程序博客网 > 2017年7月进出口数据

RtlGetSystem

来源:互联网 发布:2017年7月进出口数据 编辑:程序博客网 时间:2024/06/11 13:09

RtlGetSystem

//----- (100F1410) --------------------------------------------------------int __fastcall RtlGetSystem(unsigned __int32 a1, struct Windows::WCP::Rtl::_RTL_TRACING_FACILITY *a2, int *a3){  unsigned __int32 v3; // esi@1  struct Windows::Rtl::SystemImplementation::IRtlFileSystemProvider *v4; // edi@1  struct Windows::WCP::Rtl::_RTL_TRACING_FACILITY *v5; // ebx@1  struct Windows::WCP::Rtl::_RTL_TRACING_FACILITY *v6; // edx@1  Windows::Rtl::SystemImplementation::DirectUserProvider *v7; // esi@4  const char *v8; // edi@4  int v9; // eax@13  struct Windows::WCP::Rtl::_RTL_TRACING_FACILITY *v10; // edx@15  int v11; // ecx@16  int v12; // eax@17  void (__thiscall *v13)(struct Windows::Rtl::SystemImplementation::IRtlFileSystemProvider *); // esi@20  struct Windows::Rtl::SystemImplementation::IRtlFileSystemProvider *v14; // esi@21  int (__thiscall *v15)(struct Windows::Rtl::SystemImplementation::IRtlFileSystemProvider *); // edi@21  int v16; // eax@21  void (__thiscall *v17)(struct Windows::Rtl::SystemImplementation::IRtlFileSystemProvider *); // esi@23  int v18; // eax@34  int v19; // ecx@34  Windows::Rtl::SystemImplementation::DirectRegistryProvider *v20; // esi@51  void *v21; // eax@51  struct Windows::WCP::Rtl::_RTL_TRACING_FACILITY *v22; // edx@51  struct Windows::Rtl::SystemImplementation::IRtlFileSystemProvider *v23; // ecx@56  int v24; // eax@58  char v26; // [sp+0h] [bp-120h]@0  const char *v27; // [sp+10h] [bp-110h]@15  char v28; // [sp+17h] [bp-109h]@15  Windows::Rtl::SystemImplementation::DirectUserProvider *v29; // [sp+18h] [bp-108h]@38  Windows::Rtl::SystemImplementation::DirectRegistryProvider *v30; // [sp+1Ch] [bp-104h]@38  unsigned __int32 v31; // [sp+20h] [bp-100h]@1  volatile signed __int32 *v32; // [sp+24h] [bp-FCh]@1  const char *v33; // [sp+28h] [bp-F8h]@15  const char *v34; // [sp+2Ch] [bp-F4h]@15  Windows::Rtl::SystemImplementation::DirectUserProvider *v35; // [sp+30h] [bp-F0h]@15  const char *v36; // [sp+34h] [bp-ECh]@15  char v37; // [sp+38h] [bp-E8h]@15  int v38; // [sp+3Ch] [bp-E4h]@1  struct Windows::WCP::Rtl::_RTL_TRACING_FACILITY *v39; // [sp+40h] [bp-E0h]@15  struct Windows::Rtl::SystemImplementation::IRtlFileSystemProvider *v40; // [sp+44h] [bp-DCh]@15  Windows::Rtl::SystemImplementation::DirectUserProvider *v41; // [sp+48h] [bp-D8h]@15  struct Windows::Rtl::SystemImplementation::IRtlFileSystemProvider *v42; // [sp+4Ch] [bp-D4h]@17  char v43; // [sp+50h] [bp-D0h]@2  int v44; // [sp+54h] [bp-CCh]@1  int v45; // [sp+68h] [bp-B8h]@1  char v46; // [sp+74h] [bp-ACh]@1  v3 = a1;  v38 = -1073741595;  v4 = (struct Windows::Rtl::SystemImplementation::IRtlFileSystemProvider *)a3;  v5 = a2;  v31 = a1;  v32 = (volatile signed __int32 *)a3;  Windows::WCP::Rtl::RtlGetFacilityTracingFlags((Windows::WCP::Rtl *)&Facility_SIL, a2);  v44 = 1;  v45 = 0;  v46 = 0;  if ( Windows::WCP::Rtl::RtlGetFacilityTracingFlags((Windows::WCP::Rtl *)&Facility_SIL, v6) & 0xE )    Windows::WCP::Rtl::CEnterExitTracer<Windows::ErrorHandling::Rtl::CSimpleNtStatusCarryingFrame,7>::Arm(      (int)&v43,      0,      (int)&v38,      (int)Windows::WCP::Rtl::RtlTraceFormat_PCNTSTATUS,      0,      (int)"Windows::Rtl::RtlGetSystem",      (struct Windows::WCP::Rtl::_RTL_TRACING_FACILITY *)&Facility_SIL,      0,      0,      0,      0,      v26);  if ( !a3 )  {    v7 = (Windows::Rtl::SystemImplementation::DirectUserProvider *)8536;    v8 = "Not-null check failed: System";    Windows::ErrorHandling::Rtl::CBaseFrame<Windows::ErrorHandling::Rtl::CVoidRaiseFrame>::SetInvalidParameter_NullPointer(&v38);LABEL_50:    Windows::WCP::Rtl::CEnterExitTracer<Windows::ErrorHandling::Rtl::CSimpleNtStatusCarryingFrame,7>::~CEnterExitTracer<Windows::ErrorHandling::Rtl::CSimpleNtStatusCarryingFrame,7>(      (int)&v43,      (int)v8);    v33 = "base\\wcp\\sil\\merged\\ntu\\ntsystem.cpp";    v34 = "Windows::Rtl::RtlGetSystem";    v35 = v7;    v36 = v8;    Windows::ErrorHandling::Rtl::CBaseFrame<Windows::ErrorHandling::Rtl::CVoidRaiseFrame>::ReportErrorOrigination(      &v38,      (int)&v33);    return v38;  }  if ( v3 & 0xFFFFFFF0 )  {    v7 = (Windows::Rtl::SystemImplementation::DirectUserProvider *)8537;    v8 = "Valid flags check failed: Flags";LABEL_7:    Windows::ErrorHandling::Rtl::CBaseFrame<Windows::ErrorHandling::Rtl::CVoidRaiseFrame>::SetInvalidParameter_NullPointer(&v38);    goto LABEL_50;  }  if ( v3 & 0xF && ((v3 & 0xF) - 1) & v3 & 0xF )  {    v7 = (Windows::Rtl::SystemImplementation::DirectUserProvider *)8538;    v8 = "No more than one flag set check failed: __e";    goto LABEL_7;  }  if ( !Windows::Rtl::SystemImplementation::g_pSystemIsolationLayerFromTest || v5 )  {    v39 = 0;    v10 = 0;    v40 = 0;    v41 = 0;    v27 = 0;    v28 = 0;    v33 = 0;    v34 = 0;    v35 = 0;    v36 = 0;    v37 = 0;    if ( v5 )    {      v11 = *(_DWORD *)v5;      if ( !*(_DWORD *)v5 )        goto LABEL_76;      v42 = 0;      v12 = Windows::Rtl::SystemImplementation::SimpleCreateInterface<Windows::Rtl::SystemImplementation::IRtlSystemIsolationLayerInternal>(              v11,              &v42);      if ( v12 < 0 )      {        v4 = v42;        goto LABEL_19;      }      v14 = v42;      v15 = *(int (__thiscall **)(struct Windows::Rtl::SystemImplementation::IRtlFileSystemProvider *))(*(_DWORD *)v42 + 8);      __guard_check_icall_fptr(*(_DWORD *)(*(_DWORD *)v42 + 8));      v16 = v15(v14);      v12 = Windows::Rtl::SystemImplementation::CSystemIsolationLayer::GetProviders(v16, &v39, &v40, &v41);      v4 = v42;      if ( v12 < 0 )      {LABEL_19:        v38 = v12;        if ( v4 )        {          v42 = 0;          v13 = **(void (__thiscall ***)(struct Windows::Rtl::SystemImplementation::IRtlFileSystemProvider *))v4;          __guard_check_icall_fptr(**(_DWORD **)v4);          v13(v4);        }        goto LABEL_69;      }      if ( v42 )      {        v42 = 0;        v17 = **(void (__thiscall ***)(struct Windows::Rtl::SystemImplementation::IRtlFileSystemProvider *))v4;        __guard_check_icall_fptr(**(_DWORD **)v4);        v17(v4);      }      v10 = v40;      if ( !v40 )      {LABEL_76:        if ( *((_DWORD *)v5 + 2) <= 0u )        {          v7 = (Windows::Rtl::SystemImplementation::DirectUserProvider *)8582;          v8 = "ConstructorData->FilesystemLayers.Length > 0";LABEL_33:          Windows::ErrorHandling::Rtl::CBaseFrame<Windows::ErrorHandling::Rtl::CVoidRaiseFrame>::SetInvalidParameter_NullPointer(&v38);LABEL_49:          Windows::AutoPointerBase<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *,Windows::Auto<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *>>::Close(&v27);          Windows::AutoPointerBase<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *,Windows::Auto<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *>>::Close(&v41);          Windows::AutoPointerBase<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *,Windows::Auto<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *>>::Close(&v39);          Windows::AutoPointerBase<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *,Windows::Auto<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *>>::Close(&v40);          goto LABEL_50;        }      }      if ( !v39 && *((_DWORD *)v5 + 4) <= 0u )      {        v7 = (Windows::Rtl::SystemImplementation::DirectUserProvider *)8585;        v8 = "ConstructorData->RegistryLayers.Length > 0";        goto LABEL_33;      }      if ( !v41 && *((_DWORD *)v5 + 6) <= 0u )      {        v7 = (Windows::Rtl::SystemImplementation::DirectUserProvider *)8588;        v8 = "ConstructorData->UserLayers.Length > 0";        goto LABEL_33;      }      v18 = Windows::Rtl::SystemImplementation::CreateFilesystemProviderStack(v11, v10, (int)v5 + 4, (int *)&v40, &v28);      if ( v18 < 0 )        goto LABEL_68;      v18 = Windows::Rtl::SystemImplementation::CreateRegistryProviderStack(v19, v39, (int)v5 + 12, &v39, &v28);      if ( v18 < 0 )        goto LABEL_68;      v18 = Windows::Rtl::SystemImplementation::CreateUserProviderStack(v31, v41, v40, v39, (int)v5 + 20, (int *)&v41);      if ( v18 < 0 )        goto LABEL_68;      goto LABEL_66;    }    v42 = 0;    v30 = 0;    v29 = 0;    if ( Windows::Auto<Windows::Rtl::SystemImplementation::DirectFileSystemProvider *>::Allocate(&v42) )    {      if ( Windows::Auto<Windows::Rtl::SystemImplementation::DirectRegistryProvider *>::Allocate(&v30) )      {        if ( Windows::Auto<Windows::Rtl::SystemImplementation::DirectUserProvider *>::Allocate(&v29) )        {          v20 = v30;          v21 = Windows::Rtl::SystemImplementation::DirectRegistryProvider::Initialize(v30);          if ( (signed int)v21 >= 0 )          {            v4 = v42;            v24 = Windows::Rtl::SystemImplementation::DirectUserProvider::Initialize(v29, v22, v31, v42, v20, 0);            if ( v24 >= 0 )            {              v40 = v4;              v39 = v20;              v41 = v29;LABEL_66:              v18 = Windows::Rtl::SystemImplementation::RtlGetTransactionCoordinator(                      &v27,                      (volatile signed __int32 *)v4);              if ( v18 >= 0 )              {                v33 = (const char *)v40;                v34 = (const char *)v39;                v35 = v41;                v37 = v28;                v36 = v27;                v18 = Windows::Rtl::CRtlOneShotTypeDescriptionInit<Windows::Rtl::SystemImplementation::CSystemIsolationLayer>::CreateInstance<Windows::Rtl::SystemImplementation::CSystemIsolationLayer_IRtlSystemIsolationLayerTearoff,Windows::Rtl::SystemImplementation::CreateSILSource,Windows::Rtl::IRtlSystemIsolationLayer>(                        (const struct Windows::Rtl::SystemImplementation::CreateSILSource *)&v33,                        v32);                if ( v18 >= 0 )                {                  Windows::AutoPointerBase<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *,Windows::Auto<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *>>::Close(&v27);                  Windows::AutoPointerBase<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *,Windows::Auto<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *>>::Close(&v41);                  Windows::AutoPointerBase<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *,Windows::Auto<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *>>::Close(&v39);                  Windows::AutoPointerBase<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *,Windows::Auto<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *>>::Close(&v40);                  goto LABEL_73;                }              }LABEL_68:              v38 = v18;              goto LABEL_69;            }            v38 = v24;            if ( v29 )              Windows::Auto<Windows::Rtl::SystemImplementation::DirectRegistryProvider *>::DeleteInstance((void *)v29);            if ( v20 )              Windows::Auto<Windows::Rtl::SystemImplementation::DirectRegistryProvider *>::DeleteInstance((void *)v20);            if ( !v4 )              goto LABEL_69;            v23 = v4;          }          else          {            v38 = (int)v21;            if ( v29 )              Windows::Auto<Windows::Rtl::SystemImplementation::DirectRegistryProvider *>::DeleteInstance((void *)v29);            if ( v20 )              Windows::Auto<Windows::Rtl::SystemImplementation::DirectRegistryProvider *>::DeleteInstance((void *)v20);            v23 = v42;            if ( !v42 )              goto LABEL_69;          }          Windows::Auto<Windows::Rtl::SystemImplementation::DirectRegistryProvider *>::DeleteInstance((void *)v23);LABEL_69:          Windows::AutoPointerBase<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *,Windows::Auto<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *>>::Close(&v27);          Windows::AutoPointerBase<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *,Windows::Auto<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *>>::Close(&v41);          Windows::AutoPointerBase<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *,Windows::Auto<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *>>::Close(&v39);          Windows::AutoPointerBase<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *,Windows::Auto<Windows::Cdf::Rtl::IRtlCdfStringTableEnumerator *>>::Close(&v40);          goto LABEL_70;        }        v7 = (Windows::Rtl::SystemImplementation::DirectUserProvider *)8637;        v38 = -1073741801;        v8 = "User.Allocate()";        if ( v29 )          Windows::Auto<Windows::Rtl::SystemImplementation::DirectRegistryProvider *>::DeleteInstance((void *)v29);      }      else      {        v7 = (Windows::Rtl::SystemImplementation::DirectUserProvider *)8636;        v38 = -1073741801;        v8 = "Reg.Allocate()";      }      if ( v30 )        Windows::Auto<Windows::Rtl::SystemImplementation::DirectRegistryProvider *>::DeleteInstance((void *)v30);    }    else    {      v7 = (Windows::Rtl::SystemImplementation::DirectUserProvider *)8635;      v38 = -1073741801;      v8 = "Fs.Allocate()";    }    if ( v42 )      Windows::Auto<Windows::Rtl::SystemImplementation::DirectRegistryProvider *>::DeleteInstance((void *)v42);    goto LABEL_49;  }  v9 = Windows::Rtl::IRtlObject::CreateRequiredInterface<Windows::Rtl::IRtlSystemIsolationLayer>(         (void *)Windows::Rtl::SystemImplementation::g_pSystemIsolationLayerFromTest,         a3);  if ( v9 < 0 )  {    v38 = v9;LABEL_70:    Windows::WCP::Rtl::CEnterExitTracer<Windows::ErrorHandling::Rtl::CSimpleNtStatusCarryingFrame,7>::~CEnterExitTracer<Windows::ErrorHandling::Rtl::CSimpleNtStatusCarryingFrame,7>(      (int)&v43,      (int)v4);    return v38;  }LABEL_73:  v46 = 1;  v38 = 0;  Windows::WCP::Rtl::CEnterExitTracer<Windows::ErrorHandling::Rtl::CSimpleNtStatusCarryingFrame,7>::~CEnterExitTracer<Windows::ErrorHandling::Rtl::CSimpleNtStatusCarryingFrame,7>(    (int)&v43,    (int)v4);  return 0;}// 1027D610: using guessed type struct Windows::Rtl::IRtlSystemIsolationLayer *Windows::Rtl::SystemImplementation::g_pSystemIsolationLayerFromTest;
0 0
2017年7月进出口数据 2017年7月进出口数据
原创粉丝点击
热门IT博客
网络电缆套什么定额网络电缆套什么定额
传奇盛世护盾数据传奇盛世护盾数据
西安 软件公寓 申请
xbox one windows
统计年鉴数据库官网
22x21x26的简便算法
js视频退出全屏
26岁零基础转行大数据
ubuntu安装vim8离线包
男士补水保湿 知乎
js定义数组对象
海迅拆单软件破解版
天天养生观耳朵知长寿
系统数据恢复软件
中国的房价数据库
道路工程量计算软件
omnigraffle mac 破解
mssql 分页sql语句
江南大学网络登录
淘宝垫付单怎么刷
热门问题 老师的惩罚 人脸识别 我在镇武司摸鱼那些年 重生之率土为王 我在大康的咸鱼生活 盘龙之生命进化 天生仙种 凡人之先天五行 春回大明朝 姑娘不必设防,我是瞎子 南通房产新房 南京新房楼盘 济南新房楼盘 新开盘的楼盘 北京房天下搜房网 房价温江 印象欧洲 平谷新楼盘 万科城 大学城房价 小户型楼盘 楼盘销售 北京周边房价 楼盘活动 不限购楼盘 精装楼盘 一手房楼盘 搜房网广州 星河湾 广州新楼盘 广州楼市 北京市房价 武清新房 商品房现房 北京房产价格 福州新楼盘房价 现在买房首付多少 房产多少年 菏泽房产 天津新开盘楼盘 吉林房产网 滁州房地产 海外房产网站 湛江房产网 株洲房产 什么是现房 以房买房 衡水房产价格 新楼盘价格 株洲房地产 大房子

程序博客网,程序员的互联网技术博客家园。csdn论坛精品 msdn技术资料都在这里