📄 modpcode4.bas
字号:
Base& = pePcodeHeader.ImageBase
ReDim File(Base To Base + PESize)
ReDim Map(Base To Base + PESize)
ReDim SubName(Base To Base + PESize)
ReDim RefName(Base To Base + PESize)
For a = 0 To pePcodeHeader.NumObjects - 1
If ObjTable(a).PhysicalSize > 0 Then
Seek #1, ObjTable(a).PhysicalOffset + 1
t() = InputB(ObjTable(a).PhysicalSize, #1)
l& = ObjTable(a).SectionRVA + Base
CopyMemory File(l), t(0), ObjTable(a).PhysicalSize
End If
Next
Close #1
i& = 0
CopyMemory ImpTab(0), File(pePcodeHeader.ImportTableRVA + Base), pePcodeHeader.ImportDataSize
Do While ImpTab(i).LookUpRVA <> 0
func = ImpTab(i).LookUpRVA + Base
tmp = Hex(func)
libname = FileZ(Base + ImpTab(i).NameRVA)
addrtab = ImpTab(i).AddressTableRVA + Base
Do While File32(func) > 0 And File32(func) < PESize
fname = FileZ(File32(func) + Base + 2)
SubName(addrtab) = libname + "." + fname
addrtab = addrtab + 4
func = func + 4
Loop
i = i + 1
Loop
End Sub
Sub LoadPcode()
Dim a&
Table1 = File32(pePcodeHeader.EntryPointRVA + Base + 1)
Table3 = File32(Table1 + &H30)
RecTable = File32(Table3 + 4)
CopyMemory RecordTable, File(RecTable), Len(RecordTable)
For a = 0 To RecordTable.Len - 1
CopyMemory Record(a), File(RecordTable.RecAddr + &H30 * a), &H30
RecordNames(a) = FileZ(Record(a).ModName)
Next
End Sub
Function DecompileProc$(addr&)
'*****************************
'Purpose: Decompile a P-Code procedure from a CodeInfo address
'*****************************
Dim i&, t&, t2&, u$, m As OpcodeType, a&, q$
Dim pd As ProcDscInfo, output$, pc&, pass&, sp$, sr&
Dim tt As TableInfo, tt2 As TableInfo
'On Error Resume Next
sp$ = Space$(14)
CopyMemory pd, File(addr), Len(pd)
CopyMemory tt, File(pd.table), Len(tt)
pc = addr - pd.ProcSize
'pc = 4198804
output = Hex(pc) + " " + FastName("proc", addr) + ":" + Chr(13) + Chr(10)
For pass = 0 To 1
i = pc
Do
If HasRef(i) And pass Then
output = output + Chr(13) + Chr(10) + Hex(i) + " " + FastName("loc", i) + ":"
output = output + Chr(9) + Chr(9) + Chr(9) + "; " + RefName(i) + Chr(13) + Chr(10)
End If
u = Hex(i) + sp
AddMap i
t = File(i)
i = i + 1
u$ = u + MakeHex(t)
Select Case t
Case &HFB To &HFF
AddMap i
t2 = File(i)
i = i + 1
u$ = u$ + MakeHex(t2)
m = Opcode(t - &HFB + 1, t2)
Case Else
m = Opcode(0, t)
End Select
u$ = u$ + " "
If m.Size > 0 Then
For a = 1 To m.Size - 1
u = u + MakeHex(0 + File(i + a - 1))
Next
End If
u = Left(u$ + Space(32), 38)
If m.Size > 0 Then
u = u + Chr(9)
Else
u = u + Chr(9)
q$ = ""
t = File16(i)
i = i + 2
If t < 48 Then
For a = 0 To t - 2 Step 2
t2 = File16(i + a)
u = u + MakeArg(t2) + " "
Next
i = i + t
End If
End If
Select Case m.flag
Case std
u = u + ConvertStr(m.Mnemonic, i, tt.ConstPool, tt.ConstPool, pc)
Case idx
u = u + ConvertStr(m.Mnemonic, i, sr, tt.ConstPool, pc)
Case none
u = u + (m.Mnemonic)
Case Else
u = u + m.Mnemonic + " ???"
End Select
u = u + Chr(13) + Chr(10)
If pass Then output = output + u
If m.Size > 0 Then i = i + m.Size - 1
Loop While i < addr
Next
DecompileProc = output
End Function
Function ConvertStr(mnem$, addr&, pool&, origpool&, ProcPC&)
'Arguement Type
Dim a&, c$, t&, u$, i&, j&
i = addr
For a = 1 To Len(mnem)
c = Mid(mnem, a, 1)
If c <> "%" Then
u = u + c
Else
a = a + 1
c = Mid(mnem, a, 1)
Select Case c
Case "a"
t = File16(i)
u = u + MakeArg(t)
i = i + 2
Case "c"
t = File32(File16(i) * 4 + pool)
u = u + MakeAddr(t)
i = i + 2
Case "e"
t = File32(File16(i) * 4 + pool) + File16(i + 2)
u = u + MakeAddr(t)
i = i + 4
Case "s"
t = File32(File16(i) * 4 + pool)
u = u + FastName("v", t) + " '" + FileW(t) + "' "
i = i + 2
Case "l"
t = ProcPC + File16(i)
u = u + FastName("loc", t)
AddRef t, i - 1
i = i + 2
Case "1", "2", "4"
For j = 1 To Val(c)
u = u + MakeHex(File(i + Val(c) - j))
Next
i = i + Val(c)
Case "t"
t = File32(File16(i) * 4 + origpool)
u = u + FastName("xxx", t)
pool = t
Case Else
u = u + c
End Select
End If
Next
ConvertStr = u
End Function
Function MakeArg$(t&)
If t < 0 Then
MakeArg = "var_" + Hex(-t)
Else
MakeArg = "arg_" + Hex(t)
End If
End Function
Sub Init0()
MakeOpcode 0, &H0, 2, 0, "LargeBos"
MakeOpcode 0, &H1, 0, 0, "---"
MakeOpcode 0, &H2, 2, 0, "LargeBos"
MakeOpcode 0, &H3, 0, 0, "---"
MakeOpcode 0, &H4, 3, std, "lea %a"
MakeOpcode 0, &H5, 3, std, "lea %c"
MakeOpcode 0, &H6, 3, 0, "MemLdRfVar"
MakeOpcode 0, &H7, 5, 0, "FMemLdRf"
MakeOpcode 0, &H8, 3, std, "mov SR,%a"
MakeOpcode 0, &H9, 5, std, "call %c(%a)"
MakeOpcode 0, &HA, 5, std, "call %c(%a)"
MakeOpcode 0, &HB, 5, std, "call %c(%a)"
MakeOpcode 0, &HC, 5, std, "call %c(%a)"
MakeOpcode 0, &HD, 5, std, "call %c(%c)"
MakeOpcode 0, &HE, 3, 0, "VCallFPR8"
MakeOpcode 0, &HF, 3, 0, "VCallAd"
MakeOpcode 0, &H10, 5, 0, "ThisVCallHresult"
MakeOpcode 0, &H11, 3, 0, "ThisVCall"
MakeOpcode 0, &H12, 3, 0, "ThisVCallAd"
MakeOpcode 0, &H13, 1, none, "ret"
MakeOpcode 0, &H14, 1, none, "ret"
MakeOpcode 0, &H15, 1, none, "retw"
MakeOpcode 0, &H16, 1, none, "retf"
MakeOpcode 0, &H17, 1, none, "retf8"
MakeOpcode 0, &H18, 1, none, "retc"
MakeOpcode 0, &H19, 3, 0, "FStAdFunc"
MakeOpcode 0, &H1A, 3, 0, "FFree1Ad"
MakeOpcode 0, &H1B, 3, std, "lea %s"
MakeOpcode 0, &H1C, 3, std, "jnz %l"
MakeOpcode 0, &H1D, 3, std, "jz %l"
MakeOpcode 0, &H1E, 3, std, "jmp %l"
MakeOpcode 0, &H1F, 3, std, "CRec2Ansi %2"
MakeOpcode 0, &H20, 3, 0, "CRec2Uni"
MakeOpcode 0, &H21, 1, none, "FLdPrThis"
MakeOpcode 0, &H22, 3, std, "push [%c]"
MakeOpcode 0, &H23, 3, 0, "FStStrNoPop"
MakeOpcode 0, &H24, 3, idx, "newnull %t"
MakeOpcode 0, &H25, 1, none, "PopAdLdVar"
MakeOpcode 0, &H26, 3, 0, "AryDescTemp"
MakeOpcode 0, &H27, 3, 0, "LitVar_Missing"
MakeOpcode 0, &H28, 5, 0, "mov %a,%2"
MakeOpcode 0, &H29, -1, none, "FFreeAd:"
MakeOpcode 0, &H2A, 1, none, "ConcatStr"
MakeOpcode 0, &H2B, 3, 0, "PopTmpLdAd2"
MakeOpcode 0, &H2C, 5, 0, "LateIdSt"
MakeOpcode 0, &H2D, 3, 0, "AryUnlock"
MakeOpcode 0, &H2E, 3, 0, "AryLock"
MakeOpcode 0, &H2F, 3, 0, "FFree1Str"
MakeOpcode 0, &H30, 3, 0, "PopTmpLdAd8"
MakeOpcode 0, &H31, 3, 0, "FStStr"
MakeOpcode 0, &H32, -1, none, "FFreeStr"
MakeOpcode 0, &H33, 3, std, "lea %s"
MakeOpcode 0, &H34, 1, none, "CStr2Ansi"
MakeOpcode 0, &H35, 3, 0, "FFree1Var"
MakeOpcode 0, &H36, -1, none, "FFreeVar"
MakeOpcode 0, &H37, 1, none, "PopFPR4"
MakeOpcode 0, &H38, 3, 0, "CopyBytes"
MakeOpcode 0, &H39, 1, none, "PopFPR8"
MakeOpcode 0, &H3A, 5, 0, "LitVarStr"
MakeOpcode 0, &H3B, 1, none, "Ary1StStrCopy"
MakeOpcode 0, &H3C, 1, none, "SetLastSystemError"
MakeOpcode 0, &H3D, 3, 0, "CastAd"
MakeOpcode 0, &H3E, 3, 0, "FLdZeroAd"
MakeOpcode 0, &H3F, 3, 0, "CVarCy"
MakeOpcode 0, &H40, 1, none, "Ary1LdRf"
MakeOpcode 0, &H41, 1, none, "Ary1LdPr"
MakeOpcode 0, &H42, 1, none, "CR4Var"
MakeOpcode 0, &H43, 3, std, "strcpy %a"
MakeOpcode 0, &H44, 3, 0, "CVarI2"
MakeOpcode 0, &H45, 1, none, "Error"
MakeOpcode 0, &H46, 3, 0, "CVarStr"
MakeOpcode 0, &H47, 3, std, "StFixedStr %s"
MakeOpcode 0, &H48, 3, 0, "ILdPr"
MakeOpcode 0, &H49, 1, none, "PopAdLd4"
MakeOpcode 0, &H4A, 1, none, "strlen"
MakeOpcode 0, &H4B, 3, std, "OnErrorGoto %l"
MakeOpcode 0, &H4C, 1, none, "FnLBound"
MakeOpcode 0, &H4D, 5, 0, "CVarRef:"
MakeOpcode 0, &H4E, 3, 0, "FStVarCopyObj"
MakeOpcode 0, &H4F, 3, 0, "MidStr"
MakeOpcode 0, &H50, 1, none, "CI4Str"
MakeOpcode 0, &H51, 3, 0, "FLdZeroAd"
MakeOpcode 0, &H52, 1, none, "Ary1StVar"
MakeOpcode 0, &H53, 1, none, "CBoolCy"
MakeOpcode 0, &H54, 5, 0, "FMemStStrCopy"
MakeOpcode 0, &H55, 1, none, "CI2Var"
MakeOpcode 0, &H56, 3, 0, "NewIfNullAd"
MakeOpcode 0, &H57, 5, 0, "LateMemLdVar"
MakeOpcode 0, &H58, 3, 0, "MemLdPr"
MakeOpcode 0, &H59, 3, 0, "PopTmpLdAdStr"
MakeOpcode 0, &H5A, 1, none, "Erase"
MakeOpcode 0, &H5B, 3, 0, "FStAdFuncNoPop"
MakeOpcode 0, &H5C, 3, 0, "BranchFVar"
MakeOpcode 0, &H5D, 1, none, "HardType"
MakeOpcode 0, &H5E, 5, std, "call %c(%a)"
MakeOpcode 0, &H5F, 5, 0, "FMemLdPr"
MakeOpcode 0, &H60, 1, none, "CStrVarTmp"
MakeOpcode 0, &H61, 7, 0, "LateIdLdVar"
MakeOpcode 0, &H62, 3, 0, "IStDarg"
MakeOpcode 0, &H63, 3, 0, "LitVar_TRUE"
MakeOpcode 0, &H64, 5, 0, "NextI2:"
MakeOpcode 0, &H65, 5, 0, "NextStepI2:"
MakeOpcode 0, &H66, 5, 0, "NextI4:"
MakeOpcode 0, &H67, 5, 0, "NextStepI4:"
MakeOpcode 0, &H68, 5, 0, "NextStepR4:"
MakeOpcode 0, &H69, 5, 0, "NextStepR8:"
MakeOpcode 0, &H6A, 5, 0, "NextStepCy"
MakeOpcode 0, &H6B, 3, std, "push [%a]"
MakeOpcode 0, &H6C, 3, std, "push [%a]"
MakeOpcode 0, &H6D, 3, 0, "push"
MakeOpcode 0, &H6E, 3, 0, "FLdFPR4"
MakeOpcode 0, &H6F, 3, 0, "FLdFPR8"
MakeOpcode 0, &H70, 3, std, "pop [%a]"
MakeOpcode 0, &H71, 3, std, "pop [%a]"
MakeOpcode 0, &H72, 3, 0, "FStR8"
MakeOpcode 0, &H73, 3, 0, "FStFPR4"
MakeOpcode 0, &H74, 3, 0, "FStFPR8"
MakeOpcode 0, &H75, 3, 0, "ImpAdLdI2"
MakeOpcode 0, &H76, 3, std, "push [%c]"
MakeOpcode 0, &H77, 3, std, "ImpAdLdCy %c"
MakeOpcode 0, &H78, 3, std, "ImpAdLdFPR4 %c"
MakeOpcode 0, &H79, 3, std, "ImpAdLdFPR8 %c"
MakeOpcode 0, &H7A, 3, std, "ImpAdStI2 %c"
MakeOpcode 0, &H7B, 3, std, "ImpAdStR4 %c"
MakeOpcode 0, &H7C, 3, std, "ImpAdStCy %c"
MakeOpcode 0, &H7D, 3, std, "ImpAdStFPR4 %c"
MakeOpcode 0, &H7E, 3, std, "ImpAdStFPR8 %c"
MakeOpcode 0, &H7F, 3, std, "ILdI2 %c"
MakeOpcode 0, &H80, 3, std, "ILdI4 %c"
MakeOpcode 0, &H81, 3, std, "ILdR8 %c"
MakeOpcode 0, &H82, 3, std, "ILdFPR4 %c"
MakeOpcode 0, &H83, 3, std, "ILdFPR8 %c"
MakeOpcode 0, &H84, 3, std, "IStI2 %c"
MakeOpcode 0, &H85, 3, std, "IStI4 %c"
MakeOpcode 0, &H86, 3, 0, "IStR8"
MakeOpcode 0, &H87, 3, 0, "IStFPR4"
MakeOpcode 0, &H88, 3, 0, "IStFPR8"
MakeOpcode 0, &H89, 3, idx, "push [%2+SR]"
MakeOpcode 0, &H8A, 3, 0, "MemLdStr"
MakeOpcode 0, &H8B, 3, 0, "MemLdR8"
MakeOpcode 0, &H8C, 3, 0, "MemLdFPR4"
MakeOpcode 0, &H8D, 3, 0, "MemLdFPR8"
MakeOpcode 0, &H8E, 3, 0, "MemStI2"
MakeOpcode 0, &H8F, 3, 0, "MemStI4"
MakeOpcode 0, &H90, 3, 0, "MemStR8"
MakeOpcode 0, &H91, 3, 0, "MemStFPR4"
MakeOpcode 0, &H92, 3, 0, "MemStFPR8"
MakeOpcode 0, &H93, 5, 0, "FMemLdI2"
MakeOpcode 0, &H94, 5, 0, "FMemLdR4"
MakeOpcode 0, &H95, 5, 0, "FMemLdCy"
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -