加載 WCP
功能:
加載WCP.DLL,初始化幾個函數:
//----- (1008CBD0)--------------------------------------------------------
signed int __userpurge WcpLoad@<eax>(
const unsigned__int16 *a1@<ecx>,
const unsigned__int16 *a2,
int a3,
HINSTANCE *a4)
{
lpLibFileName = 0;
v4 =a1;
v5 =0;
v6 =wcslen(v4);
if (v6 == -8 )
{
v8 =0;
}
else
{
v5 =v6 + 8;
v7 =operator new(2 * (v6 + 8) + 4);
*v7= 0;
v8 =(WCHAR *)(v7 + 4);
*(_DWORD *)v7 = v5;
lpLibFileName = v8;
*v8= 0;
}
v9 =0;
v10 =v5;
while (*v8 )
{
++v8;
if (!--v10 )
goto LABEL_65;
}
if (!v10 )
{
LABEL_65:
v9 =-2147024809;
LABEL_66:
v11 =0;
goto LABEL_13;
}
v11 =v5 - v10;
LABEL_13:
if (v9 < 0)
goto LABEL_119;
v46 =0;
v12 =(char *)&lpLibFileName[v11];
v13 =v5 - v11;
if (v5 == v11 )
goto LABEL_67;
v14 =v11 + v13 -v5 + 2147483646;
v15 =(char *)v4 -v12;
while (v14 )
{
v16 =*(_WORD*)&v12[v15];
if (!v16 )
break;
*(_WORD *)v12 =v16;
--v14;
v12 +=2;
if (!--v13 )
goto LABEL_67;
}
if (v13 )
{
v9 =v46;
}
else
{
LABEL_67:
v12 -=2;
v9 =-2147024774;
}
*(_WORD *)v12 = 0;
if (v9 < 0)
{
LABEL_119:
CBSWdsLog(0x4000000u,v9, 1, "Failed toconcat string.");
v18 =lpLibFileName;
goto LABEL_42;
}
v17 =0;
v46 =0;
if (!v5 ||v5 > 0x7FFFFFFF)
{
v17 =-2147024809;
v46 =-2147024809;
}
v18 =lpLibFileName;
if (v17 < 0)
goto LABEL_71;
v17 =0;
v19 =v5;
v46 =0;
v20 =lpLibFileName;
if (!v5 )
goto LABEL_70;
while (*v20 )
{
++v20;
if (!--v19 )
goto LABEL_70;
}
if (!v19 )
{
LABEL_70:
v17 =-2147024809;
v46 =-2147024809;
LABEL_71:
v21 =0;
goto LABEL_32;
}
v21 =v5 - v19;
LABEL_32:
if (v17 >= 0)
{
v46 =0;
v22 =(char *)&lpLibFileName[v21];
v23 =v5 - v21;
if (v5 == v21 )
goto LABEL_72;
v24 =v21 + v23 -v5 + 2147483646;
v25 =(char *)((char *)L"wcp.dll"- v22);
while (v24 )
{
v26 =*(_WORD*)&v25[(_DWORD)v22];
if (!v26 )
break;
*(_WORD *)v22 =v26;
--v24;
v22 +=2;
if (!--v23 )
goto LABEL_72;
}
if (!v23 )
{
LABEL_72:
v22 -=2;
v46 =-2147024774;
}
v18 =lpLibFileName;
*(_WORD *)v22 = 0;
}
v9 =v46;
// v28 v29 是 wcp.dll 的執行個體句柄
v28 =LoadLibraryW(v18);
v29 =v28;
vpfnSetIsolationIMalloc = GetProcAddress(v28,"SetIsolationIMalloc");
vpfnGetIdentityAuthority = GetProcAddress(v29,"GetIdentityAuthority");
vpfnGetSystemStore = GetProcAddress(v29,"GetSystemStore");
vpfnOpenExistingOfflineStore = GetProcAddress(v29,"OpenExistingOfflineStore");
vpfnWcpInitialize = GetProcAddress(v29,"WcpInitialize");
vpfnWcpShutdown = GetProcAddress(v29,"WcpShutdown");
vpfnWcpSetHelperCallback = (__int32(__stdcall *)(struct ICBSHelper *))GetProcAddress(v29, "WcpSetHelperCallback");
vpfnWcpSetHelperCallback((struct ICBSHelper *)&vCsiHelper);
v32 =(int (__stdcall*)(int*))vpfnWcpInitialize;
if (!vpfnWcpInitialize || gulpWcpCookie )
{
LABEL_56:
hLibModule =v29;
goto LABEL_57;
}
v46 =0;
v33 = vpfnWcpInitialize(&v46);
v27 =v33;
if (_InterlockedCompareExchange((volatile signed__int32 *)&gulpWcpCookie,v46, 0) )
{
v43 =v46;
vpfnWcpShutdown (v43);
}
LABEL_57:
if (lpLibFileName )
operator delete((void *)(lpLibFileName -2));
return v27;
}
// 100023C0: using guessed type wchar_taWcp_dll[8];
// 1019B5BC: using guessed type __int32 (__stdcall*vpfnWcpSetHelperCallback)(struct ICBSHelper *);
// 1019B8A0: using guessed type int vCsiHelper;
// 1019BA9C: using guessed type unsigned __int32gulpWcpCookie;
![淺談軟體測試人員的職業發展之路[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)