OpenStore是值得看一下的
在 CreateNewOfflineStore 和 OpenExistingOfflineStore 中调用。
调用
`anonymous namespace'::CNtStoreCreationParameters::CNtStoreCreationParameters((int)&v20);
v9 =((int
(__stdcall*)(int))`anonymous
namespace'::CNtStoreCreationParameters::Initialize)(a2);
v10 =&v20;
v19 =0;
v21 =a1 &
1;
v11 =(int
*)GetRerootedSIL((int)&v20,(int
*)&v19);
if ((signed int)v11
<0
||(v11
=`anonymous namespace'::SetupOfflineStoreEnvironment((int)&v20,v19), (signed int)v11 < 0)
||(v11
=(int
*)`anonymous
namespace'::OpenStore((_DWORD **)&v20, v19,a3, (int)a4), (signed int)v11 < 0) )
`anonymousnamespace'::OpenStore(
classA0x4bc90b42::CNtStoreCreationParameters const *,
structWindows::Rtl::IRtlSystemIsolationLayer *,
struct_GUID const &,
structIUnknown * *)
//----- (10120AB0)--------------------------------------------------------
int __fastcall `anonymous namespace'::OpenStore(
_DWORD **a1,
int *a2,
int a3,
int a4)
{
struct IStore2 *v46;
//ST10_4@47
int (__stdcall*v47)(structIStore2
*, int,
int); // esi@47
structWindows::Rtl::IRtlSystemIsolationLayer *v51;// [sp+0h] [bp-88h]@0
struct ICSIStore **v53;
// [sp+0h][bp-88h]@35
struct Windows::Rtl::IRtlKey *v54;
// [sp+4h][bp-84h]@0
const struct _GUID *v55;
// [sp+4h][bp-84h]@8
struct ICSIStore **v56;
// [sp+4h][bp-84h]@35
struct IStore2 *v69;
// [sp+3Ch][bp-4Ch]@35
struct Windows::ComponentStore::Rtl::IRtlComponentStore*v71;
//[sp+44h] [bp-44h]@1
v77 =a1;
v59 =a2;
Windows::ErrorHandling::COM::CSimpleHResultCarryingFrame::CSimpleHResultCarryingFrame((Windows::ErrorHandling::COM::CSimpleHResultCarryingFrame*)&v76);
v5 =*(_DWORD*)(v4+
36);
v78[0]
=
*(_DWORD *)(v4
+
28);
v71 =(structWindows::ComponentStore::Rtl::IRtlComponentStore
*)1;
v79 =*(_DWORD*)(v4+
32);
v6 =*(_WORD*)(v5+
2 *
((unsignedint)v78[0]
>>
1) -
2) ==
92;
v7 =2;
v80 =*(_DWORD*)(v4+
36);
if (v6
)
{
v8 =(signed int)v71;
}
else
{
v8 =2;
v81 =g_LUNICODE_STRING__bslash_;
v82 =*((_DWORD*)&g_LUNICODE_STRING__bslash_
+
1);
v83 =*((_DWORD*)&g_LUNICODE_STRING__bslash_
+
2);
}
v9 =&v78[3
* v8];
*v9= g_LUNICODE_STRING_WinSxS[0];
v9[1] =g_LUNICODE_STRING_WinSxS[1];
v9[2]
= g_LUNICODE_STRING_WinSxS[2];
v66 =0;
v67 =0;
v68 =0;
v10 =RtlConcatenateLUnicodeStrings(0, v8
+
1, v78, (int)&v66);
if (v10 <
0)
{
Windows::ErrorHandling::COM::CBaseFrame<Windows::ErrorHandling::COM::CSimpleHResultCarryingFrame>::SetNtStatus(
&v76,
v10);
LABEL_56:
Windows::Auto<_LUTF8_STRING>::~Auto<_LUTF8_STRING>(&v66);
Windows::ErrorHandling::COM::CBaseFrame<Windows::ErrorHandling::COM::CVoidRaiseFrame>::ReportErrorPropagation(
&v76,
v48);
return v76;
}
v75 =0;
v11 =*v59;
// OpenRegistryKey
v12 =
(*(int(__thiscall
**)(int
*,_DWORD, signed int,
int *,int
*, _DWORD))(v11 +
20))(
v59,
0,
131097,
g_LUNICODE_STRING__bslash_Registry_bslash_Machine_bslash_COMPONENTS_bslash_,
&v75,
0);
if (v12 <
0
||(v12
=Windows::COM::VerifyStoreVersionNumber(v75,v59,
(Windows::COM *)*((_WORD
*)v77
+
92), v51, v54, v57),
v12 <0)
)
{
Windows::ErrorHandling::COM::CBaseFrame<Windows::ErrorHandling::COM::CSimpleHResultCarryingFrame>::SetNtStatus(
&v76,
v12);
LABEL_55:
Windows::Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>::~Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>(&v75);
goto LABEL_56;
}
v13 =*v59;
v74 =0;
// OpenRegistryKey
v14 =
(*(int(__thiscall
**)(int
*,_DWORD, signed int,
int *,int
*, _DWORD))(v13 +
20))(
v59,
0,
131097,
g_LUNICODE_STRING__bslash_Registry_bslash_Machine_bslash_SOFTWARE_bslash_Microsoft_bslash_Windows_bslash_CurrentVersion_bslash_SideBySide_bslash_,
&v74,
0);
if (v14 <
0)
{
Windows::ErrorHandling::COM::CBaseFrame<Windows::ErrorHandling::COM::CSimpleHResultCarryingFrame>::SetNtStatus(
&v76,
v14);
LABEL_54:
Windows::Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>::~Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>(&v74);
goto LABEL_55;
}
v15 =*v59;
v73 =0;
// OpenFileSystemDirectory
v16 =
(*(int(__thiscall
**)(int
*,_DWORD, signed int,
int *,signed int,
signed int, int *, _DWORD))(v15+
8))(
v59,
0,
1179785,
(int*)&v66,
7,
33,
&v73,
0);
if (v16 <
0)
{
Windows::ErrorHandling::COM::CBaseFrame<Windows::ErrorHandling::COM::CSimpleHResultCarryingFrame>::SetNtStatus(
&v76,
v16);
LABEL_53:
Windows::Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>::~Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>(&v73);
goto LABEL_54;
}
v17 =v77;
v72 =0;
if (v77[43]
)
{
v18 =*v59;
// OpenRegistryKey
v19 =
(*(int(__thiscall
**)(int
*,_DWORD, signed int,
int *,int
*, _DWORD))(v18 +
20))(
v59,
0,
131097,
dword_10012014, // \Registry\Machine\ExtStorage
(int
*)&v72,
0);
if (v19 <
0)
{
Windows::ErrorHandling::COM::CBaseFrame<Windows::ErrorHandling::COM::CSimpleHResultCarryingFrame>::SetNtStatus(
&v76,
v19);
LABEL_52:
Windows::Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>::~Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>(&v72);
goto LABEL_53;
}
v17 =v77;
}
v20 =*((_WORD*)v17+
92);
if ((_WORD)v20
)
{
if (v20 ==
6)
{
v50 =4;
}
else
{
if (v20 ==
9)
goto LABEL_27;
if (v20 ==
12)
{
v50 =16;
}
else
{
if ( v20 !=
5 )
{
Windows::ErrorHandling::COM::CBaseFrame<Windows::ErrorHandling::COM::CSimpleHResultCarryingFrame>::SetInvalidParameter(&v76);
Windows::Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>::~Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>(&v72);
Windows::Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>::~Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>(&v73);
Windows::Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>::~Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>(&v74);
Windows::Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>::~Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>(&v75);
Windows::Auto<_LUTF8_STRING>::~Auto<_LUTF8_STRING>(&v66);
v65 ="base\\wcp\\dll\\offline.cpp";
v66 ="`anonymous-namespace'::OpenStore";
v67 =478;
v68 ="false";
Windows::ErrorHandling::COM::CBaseFrame<Windows::ErrorHandling::COM::CSimpleHResultCarryingFrame>::ReportErrorOrigination(
(int*)&v76,
(int)&v65);
return v76;
}
v50 =8;
}
}
v7 =v50;
goto LABEL_27;
}
v7 =1;
LABEL_27:
if (*((_BYTE*)v17+
186)
)
v7 |=0x20u;
v60 =20;
v61 =g_LUNICODE_STRING_Winners;
v62 =64;
v63 =0;
v64 =0;
v70 =0;
v21 =v74;
v22 =*(_DWORD*)v74;
// IRtlKey SideBySide, OpenExistingKey
v23 =
(*(int(__thiscall
**)(int, _DWORD,
signed int, int*,
int *, _DWORD))(v22+
40))(v21,
0, 131097, &v60,&v70,
0);
if (v23 <
0)
{
Windows::ErrorHandling::COM::CBaseFrame<Windows::ErrorHandling::COM::CSimpleHResultCarryingFrame>::SetNtStatus(
&v76,
v23);
LABEL_51:
Windows::Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>::~Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>(&v70);
goto LABEL_52;
}
v24 =(unsigned int
*)v77;
v71 =0;
v25 =Windows::Rtl::AutoString<_LUNICODE_STRING,Windows::Auto<_LUNICODE_STRING>>::IsEmpty((int)(v77
+
40));
v77 =0;
if (!v25
)
v77 =v26;
v27 =`anonymous
namespace'::CreateRtlStore(
v7,
(int)v59,
v75,
v74,
v70,
(int*)&v66,
(volatilesigned __int32
*)&v71,
(int)v77,
v72);
if (v27 <
0)
{
Windows::ErrorHandling::COM::CBaseFrame<Windows::ErrorHandling::COM::CSimpleHResultCarryingFrame>::SetNtStatus(
&v76,
v27);
LABEL_50:
Windows::Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>::~Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>(&v71);
goto LABEL_51;
}
v6 =(*v24&
4) ==
0;
v28 =*v24;
v29 =v28 &
0x10;
v30 =!v6
?0 :
1;
v69 =0;
v59 =(int
*)&v69;
v31 =BUCL::Com::CFunkyOperatorAmpersandReturnType<BUCL::Com::CSmartRef<IStorePendingTransaction>>::operatorIStorePendingTransaction
*
*(&v59);
v34 =Windows::COM::CopyOut(
v30,
v71,
v32,
(structWindows::ComponentStore::Rtl::IRtlComponentStore
*)*((_WORD
*)v24
+
92),
v29,
v33,
v31,
v52,
v55,
v58);
if (v34 <
0)
goto LABEL_61;
if (!(unsigned__int8)operator==(a3,
(int)&_GUID_a5c62f6d_5e3e_4cd9_b345_6b281d7a1d1e)
&&!(unsigned__int8)operator==(v35,
(int)&_GUID_a817521b_2b43_489f_8b84_67aceeab24a8)
)
{
v77 =0;
v38 =(volatile signed __int32*)Windows::ServicingAPI::Initialize(v37,
v36);
if ((signed int)v38
<0
||(v38
=Windows::ServicingAPI::CCSIStore::CreateOrGet(v69,v30
==
0,0, (structIStore2
*)&v77, v53, v56),
(signedint)v38
<0)
)
{
v39 =v77;
}
else
{
v42 =v77;
v43 =(int
(__stdcall*)(_DWORD**,
int, int))**v77;
__guard_check_icall_fptr(**v77);
v38 =(volatile signed __int32*)v43(v42,
a3, a4);
v39 =v77;
if ((signed int)v38
>=0
)
{
if ( v77
)
{
v77 =0;
v44 =v39;
v45 =(void
(__stdcall*)(_DWORD))(*v39)[2];
__guard_check_icall_fptr((*v39)[2]);
v45(v44);
}
goto LABEL_46;
}
}
v76 =(__int32)v38;
if (v39
)
{
v77 =0;
v40 =v39;
v41 =(void
(__stdcall*)(_DWORD))(*v39)[2];
__guard_check_icall_fptr((*v39)[2]);
v41(v40);
}
LABEL_49:
BUCL::Com::CSmartRef<IStore2>::~CSmartRef<IStore2>(&v69);
goto LABEL_50;
}
v46 =v69;
v47 =**(int(__stdcall
***)(struct IStore2
*,int,
int))v69;
__guard_check_icall_fptr(**(_DWORD
**)v69);
v34 =v47(v46, a3, a4);
if (v34 <
0)
{
LABEL_61:
v76 =v34;
goto LABEL_49;
}
LABEL_46:
Windows::ErrorHandling::Rtl::CBaseFrame<Windows::ErrorHandling::Rtl::CVoidRaiseFrame>::SetCanonicalSuccess(&v76);
BUCL::Com::CSmartRef<IStore2>::~CSmartRef<IStore2>(&v69);
Windows::Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>::~Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>(&v71);
Windows::Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>::~Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>(&v70);
Windows::Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>::~Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>(&v72);
Windows::Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>::~Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>(&v73);
Windows::Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>::~Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>(&v74);
Windows::Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>::~Auto<Windows::Rtl::IRtlSystemIsolationLayer
*>(&v75);
Windows::Auto<_LUTF8_STRING>::~Auto<_LUTF8_STRING>(&v66);
return v76;
}
扫一扫
33
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
