utilrtns.cod

James Antognini和Tom Divine提供的PASSTHRU的编成实例。

; 84   :       ulCurrBfr = 0;                                  // Force search for next buffer.

  001b8	c7 45 f0 00 00
	00 00		 mov	 DWORD PTR _ulCurrBfr$[ebp], 0

; 85   :      }                                                // End 'while' copy bytes to output buffer.

  001bf	e9 74 ff ff ff	 jmp	 $L16053
$Done$16021:

; 86   : 
; 87   : Done:
; 88   :   ;
; 89   : }

  001c4	5f		 pop	 edi
  001c5	5e		 pop	 esi
  001c6	8b e5		 mov	 esp, ebp
  001c8	5d		 pop	 ebp
  001c9	c2 10 00	 ret	 16			; 00000010H
_GetPktPayload@16 ENDP
_TEXT	ENDS
PUBLIC	_DumpLine@16
EXTRN	_DbgPrint:NEAR
;	COMDAT _DumpLine@16
_TEXT	SEGMENT
$SG16074 DB	'0123456789ABCDEF', 00H
	ORG $+3
$SG16081 DB	'%p: ', 00H
$SG16083 DB	00H
	ORG $+2
$SG16090 DB	'%-*s|%-*s|', 0aH, 00H
; Function compile flags: /Odt
tv87 = -92
_szHex$ = -88
_ulGrouped$ = -36
_pszAscii$ = -32
_pszHex$ = -28
_pszDigits$ = -24
_szAscii$ = -20
_p$ = 8
_cb$ = 12
_fAddress$ = 16
_ulGroup$ = 20
_DumpLine@16 PROC NEAR					; COMDAT

; 108  : {

  00028	55		 push	 ebp
  00029	8b ec		 mov	 ebp, esp
  0002b	83 ec 5c	 sub	 esp, 92			; 0000005cH

; 109  : 
; 110  :     CHAR * pszDigits = "0123456789ABCDEF";

  0002e	c7 45 e8 00 00
	00 00		 mov	 DWORD PTR _pszDigits$[ebp], OFFSET FLAT:$SG16074

; 111  :     CHAR   szHex[ ((2 + 1) * DUMP_BytesPerLine) + 1 ];
; 112  :     CHAR * pszHex = szHex;

  00035	8d 45 a8	 lea	 eax, DWORD PTR _szHex$[ebp]
  00038	89 45 e4	 mov	 DWORD PTR _pszHex$[ebp], eax

; 113  :     CHAR   szAscii[ DUMP_BytesPerLine + 1 ];
; 114  :     CHAR * pszAscii = szAscii;

  0003b	8d 4d ec	 lea	 ecx, DWORD PTR _szAscii$[ebp]
  0003e	89 4d e0	 mov	 DWORD PTR _pszAscii$[ebp], ecx

; 115  :     ULONG  ulGrouped = 0;

  00041	c7 45 dc 00 00
	00 00		 mov	 DWORD PTR _ulGrouped$[ebp], 0

; 116  : 
; 117  :     if (fAddress) 

  00048	0f b6 55 10	 movzx	 edx, BYTE PTR _fAddress$[ebp]
  0004c	85 d2		 test	 edx, edx
  0004e	74 13		 je	 SHORT $L16080

; 118  :     {
; 119  :         DbgPrint( "%p: ", p );

  00050	8b 45 08	 mov	 eax, DWORD PTR _p$[ebp]
  00053	50		 push	 eax
  00054	68 00 00 00 00	 push	 OFFSET FLAT:$SG16081
  00059	e8 00 00 00 00	 call	 _DbgPrint
  0005e	83 c4 08	 add	 esp, 8

; 120  :     }
; 121  :     else 

  00061	eb 0d		 jmp	 SHORT $L16085
$L16080:

; 122  :     {
; 123  :         DbgPrint( "" );

  00063	68 00 00 00 00	 push	 OFFSET FLAT:$SG16083
  00068	e8 00 00 00 00	 call	 _DbgPrint
  0006d	83 c4 04	 add	 esp, 4
$L16085:

; 124  :     }
; 125  : 
; 126  :     while (cb)

  00070	83 7d 0c 00	 cmp	 DWORD PTR _cb$[ebp], 0
  00074	0f 84 c2 00 00
	00		 je	 $L16086

; 127  :     {
; 128  :         *pszHex++ = pszDigits[ ((UCHAR )*p) / 16 ];

  0007a	8b 4d 08	 mov	 ecx, DWORD PTR _p$[ebp]
  0007d	0f b6 01	 movzx	 eax, BYTE PTR [ecx]
  00080	99		 cdq
  00081	83 e2 0f	 and	 edx, 15			; 0000000fH
  00084	03 c2		 add	 eax, edx
  00086	c1 f8 04	 sar	 eax, 4
  00089	8b 55 e4	 mov	 edx, DWORD PTR _pszHex$[ebp]
  0008c	8b 4d e8	 mov	 ecx, DWORD PTR _pszDigits$[ebp]
  0008f	8a 04 01	 mov	 al, BYTE PTR [ecx+eax]
  00092	88 02		 mov	 BYTE PTR [edx], al
  00094	8b 4d e4	 mov	 ecx, DWORD PTR _pszHex$[ebp]
  00097	83 c1 01	 add	 ecx, 1
  0009a	89 4d e4	 mov	 DWORD PTR _pszHex$[ebp], ecx

; 129  :         *pszHex++ = pszDigits[ ((UCHAR )*p) % 16 ];

  0009d	8b 55 08	 mov	 edx, DWORD PTR _p$[ebp]
  000a0	0f b6 02	 movzx	 eax, BYTE PTR [edx]
  000a3	25 0f 00 00 80	 and	 eax, -2147483633	; 8000000fH
  000a8	79 05		 jns	 SHORT $L16185
  000aa	48		 dec	 eax
  000ab	83 c8 f0	 or	 eax, -16		; fffffff0H
  000ae	40		 inc	 eax
$L16185:
  000af	8b 4d e4	 mov	 ecx, DWORD PTR _pszHex$[ebp]
  000b2	8b 55 e8	 mov	 edx, DWORD PTR _pszDigits$[ebp]
  000b5	8a 04 02	 mov	 al, BYTE PTR [edx+eax]
  000b8	88 01		 mov	 BYTE PTR [ecx], al
  000ba	8b 4d e4	 mov	 ecx, DWORD PTR _pszHex$[ebp]
  000bd	83 c1 01	 add	 ecx, 1
  000c0	89 4d e4	 mov	 DWORD PTR _pszHex$[ebp], ecx

; 130  : 
; 131  :         if (++ulGrouped >= ulGroup)

  000c3	8b 55 dc	 mov	 edx, DWORD PTR _ulGrouped$[ebp]
  000c6	83 c2 01	 add	 edx, 1
  000c9	89 55 dc	 mov	 DWORD PTR _ulGrouped$[ebp], edx
  000cc	8b 45 dc	 mov	 eax, DWORD PTR _ulGrouped$[ebp]
  000cf	3b 45 14	 cmp	 eax, DWORD PTR _ulGroup$[ebp]
  000d2	72 16		 jb	 SHORT $L16089

; 132  :         {
; 133  :             *pszHex++ = ' ';

  000d4	8b 4d e4	 mov	 ecx, DWORD PTR _pszHex$[ebp]
  000d7	c6 01 20	 mov	 BYTE PTR [ecx], 32	; 00000020H
  000da	8b 55 e4	 mov	 edx, DWORD PTR _pszHex$[ebp]
  000dd	83 c2 01	 add	 edx, 1
  000e0	89 55 e4	 mov	 DWORD PTR _pszHex$[ebp], edx

; 134  :             ulGrouped = 0;

  000e3	c7 45 dc 00 00
	00 00		 mov	 DWORD PTR _ulGrouped$[ebp], 0
$L16089:

; 135  :         }
; 136  : 
; 137  :         *pszAscii++ = (*p >= 32 && *p < 128) ? *p : '.';

  000ea	8b 45 08	 mov	 eax, DWORD PTR _p$[ebp]
  000ed	0f be 08	 movsx	 ecx, BYTE PTR [eax]
  000f0	83 f9 20	 cmp	 ecx, 32			; 00000020H
  000f3	7c 18		 jl	 SHORT $L16183
  000f5	8b 55 08	 mov	 edx, DWORD PTR _p$[ebp]
  000f8	0f be 02	 movsx	 eax, BYTE PTR [edx]
  000fb	3d 80 00 00 00	 cmp	 eax, 128		; 00000080H
  00100	7d 0b		 jge	 SHORT $L16183
  00102	8b 4d 08	 mov	 ecx, DWORD PTR _p$[ebp]
  00105	0f be 11	 movsx	 edx, BYTE PTR [ecx]
  00108	89 55 a4	 mov	 DWORD PTR tv87[ebp], edx
  0010b	eb 07		 jmp	 SHORT $L16184
$L16183:
  0010d	c7 45 a4 2e 00
	00 00		 mov	 DWORD PTR tv87[ebp], 46	; 0000002eH
$L16184:
  00114	8b 45 e0	 mov	 eax, DWORD PTR _pszAscii$[ebp]
  00117	8a 4d a4	 mov	 cl, BYTE PTR tv87[ebp]
  0011a	88 08		 mov	 BYTE PTR [eax], cl
  0011c	8b 55 e0	 mov	 edx, DWORD PTR _pszAscii$[ebp]
  0011f	83 c2 01	 add	 edx, 1
  00122	89 55 e0	 mov	 DWORD PTR _pszAscii$[ebp], edx

; 138  : 
; 139  :         ++p;

  00125	8b 45 08	 mov	 eax, DWORD PTR _p$[ebp]
  00128	83 c0 01	 add	 eax, 1
  0012b	89 45 08	 mov	 DWORD PTR _p$[ebp], eax

; 140  :         --cb;

  0012e	8b 4d 0c	 mov	 ecx, DWORD PTR _cb$[ebp]
  00131	83 e9 01	 sub	 ecx, 1
  00134	89 4d 0c	 mov	 DWORD PTR _cb$[ebp], ecx

; 141  :     }

  00137	e9 34 ff ff ff	 jmp	 $L16085
$L16086:

; 142  : 
; 143  :     *pszHex = '\0';

  0013c	8b 55 e4	 mov	 edx, DWORD PTR _pszHex$[ebp]
  0013f	c6 02 00	 mov	 BYTE PTR [edx], 0

; 144  :     *pszAscii = '\0';

  00142	8b 45 e0	 mov	 eax, DWORD PTR _pszAscii$[ebp]
  00145	c6 00 00	 mov	 BYTE PTR [eax], 0

; 145  : 
; 146  :     DbgPrint(
; 147  :         "%-*s|%-*s|\n",
; 148  :         (2 * DUMP_BytesPerLine) + (DUMP_BytesPerLine / ulGroup), szHex,
; 149  :         DUMP_BytesPerLine, szAscii );

  00148	8d 4d ec	 lea	 ecx, DWORD PTR _szAscii$[ebp]
  0014b	51		 push	 ecx
  0014c	6a 10		 push	 16			; 00000010H
  0014e	8d 55 a8	 lea	 edx, DWORD PTR _szHex$[ebp]
  00151	52		 push	 edx
  00152	b8 10 00 00 00	 mov	 eax, 16			; 00000010H
  00157	33 d2		 xor	 edx, edx
  00159	f7 75 14	 div	 DWORD PTR _ulGroup$[ebp]
  0015c	83 c0 20	 add	 eax, 32			; 00000020H
  0015f	50		 push	 eax
  00160	68 00 00 00 00	 push	 OFFSET FLAT:$SG16090
  00165	e8 00 00 00 00	 call	 _DbgPrint
  0016a	83 c4 14	 add	 esp, 20			; 00000014H

; 150  : }

  0016d	8b e5		 mov	 esp, ebp
  0016f	5d		 pop	 ebp
  00170	c2 10 00	 ret	 16			; 00000010H
_DumpLine@16 ENDP
_TEXT	ENDS
PUBLIC	_DumpMem@16
; Function compile flags: /Odt
;	COMDAT _DumpMem@16
_TEXT	SEGMENT
tv66 = -8
_cbLine$ = -4
_p$ = 8
_cb$ = 12
_bPrependWAddr$ = 16
_ulGroup$ = 20
_DumpMem@16 PROC NEAR					; COMDAT

; 175  : {

  00000	55		 push	 ebp
  00001	8b ec		 mov	 ebp, esp
  00003	83 ec 08	 sub	 esp, 8
$L16102:

; 176  :     INT cbLine;
; 177  : 
; 178  :     while (cb)

  00006	83 7d 0c 00	 cmp	 DWORD PTR _cb$[ebp], 0
  0000a	74 44		 je	 SHORT $L16099

; 179  :     {
; 180  : 
; 181  :         cbLine = (cb < DUMP_BytesPerLine) ? cb : DUMP_BytesPerLine;

  0000c	83 7d 0c 10	 cmp	 DWORD PTR _cb$[ebp], 16	; 00000010H
  00010	73 08		 jae	 SHORT $L16189
  00012	8b 45 0c	 mov	 eax, DWORD PTR _cb$[ebp]
  00015	89 45 f8	 mov	 DWORD PTR tv66[ebp], eax
  00018	eb 07		 jmp	 SHORT $L16190
$L16189:
  0001a	c7 45 f8 10 00
	00 00		 mov	 DWORD PTR tv66[ebp], 16	; 00000010H
$L16190:
  00021	8b 4d f8	 mov	 ecx, DWORD PTR tv66[ebp]
  00024	89 4d fc	 mov	 DWORD PTR _cbLine$[ebp], ecx

; 182  :         DumpLine( p, cbLine, bPrependWAddr, ulGroup );

  00027	8b 55 14	 mov	 edx, DWORD PTR _ulGroup$[ebp]
  0002a	52		 push	 edx
  0002b	8a 45 10	 mov	 al, BYTE PTR _bPrependWAddr$[ebp]
  0002e	50		 push	 eax
  0002f	8b 4d fc	 mov	 ecx, DWORD PTR _cbLine$[ebp]
  00032	51		 push	 ecx
  00033	8b 55 08	 mov	 edx, DWORD PTR _p$[ebp]
  00036	52		 push	 edx
  00037	e8 00 00 00 00	 call	 _DumpLine@16

; 183  :         cb -= cbLine;

  0003c	8b 45 0c	 mov	 eax, DWORD PTR _cb$[ebp]
  0003f	2b 45 fc	 sub	 eax, DWORD PTR _cbLine$[ebp]
  00042	89 45 0c	 mov	 DWORD PTR _cb$[ebp], eax

; 184  :         p += cbLine;

  00045	8b 4d 08	 mov	 ecx, DWORD PTR _p$[ebp]
  00048	03 4d fc	 add	 ecx, DWORD PTR _cbLine$[ebp]
  0004b	89 4d 08	 mov	 DWORD PTR _p$[ebp], ecx

; 185  :     }

  0004e	eb b6		 jmp	 SHORT $L16102
$L16099:

; 186  : }

  00050	8b e5		 mov	 esp, ebp
  00052	5d		 pop	 ebp
  00053	c2 10 00	 ret	 16			; 00000010H
_DumpMem@16 ENDP
_TEXT	ENDS
PUBLIC	_e100DumpPkt@4
EXTRN	__imp__NdisBufferLength@4:NEAR
EXTRN	__imp__NdisBufferVirtualAddress@4:NEAR
;	COMDAT _e100DumpPkt@4
_TEXT	SEGMENT
$SG16123 DB	'Passthru: ', 00H
	ORG $+1
$SG16124 DB	'Mdl @ %p.  Va = 0x%p.  Len = 0x%08x.', 0aH, 00H
; Function compile flags: /Odt
_pVa$16118 = -16
_BufLen$16120 = -12
_pPrevNdisBfr$ = -8
_pNdisBfr$ = -4
_pPacket$ = 8
_e100DumpPkt@4 PROC NEAR				; COMDAT

; 197  : {

  00032	55		 push	 ebp
  00033	8b ec		 mov	 ebp, esp
  00035	83 ec 10	 sub	 esp, 16			; 00000010H
$L16110:

; 198  :     PNDIS_BUFFER pPrevNdisBfr;
; 199  :     PNDIS_BUFFER pNdisBfr;
; 200  : 
; 201  :     do
; 202  :     {
; 203  :         //
; 204  :         // Get first buffer of the packet
; 205  :         //
; 206  :         pNdisBfr = pPacket->Private.Head;

  00038	8b 45 08	 mov	 eax, DWORD PTR _pPacket$[ebp]
  0003b	8b 48 08	 mov	 ecx, DWORD PTR [eax+8]
  0003e	89 4d fc	 mov	 DWORD PTR _pNdisBfr$[ebp], ecx

; 207  :         pPrevNdisBfr = NULL;

  00041	c7 45 f8 00 00
	00 00		 mov	 DWORD PTR _pPrevNdisBfr$[ebp], 0
$L16116:

; 208  : 
; 209  :         //
; 210  :         // Scan the buffer chain