eax
4321.  
4322. result = (void **)VirtualFree(lpMem[4], 0, 0x8000u);
4323. if ( off_10013B80 == lpMem )
4324. {
4325. result = (void **)lpMem[1];
4326. off_10013B80 = result;
4327. }
4328. if ( lpMem == &off_10011B60 )
4329. {
4330. dword_10011B70 = -1;
4331. }
4332. else
4333. {
4334. *(_DWORD *)lpMem[1] = *lpMem;
4335. *((_DWORD *)*lpMem + 1) = lpMem[1];
4336. return (void **)HeapFree(hHeap, 0, lpMem);
4337. }
4338. return result;
4339. }
4340. // 10011B60: using guessed type void *off_10011B60;
4341. // 10011B70: using guessed type int dword_10011B70;
4342. // 10013B80: using guessed type void **off_10013B80;
4343.  
4344. //----- (1000615C) --------------------------------------------------------
4345. void __cdecl sub_1000615C(int a1)
4346. {
4347. _DWORD *v1; // esi
4348. _DWORD *v2; // edi
4349. int i; // ebx
4350. unsigned int v4; // eax
4351. _DWORD *v5; // ecx
4352. _DWORD *v6; // eax
4353. int j; // edx
4354. int v8; // [esp+Ch] [ebp-4h]
4355.  
4356. v1 = off_10011B64;
4357. do
4358. {
4359. if ( v1[4] != -1 )
4360. {
4361. v8 = 0;
4362. v2 = v1 + 2052;
4363. for ( i = 4190208; i >= 0; i -= 4096 )
4364. {
4365. if ( *v2 == 240 && VirtualFree((LPVOID)(v1[4] + i), 0x1000u, 0x4000u) )
4366. {
4367. *v2 = -1;
4368. --dword_10014954;
4369. v4 = v1[3];
4370. if ( !v4 || v4 > (unsigned int)v2 )
4371. v1[3] = v2;
4372. ++v8;
4373. if ( !--a1 )
4374. break;
4375. }
4376. v2 -= 2;
4377. }
4378. v5 = v1;
4379. v1 = (_DWORD *)v1[1];
4380. if ( v8 && v5[6] == -1 )
4381. {
4382. v6 = v5 + 8;
4383. for ( j = 1; j < 1024; ++j )
4384. {
4385. if ( *v6 != -1 )
4386. break;
4387. v6 += 2;
4388. }
4389. if ( j == 1024 )
4390. sub_10006106((void **)v5);
4391. }
4392. }
4393. }
4394. while ( v1 != off_10011B64 && a1 > 0 );
4395. }
4396. // 10014954: using guessed type int dword_10014954;
4397.  
4398. //----- (1000621E) --------------------------------------------------------
4399. unsigned int __cdecl sub_1000621E(unsigned int a1, void ***a2, unsigned int *a3)
4400. {
4401. void **v3; // ecx
4402.  
4403. v3 = &off_10011B60;
4404. while ( a1 <= (unsigned int)v3[4] || a1 >= (unsigned int)v3[5] )
4405. {
4406. v3 = (void **)*v3;
4407. if ( v3 == &off_10011B60 )
4408. return 0;
4409. }
4410. if ( (a1 & 0xF) == 0 && (a1 & 0xFFF) >= 0x100 )
4411. {
4412. *a2 = v3;
4413. *a3 = a1 & 0xFFFFF000;
4414. return ((int)(a1 - (a1 & 0xFFFFF000) - 256) >> 4) + (a1 & 0xFFFFF000) + 8;
4415. }
4416. return 0;
4417. }
4418. // 10011B60: using guessed type void *off_10011B60;
4419.  
4420. //----- (10006275) --------------------------------------------------------
4421. void __cdecl sub_10006275(int a1, int a2, _BYTE *a3)
4422. {
4423. _DWORD *v3; // eax
4424. bool v4; // zf
4425.  
4426. v3 = (_DWORD *)(a1 + 8 * ((a2 - *(_DWORD *)(a1 + 16)) >> 12) + 24);
4427. *v3 += (unsigned __int8)*a3;
4428. *a3 = 0;
4429. v4 = *v3 == 240;
4430. v3[1] = 241;
4431. if ( v4 && ++dword_10014954 == 32 )
4432. sub_1000615C(16);
4433. }
4434. // 10014954: using guessed type int dword_10014954;
4435.  
4436. //----- (100062BA) --------------------------------------------------------
4437. int __cdecl sub_100062BA(unsigned int a1)
4438. {
4439. void **v1; // esi
4440. void *v2; // edx
4441. unsigned int *v3; // edi
4442. int v4; // eax
4443. unsigned int v5; // ebx
4444. int result; // eax
4445. void **v7; // edi
4446. _DWORD *v8; // ebx
4447. _DWORD *v9; // eax
4448. _DWORD *i; // esi
4449. void **v11; // ecx
4450. _DWORD *v12; // eax
4451. void **v13; // eax
4452. bool v14; // cf
4453. void **v15; // eax
4454. _BYTE *v16; // ecx
4455. unsigned int Val; // [esp+Ch] [ebp-8h]
4456. int v18; // [esp+10h] [ebp-4h]
4457. int v19; // [esp+10h] [ebp-4h]
4458. int v20; // [esp+10h] [ebp-4h]
4459.  
4460. v1 = off_10013B80;
4461. do
4462. {
4463. v2 = v1[4];
4464. if ( v2 == (void *)-1 )
4465. {
4466. v5 = a1;
4467. }
4468. else
4469. {
4470. v3 = (unsigned int *)v1[2];
4471. v4 = (int)v2 + 4096 * (((char *)v3 - (char *)v1 - 24) >> 3);
4472. v18 = v4;
4473. if ( v3 < (unsigned int *)v1 + 2054 )
4474. {
4475. while ( 1 )
4476. {
4477. v5 = a1;
4478. if ( (int)*v3 >= (int)a1 && v3[1] > a1 )
4479. {
4480. result = sub_100064C2(v4, *v3, a1);
4481. if ( result )
4482. {
4483. LABEL_21:
4484. off_10013B80 = v1;
4485. *v3 -= v5;
4486. v1[2] = v3;
4487. return result;
4488. }
4489. v4 = v18;
4490. v3[1] = a1;
4491. }
4492. v3 += 2;
4493. v4 += 4096;
4494. v18 = v4;
4495. if ( v3 >= (unsigned int *)v1 + 2054 )
4496. goto LABEL_11;
4497. }
4498. }
4499. v5 = a1;
4500. LABEL_11:
4501. v3 = (unsigned int *)(v1 + 6);
4502. Val = (unsigned int)v1[2];
4503. v19 = (int)v1[4];
4504. if ( (unsigned int)(v1 + 6) < Val )
4505. {
4506. do
4507. {
4508. if ( (int)*v3 >= (int)v5 && v3[1] > v5 )
4509. {
4510. result = sub_100064C2(v19, *v3, v5);
4511. if ( result )
4512. goto LABEL_21;
4513. v3[1] = v5;
4514. }
4515. v19 += 4096;
4516. v3 += 2;
4517. }
4518. while ( (unsigned int)v3 < Val );
4519. }
4520. }
4521. v1 = (void **)*v1;
4522. }
4523. while ( v1 != off_10013B80 );
4524. v7 = &off_10011B60;
4525. while ( v7[4] == (void *)-1 || !v7[3] )
4526. {
4527. v7 = (void **)*v7;
4528. if ( v7 == &off_10011B60 )
4529. {
4530. v15 = sub_10005FC2();
4531. if ( v15 )
4532. {
4533. v16 = v15[4];
4534. v16[8] = v5;
4535. off_10013B80 = v15;
4536. *(_DWORD *)v16 = &v16[v5 + 8];
4537. *((_DWORD *)v16 + 1) = 240 - v5;
4538. v15[6] = (char *)v15[6] - (unsigned __int8)v5;
4539. return (int)(v16 + 256);
4540. }
4541. return 0;
4542. }
4543. }
4544. v8 = v7[3];
4545. v20 = 0;
4546. v9 = v8;
4547. for ( i = (char *)v7[4] + 4096 * (((char *)v8 - (char *)v7 - 24) >> 3); *v9 == -1; ++v20 )
4548. {
4549. if ( v20 >= 16 )
4550. break;
4551. v9 += 2;
4552. }
4553. if ( VirtualAlloc(i, v20 << 12, 0x1000u, 4u) != i )
4554. return 0;
4555. v11 = (void **)v8;
4556. if ( v20 > 0 )
4557. {
4558. v12 = i + 1;
4559. do
4560. {
4561. *((_BYTE *)v12 + 244) = -1;
4562. *(v12 - 1) = v12 + 1;
4563. *v12 = 240;
4564. *v11 = (void *)240;
4565. v11[1] = (void *)241;
4566. v12 += 1024;
4567. v11 += 2;
4568. --v20;
4569. }
4570. while ( v20 );
4571. }
4572. off_10013B80 = v7;
4573. v13 = v7 + 2054;
4574. while ( 1 )
4575. {
4576. v14 = v11 < v13;
4577. if ( v11 >= v13 )
4578. break;
4579. if ( *v11 == (void *)-1 )
4580. {
4581. v14 = v11 < v13;
4582. break;
4583. }
4584. v11 += 2;
4585. }
4586. v7[3] = v14 ? v11 : 0;
4587. *((_BYTE *)i + 8) = a1;
4588. v7[2] = v8;
4589. *v8 -= a1;
4590. i[1] -= a1;
4591. result = (int)(i + 64);
4592. *i = (char *)i + a1 + 8;
4593. return result;
4594. }
4595. // 10011B60: using guessed type void *off_10011B60;
4596. // 10013B80: using guessed type void **off_10013B80;
4597.  
4598. //----- (100064C2) --------------------------------------------------------
4599. int __cdecl sub_100064C2(int a1, unsigned int a2, unsigned int a3)
4600. {
4601. unsigned int v4; // esi
4602. _BYTE *v5; // edi
4603. unsigned int v6; // ebx
4604. _BYTE *v7; // eax
4605. _BYTE *v8; // eax
4606. _BYTE *v9; // esi
4607. _BYTE *v10; // ebx
4608. unsigned int v11; // esi
4609. _BYTE *v12; // esi
4610. _BYTE *v13; // ebx
4611. unsigned int v14; // eax
4612. _BYTE *v16; // [esp+Ch] [ebp-4h]
4613. unsigned int v17; // [esp+18h] [ebp+8h]
4614.  
4615. v4 = *(_DWORD *)(a1 + 4);
4616. v5 = *(_BYTE **)a1;
4617. v6 = a1 + 248;
4618. v16 = *(_BYTE **)a1;
4619. v7 = *(_BYTE **)a1;
4620. v17 = a1 + 248;
4621. if ( v4 >= a3 )
4622. {
4623. *v5 = a3;
4624. if ( (unsigned int)&v5[a3] >= v6 )
4625. {
4626. *(_DWORD *)(a1 + 4) = 0;
4627. *(_DWORD *)a1 = a1 + 8;
4628. }
4629. else
4630. {
4631. *(_DWORD *)a1 += a3;
4632. *(_DWORD *)(a1 + 4) -= a3;
4633. }
4634. v8 = v5 + 8;
4635. return 16 * (_DWORD)v8 - 15 * a1;
4636. }
4637. v9 = &v5[v4];
4638. if ( *v9 )
4639. v7 = v9;
4640. if ( (unsigned int)&v7[a3] >= v6 )
4641. {
4642. LABEL_20:
4643. v12 = (_BYTE *)(a1 + 8);
4644. while ( v12 < v5 && (unsigned int)&v12[a3] < v17 )
4645. {
4646. if ( *v12 )
4647. {
4648. v12 += (unsigned __int8)*v12;
4649. }
4650. else
4651. {
4652. v13 = v12 + 1;
4653. v14 = 1;
4654. while ( !*v13 )
4655. {
4656. ++v13;
4657. ++v14;
4658. }
4659. if ( v14 >= a3 )
4660. {
4661. if ( (unsigned int)&v12[a3] >= v17 )
4662. {
4663. *(_DWORD *)(a1 + 4) = 0;
4664. *(_DWORD *)a1 = a1 + 8;
4665. }
4666. else
4667. {
4668. *(_DWORD *)a1 = &v12[a3];
4669. *(_DWORD *)(a1 + 4) = v14 - a3;
4670. }
4671. *v12 = a3;
4672. v8 = v12 + 8;
4673. return 16 * (_DWORD)v8 - 15 * a1;
4674. }
4675. a2 -= v14;
4676. if ( a2 < a3 )
4677. return 0;
4678. v12 = v13;
4679. }
4680. }
4681. return 0;
4682. }
4683. while ( *v7 )
4684. {
4685. v7 += (unsigned __int8)*v7;
4686. LABEL_19:
4687. if ( (unsigned int)&v7[a3] >= v17 )
4688. goto LABEL_20;
4689. }
4690. v10 = v7 + 1;
4691. v11 = 1;
4692. while ( !*v10 )
4693. {
4694. ++v10;
4695. ++v11;
4696. }
4697. if ( v11 < a3 )
4698. {
4699. if ( v7 == v16 )
4700. {
4701. *(_DWORD *)(a1 + 4) = v11;
4702. }
4703. else
4704. {
4705. a2 -= v11;
4706. if ( a2 < a3 )
4707. return 0;
4708. }
4709. v5 = v16;
4710. v7 = v10;
4711. goto LABEL_19;
4712. }
4713. if ( (unsigned int)&v7[a3] >= v17 )
4714. {
4715. *(_DWORD *)(a1 + 4) = 0;
4716. *(_DWORD *)a1 = a1 + 8;
4717. }
4718. else
4719. {
4720. *(_DWORD *)a1 = &v7[a3];
4721. *(_DWORD *)(a1 + 4) = v11 - a3;
4722. }
4723. *v7 = a3;
4724. v8 = v7 + 8;
4725. return 16 * (_DWORD)v8 - 15 * a1;
4726. }
4727.  
4728. //----- (100076E9) --------------------------------------------------------
4729. void __thiscall __noreturn sub_100076E9(EXCEPTION_POINTERS *this)
4730. {
4731. int v1; // [esp-Ch] [ebp-24h] BYREF
4732. CPPEH_RECORD ms_exc; // [esp+0h] [ebp-18h]
4733.  
4734. ms_exc.registration.ScopeTable = stru_1000C2E8;
4735. ms_exc.registration.ExceptionHandler = _except_handler3;
4736. ms_exc.registration.Next = (struct _EH3_EXCEPTION_REGISTRATION *)NtCurrentTeb()->NtTib.ExceptionList;
4737. ms_exc.exc_ptr = this;
4738. ms_exc.old_esp = (DWORD)&v1;
4739. ms_exc.registration.TryLevel = 0;
4740. if ( off_10013C74 )
4741. {
4742. ms_exc.registration.TryLevel = 1;
4743. off_10013C74();
4744. }
4745. ms_exc.registration.TryLevel = -1;
4746. terminate();
4747. }
4748. // 1000C2E8: using guessed type _SCOPETABLE_ENTRY stru_1000C2E8[2];
4749. // 10013C74: using guessed type void (__cdecl __noreturn *off_10013C74)();
4750.  
4751. //----- (10007EDE) --------------------------------------------------------
4752. int *__cdecl sub_10007EDE(DWORD NumberOfBytesWritten)
4753. {
4754. int v1; // ecx
4755. int *result; // eax
4756. int v3; // esi
4757. char *v4; // edi
4758. const char **v5; // esi
4759. HANDLE StdHandle; // eax
4760. const char *v7; // [esp-14h] [ebp-1B8h]
4761. DWORD v8; // [esp-10h] [ebp-1B4h]
4762. DWORD *p_NumberOfBytesWritten; // [esp-Ch] [ebp-1B0h]
4763. int v10; // [esp-8h] [ebp-1ACh]
4764. CHAR Filename[260]; // [esp+0h] [ebp-1A4h] BYREF
4765. char Destination[160]; // [esp+104h] [ebp-A0h] BYREF
4766. int savedregs; // [esp+1A4h] [ebp+0h] BYREF
4767.  
4768. v1 = 0;
4769. result = dword_10013CA0;
4770. do
4771. {
4772. if ( NumberOfBytesWritten == *result )
4773. break;
4774. result += 2;
4775. ++v1;
4776. }
4777. while ( result < &dword_10013D30 );
4778. v3 = 2 * v1;
4779. if ( NumberOfBytesWritten == dword_10013CA0[2 * v1] )
4780. {
4781. result = (int *)dword_1001494C;
4782. if ( dword_1001494C == 1 || !dword_1001494C && dword_10014950 == 1 )
4783. {
4784. v5 = (const char **)&(&off_10013CA4)[v3];
4785. v10 = 0;
4786. p_NumberOfBytesWritten = &NumberOfBytesWritten;
4787. v8 = strlen(*v5);
4788. v7 = *v5;
4789. StdHandle = GetStdHandle(0xFFFFFFF4);
4790. return (int *)WriteFile(StdHandle, v7, v8, &NumberOfBytesWritten, 0);
4791. }
4792. else if ( NumberOfBytesWritten != 252 )
4793. {
4794. if ( !GetModuleFileNameA(0, Filename, 0x104u) )
4795. strcpy(Filename, "<program name unknown>");
4796. v4 = Filename;
4797. if ( strlen(Filename) + 1 > 0x3C )
4798. {
4799. v4 = (char *)&savedregs + strlen(Filename) - 479;
4800. strncpy(v4, "...", 3u);
4801. }
4802. strcpy(Destination, "Runtime Error!\n\nProgram: ");
4803. strcat(Destination, v4);
4804. strcat(Destination, "\n\n");
4805. strcat(Destination, (&off_10013CA4)[v3]);
4806. return (int *)__crtMessageBoxA(Destination, "Microsoft Visual C++ Runtime Library", 73744);
4807. }
4808. }
4809. return result;
4810. }
4811. // 10009B45: using guessed type _DWORD __cdecl __crtMessageBoxA(_DWORD, _DWORD, _DWORD);
4812. // 10013CA0: using guessed type int dword_10013CA0[];
4813. // 10013CA4: using guessed type char *off_10013CA4;
4814. // 10013D30: using guessed type int dword_10013D30;
4815. // 1001494C: using guessed type int dword_1001494C;
4816. // 10014950: using guessed type int dword_10014950;
4817.  
4818. //----- (10008DF3) --------------------------------------------------------
4819. int __cdecl sub_10008DF3(int a1, int a2)
4820. {
4821. return _ld12cvt(a1, a2, &unk_10013F48);
4822. }
4823. // 10008C87: using guessed type _DWORD __cdecl _ld12cvt(_DWORD, _DWORD, _DWORD);
4824.  
4825. //----- (10008E09) --------------------------------------------------------
4826. int __cdecl sub_10008E09(int a1, int a2)
4827. {
4828. return _ld12cvt(a1, a2, &unk_10013F60);
4829. }
4830. // 10008C87: using guessed type _DWORD __cdecl _ld12cvt(_DWORD, _DWORD, _DWORD);
4831.  
4832. //----- (10008E1F) --------------------------------------------------------
4833. int __cdecl sub_10008E1F(int a1, int a2)
4834. {
4835. char v3[12]; // [esp+0h] [ebp-Ch] BYREF
4836.  
4837. __strgtold12(v3, &a2, a2, 0, 0, 0, 0);
4838. return sub_10008DF3((int)v3, a1);
4839. }
4840. // 1000A40A: using guessed type _DWORD __cdecl __strgtold12(_DWORD, _DWORD, _DWORD, _DWORD, _DWORD, _DWORD, _DWORD);
4841.  
4842. //----- (10008E4C) --------------------------------------------------------
4843. int __cdecl sub_10008E4C(int a1, int a2)
4844. {
4845. char v3[12]; // [esp+0h] [ebp-Ch] BYREF
4846.  
4847. __strgtold12(v3, &a2, a2, 0, 0, 0, 0);
4848. return sub_10008E09((int)v3, a1);
4849. }
4850. // 1000A40A: using guessed type _DWORD __cdecl __strgtold12(_DWORD, _DWORD, _DWORD, _DWORD, _DWORD, _DWORD, _DWORD);
4851.  
4852. //----- (100091CA) --------------------------------------------------------
4853. LONG (__stdcall *sub_100091CA())(struct _EXCEPTION_POINTERS *ExceptionInfo)
4854. {
4855. LONG (__stdcall *result)(struct _EXCEPTION_POINTERS *); // eax
4856.  
4857. result = SetUnhandledExceptionFilter(__CxxUnhandledExceptionFilter);
4858. lpfn = result;
4859. return result;
4860. }
4861.  
4862. //----- (100091DB) --------------------------------------------------------
4863. LPTOP_LEVEL_EXCEPTION_FILTER sub_100091DB()
4864. {
4865. return SetUnhandledExceptionFilter(lpfn);
4866. }
4867.  
4868. //----- (100092C4) --------------------------------------------------------
4869. int __cdecl sub_100092C4(int a1, int a2)
4870. {
4871. unsigned int v2; // esi
4872. int result; // eax
4873. void *v4; // [esp+14h] [ebp-20h]
4874. size_t v5; // [esp+18h] [ebp-1Ch]
4875.  
4876. v2 = a2 * a1;
4877. v5 = a2 * a1;
4878. if ( (unsigned int)(a2 * a1) <= 0xFFFFFFE0 )
4879. {
4880. if ( !v2 )
4881. v2 = 1;
4882. v2 = (v2 + 15) & 0xFFFFFFF0;
4883. }
4884. while ( 1 )
4885. {
4886. v4 = 0;
4887. if ( v2 <= 0xFFFFFFE0 )
4888. {
4889. if ( dword_10015034 == 3 )
4890. {
4891. if ( v5 > dword_1001502C )
4892. goto LABEL_14;
4893. _lock(9);
4894. v4 = (void *)__sbh_alloc_block(v5);
4895. _unlock(9);
4896. if ( v4 )
4897. {
4898. memset(v4, 0, v5);
4899. goto LABEL_14;
4900. }
4901. LABEL_15:
4902. v4 = HeapAlloc(hHeap, 8u, v2);
4903. goto LABEL_16;
4904. }
4905. if ( dword_10015034 == 2 && v2 <= dword_10013B84 )
4906. {
4907. _lock(9);
4908. v4 = (void *)sub_100062BA(v2 >> 4);
4909. _unlock(9);
4910. if ( !v4 )
4911. goto LABEL_15;
4912. memset(v4, 0, v2);
4913. }
4914. LABEL_14:
4915. if ( v4 )
4916. return (int)v4;
4917. goto LABEL_15;
4918. }
4919. LABEL_16:
4920. if ( v4 || !dword_100149B8 )
4921. return (int)v4;
4922. result = _callnewh(v2);
4923. if ( !result )
4924. return result;
4925. }
4926. }
4927. // 10005B0D: using guessed type _DWORD __cdecl __sbh_alloc_block(_DWORD);
4928. // 1000667B: using guessed type _DWORD __cdecl _lock(_DWORD);
4929. // 100066DC: using guessed type _DWORD __cdecl _unlock(_DWORD);
4930. // 10013B84: using guessed type int dword_10013B84;
4931. // 1001502C: using guessed type int dword_1001502C;
4932. // 10015034: using guessed type int dword_10015034;
4933.  
4934. // nfuncs=300 queued=116 decompiled=116 lumina nreq=0 worse=0 better=0
4935. // ALL OK, 116 function(s) have been successfully decompiled
4936.