-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathASM_code for readonly struct modification
313 lines (313 loc) · 10 KB
/
ASM_code for readonly struct modification
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
Numbers.Modify(EventType)
L0000: push ebp
L0001: mov ebp, esp
L0003: push edi
L0004: push esi
L0005: push ebx
L0006: sub esp, 0x2f4
L000c: vzeroupper
L000f: vxorps xmm4, xmm4, xmm4
L0013: vmovdqu [ebp-0x19c], xmm4
L001b: mov eax, 0xfffffeb0
L0020: vmovdqu [ebp+eax-0x3c], xmm4
L0026: vmovdqu [ebp+eax-0x2c], xmm4
L002c: vmovdqu [ebp+eax-0x1c], xmm4
L0032: add eax, 0x30
L0035: jne short L0020
L0037: mov [ebp-0x300], edx
L003d: mov esi, ecx
L003f: mov ebx, [ebp+8]
L0042: movzx edx, bl
L0045: cmp edx, 3
L0048: ja L0631
L004e: lea ecx, [Numbers.Modify(EventType)]
L0054: mov ecx, [ecx+edx*4]
L0057: lea eax, [L003f]
L005d: add ecx, eax
L005f: jmp ecx
L0061: vmovdqu xmm0, [esi]
L0065: vmovdqu [ebp-0x3c], xmm0
L006a: vmovdqu xmm0, [esi+0x10]
L006f: vmovdqu [ebp-0x2c], xmm0
L0074: vmovdqu xmm0, [esi+0x20]
L0079: vmovdqu [ebp-0x1c], xmm0
L007e: cmp byte ptr [ebp-0x3c], 0
L0082: je L0612
L0088: vmovdqu xmm0, [esi]
L008c: vmovdqu [ebp-0x3c], xmm0
L0091: vmovdqu xmm0, [esi+0x10]
L0096: vmovdqu [ebp-0x2c], xmm0
L009b: vmovdqu xmm0, [esi+0x20]
L00a0: vmovdqu [ebp-0x1c], xmm0
L00a5: cmp byte ptr [ebp-0x3c], 0
L00a9: je L062b
L00af: vmovdqu xmm0, [ebp-0x34]
L00b4: vmovdqu [ebp-0x64], xmm0
L00b9: vmovdqu xmm0, [ebp-0x24]
L00be: vmovdqu [ebp-0x54], xmm0
L00c3: mov edx, [ebp-0x14]
L00c6: mov [ebp-0x44], edx
L00c9: mov edx, [ebp-0x10]
L00cc: mov [ebp-0x40], edx
L00cf: lea ecx, [ebp-0x64]
L00d2: mov ebx, [ecx+0x20]
L00d5: mov edx, ebx
L00d7: inc edx
L00d8: call EventData.set_Count(Int32)
L00dd: lea edi, [ebp-0x124]
L00e3: mov ecx, 0xc0
L00e8: rep movsb [edi], [esi]
L00ea: vxorps xmm0, xmm0, xmm0
L00ee: vmovdqu [ebp-0x25c], xmm0
L00f6: vmovdqu [ebp-0x24c], xmm0
L00fe: vmovdqu [ebp-0x23c], xmm0
L0106: vmovdqu xmm0, [ebp-0x64]
L010b: vmovdqu [ebp-0x284], xmm0
L0113: vmovdqu xmm0, [ebp-0x54]
L0118: vmovdqu [ebp-0x274], xmm0
L0120: mov ecx, [ebp-0x44]
L0123: mov [ebp-0x264], ecx
L0129: mov ecx, [ebp-0x40]
L012c: mov [ebp-0x260], ecx
L0132: vmovdqu xmm0, [ebp-0x284]
L013a: vmovdqu [ebp-0x254], xmm0
L0142: vmovdqu xmm0, [ebp-0x274]
L014a: vmovdqu [ebp-0x244], xmm0
L0152: mov ecx, [ebp-0x264]
L0158: mov [ebp-0x234], ecx
L015e: mov ecx, [ebp-0x260]
L0164: mov [ebp-0x230], ecx
L016a: mov byte ptr [ebp-0x25c], 1
L0171: vmovdqu xmm0, [ebp-0x25c]
L0179: vmovdqu [ebp-0x124], xmm0
L0181: vmovdqu xmm0, [ebp-0x24c]
L0189: vmovdqu [ebp-0x114], xmm0
L0191: vmovdqu xmm0, [ebp-0x23c]
L0199: vmovdqu [ebp-0x104], xmm0
L01a1: mov edi, [ebp-0x300]
L01a7: lea esi, [ebp-0x124]
L01ad: mov ecx, 0xc0
L01b2: rep movsb [edi], [esi]
L01b4: jmp L0621
L01b9: lea edx, [esi+0x30]
L01bc: vmovdqu xmm0, [edx]
L01c0: vmovdqu [ebp-0x3c], xmm0
L01c5: vmovdqu xmm0, [edx+0x10]
L01ca: vmovdqu [ebp-0x2c], xmm0
L01cf: vmovdqu xmm0, [edx+0x20]
L01d4: vmovdqu [ebp-0x1c], xmm0
L01d9: cmp byte ptr [ebp-0x3c], 0
L01dd: je L0612
L01e3: vmovdqu xmm0, [edx]
L01e7: vmovdqu [ebp-0x3c], xmm0
L01ec: vmovdqu xmm0, [edx+0x10]
L01f1: vmovdqu [ebp-0x2c], xmm0
L01f6: vmovdqu xmm0, [edx+0x20]
L01fb: vmovdqu [ebp-0x1c], xmm0
L0200: cmp byte ptr [ebp-0x3c], 0
L0204: je L062b
L020a: vmovdqu xmm0, [ebp-0x34]
L020f: vmovdqu [ebp-0x14c], xmm0
L0217: vmovdqu xmm0, [ebp-0x24]
L021c: vmovdqu [ebp-0x13c], xmm0
L0224: mov edx, [ebp-0x14]
L0227: mov [ebp-0x12c], edx
L022d: mov edx, [ebp-0x10]
L0230: mov [ebp-0x128], edx
L0236: lea ecx, [ebp-0x14c]
L023c: mov edx, [ecx+0x20]
L023f: inc edx
L0240: call EventData.set_Count(Int32)
L0245: lea edi, [ebp-0x124]
L024b: mov ecx, 0xc0
L0250: rep movsb [edi], [esi]
L0252: vxorps xmm0, xmm0, xmm0
L0256: vmovdqu [ebp-0x22c], xmm0
L025e: vmovdqu [ebp-0x21c], xmm0
L0266: vmovdqu [ebp-0x20c], xmm0
L026e: vmovdqu xmm0, [ebp-0x14c]
L0276: vmovdqu [ebp-0x2ac], xmm0
L027e: vmovdqu xmm0, [ebp-0x13c]
L0286: vmovdqu [ebp-0x29c], xmm0
L028e: mov ecx, [ebp-0x12c]
L0294: mov [ebp-0x28c], ecx
L029a: mov ecx, [ebp-0x128]
L02a0: mov [ebp-0x288], ecx
L02a6: vmovdqu xmm0, [ebp-0x2ac]
L02ae: vmovdqu [ebp-0x224], xmm0
L02b6: vmovdqu xmm0, [ebp-0x29c]
L02be: vmovdqu [ebp-0x214], xmm0
L02c6: mov ecx, [ebp-0x28c]
L02cc: mov [ebp-0x204], ecx
L02d2: mov ecx, [ebp-0x288]
L02d8: mov [ebp-0x200], ecx
L02de: mov byte ptr [ebp-0x22c], 1
L02e5: vmovdqu xmm0, [ebp-0x22c]
L02ed: vmovdqu [ebp-0xf4], xmm0
L02f5: vmovdqu xmm0, [ebp-0x21c]
L02fd: vmovdqu [ebp-0xe4], xmm0
L0305: vmovdqu xmm0, [ebp-0x20c]
L030d: vmovdqu [ebp-0xd4], xmm0
L0315: mov edi, [ebp-0x300]
L031b: lea esi, [ebp-0x124]
L0321: mov ecx, 0xc0
L0326: rep movsb [edi], [esi]
L0328: jmp L0621
L032d: lea edx, [esi+0x60]
L0330: vmovdqu xmm0, [edx]
L0334: vmovdqu [ebp-0x3c], xmm0
L0339: vmovdqu xmm0, [edx+0x10]
L033e: vmovdqu [ebp-0x2c], xmm0
L0343: vmovdqu xmm0, [edx+0x20]
L0348: vmovdqu [ebp-0x1c], xmm0
L034d: cmp byte ptr [ebp-0x3c], 0
L0351: je L0612
L0357: vmovdqu xmm0, [edx]
L035b: vmovdqu [ebp-0x3c], xmm0
L0360: vmovdqu xmm0, [edx+0x10]
L0365: vmovdqu [ebp-0x2c], xmm0
L036a: vmovdqu xmm0, [edx+0x20]
L036f: vmovdqu [ebp-0x1c], xmm0
L0374: cmp byte ptr [ebp-0x3c], 0
L0378: je L062b
L037e: vmovdqu xmm0, [ebp-0x34]
L0383: vmovdqu [ebp-0x174], xmm0
L038b: vmovdqu xmm0, [ebp-0x24]
L0390: vmovdqu [ebp-0x164], xmm0
L0398: mov edx, [ebp-0x14]
L039b: mov [ebp-0x154], edx
L03a1: mov edx, [ebp-0x10]
L03a4: mov [ebp-0x150], edx
L03aa: lea ecx, [ebp-0x174]
L03b0: mov edx, [ecx+0x20]
L03b3: inc edx
L03b4: call EventData.set_Count(Int32)
L03b9: lea edi, [ebp-0x124]
L03bf: mov ecx, 0xc0
L03c4: rep movsb [edi], [esi]
L03c6: vxorps xmm0, xmm0, xmm0
L03ca: vmovdqu [ebp-0x1fc], xmm0
L03d2: vmovdqu [ebp-0x1ec], xmm0
L03da: vmovdqu [ebp-0x1dc], xmm0
L03e2: vmovdqu xmm0, [ebp-0x174]
L03ea: vmovdqu [ebp-0x2d4], xmm0
L03f2: vmovdqu xmm0, [ebp-0x164]
L03fa: vmovdqu [ebp-0x2c4], xmm0
L0402: mov ecx, [ebp-0x154]
L0408: mov [ebp-0x2b4], ecx
L040e: mov ecx, [ebp-0x150]
L0414: mov [ebp-0x2b0], ecx
L041a: vmovdqu xmm0, [ebp-0x2d4]
L0422: vmovdqu [ebp-0x1f4], xmm0
L042a: vmovdqu xmm0, [ebp-0x2c4]
L0432: vmovdqu [ebp-0x1e4], xmm0
L043a: mov ecx, [ebp-0x2b4]
L0440: mov [ebp-0x1d4], ecx
L0446: mov ecx, [ebp-0x2b0]
L044c: mov [ebp-0x1d0], ecx
L0452: mov byte ptr [ebp-0x1fc], 1
L0459: vmovdqu xmm0, [ebp-0x1fc]
L0461: vmovdqu [ebp-0xc4], xmm0
L0469: vmovdqu xmm0, [ebp-0x1ec]
L0471: vmovdqu [ebp-0xb4], xmm0
L0479: vmovdqu xmm0, [ebp-0x1dc]
L0481: vmovdqu [ebp-0xa4], xmm0
L0489: mov edi, [ebp-0x300]
L048f: lea esi, [ebp-0x124]
L0495: mov ecx, 0xc0
L049a: rep movsb [edi], [esi]
L049c: jmp L0621
L04a1: lea edx, [esi+0x90]
L04a7: vmovdqu xmm0, [edx]
L04ab: vmovdqu [ebp-0x3c], xmm0
L04b0: vmovdqu xmm0, [edx+0x10]
L04b5: vmovdqu [ebp-0x2c], xmm0
L04ba: vmovdqu xmm0, [edx+0x20]
L04bf: vmovdqu [ebp-0x1c], xmm0
L04c4: cmp byte ptr [ebp-0x3c], 0
L04c8: je L0612
L04ce: vmovdqu xmm0, [edx]
L04d2: vmovdqu [ebp-0x3c], xmm0
L04d7: vmovdqu xmm0, [edx+0x10]
L04dc: vmovdqu [ebp-0x2c], xmm0
L04e1: vmovdqu xmm0, [edx+0x20]
L04e6: vmovdqu [ebp-0x1c], xmm0
L04eb: cmp byte ptr [ebp-0x3c], 0
L04ef: je L062b
L04f5: vmovdqu xmm0, [ebp-0x34]
L04fa: vmovdqu [ebp-0x19c], xmm0
L0502: vmovdqu xmm0, [ebp-0x24]
L0507: vmovdqu [ebp-0x18c], xmm0
L050f: mov edx, [ebp-0x14]
L0512: mov [ebp-0x17c], edx
L0518: mov edx, [ebp-0x10]
L051b: mov [ebp-0x178], edx
L0521: lea ecx, [ebp-0x19c]
L0527: mov edx, [ecx+0x20]
L052a: inc edx
L052b: call EventData.set_Count(Int32)
L0530: lea edi, [ebp-0x124]
L0536: mov ecx, 0xc0
L053b: rep movsb [edi], [esi]
L053d: vxorps xmm0, xmm0, xmm0
L0541: vmovdqu [ebp-0x1cc], xmm0
L0549: vmovdqu [ebp-0x1bc], xmm0
L0551: vmovdqu [ebp-0x1ac], xmm0
L0559: vmovdqu xmm0, [ebp-0x19c]
L0561: vmovdqu [ebp-0x2fc], xmm0
L0569: vmovdqu xmm0, [ebp-0x18c]
L0571: vmovdqu [ebp-0x2ec], xmm0
L0579: mov ecx, [ebp-0x17c]
L057f: mov [ebp-0x2dc], ecx
L0585: mov ecx, [ebp-0x178]
L058b: mov [ebp-0x2d8], ecx
L0591: vmovdqu xmm0, [ebp-0x2fc]
L0599: vmovdqu [ebp-0x1c4], xmm0
L05a1: vmovdqu xmm0, [ebp-0x2ec]
L05a9: vmovdqu [ebp-0x1b4], xmm0
L05b1: mov ecx, [ebp-0x2dc]
L05b7: mov [ebp-0x1a4], ecx
L05bd: mov ecx, [ebp-0x2d8]
L05c3: mov [ebp-0x1a0], ecx
L05c9: mov byte ptr [ebp-0x1cc], 1
L05d0: vmovdqu xmm0, [ebp-0x1cc]
L05d8: vmovdqu [ebp-0x94], xmm0
L05e0: vmovdqu xmm0, [ebp-0x1bc]
L05e8: vmovdqu [ebp-0x84], xmm0
L05f0: vmovdqu xmm0, [ebp-0x1ac]
L05f8: vmovdqu [ebp-0x74], xmm0
L05fd: mov edi, [ebp-0x300]
L0603: lea esi, [ebp-0x124]
L0609: mov ecx, 0xc0
L060e: rep movsb [edi], [esi]
L0610: jmp short L0621
L0612: xor eax, eax
L0614: mov edi, [ebp-0x300]
L061a: mov ecx, 0xc0
L061f: rep stosb [edi]
L0621: lea esp, [ebp-0xc]
L0624: pop ebx
L0625: pop esi
L0626: pop edi
L0627: pop ebp
L0628: ret 4
L062b: call System.ThrowHelper.ThrowInvalidOperationException_InvalidOperation_NoValue()
L0630: int3
L0631: mov ecx, 0x12dac788
L0636: call 0x054f30c0
L063b: mov esi, eax
L063d: mov [esi+4], bl
L0640: mov ecx, 0xa6a8a20
L0645: call 0x054f30c0
L064a: mov edi, eax
L064c: mov ecx, 1
L0651: mov edx, 0x12dac030
L0656: call 0x0f4356c0
L065b: mov edx, eax
L065d: push esi
L065e: push 0
L0660: mov ecx, edi
L0662: call System.ArgumentOutOfRangeException..ctor(System.String, System.Object, System.String)
L0667: mov ecx, edi
L0669: call 0x0f42b1c0
L066e: int3