Created
June 30, 2018 11:13
-
-
Save TuxSH/ff87bf964350e4c6b19b5d6a479c0219 to your computer and use it in GitHub Desktop.
kip
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Result __fastcall Kip1::ParseHeader(Kip1 **thisPtr, ProcessCreationInfo *a2, bool aslrEnabled) | |
{ | |
Kip1 **v3; // x20 | |
Kip1 *v4; // x22 | |
__int64 textOutOffset; // x8 | |
bool v6; // w21 | |
ProcessCreationInfo *v7; // x19 | |
unsigned __int64 v8; // x9 | |
unsigned __int64 dataOutOffset; // x10 | |
Result result; // w0 | |
unsigned int bssOutOffset; // w11 | |
__int64 dataEnd; // x9 | |
u32 bssDecompressedSize; // w10 | |
unsigned __int8 bssOverflows; // cf | |
unsigned int bssEnd; // w11 | |
unsigned __int64 v16; // x23 | |
bool v17; // zf | |
signed __int64 v18; // x10 | |
u64 v19; // x8 | |
__int64 v20; // x9 | |
int v21; // w8 | |
Kip1 *v22; // x10 | |
u8 v23; // w9 | |
v3 = thisPtr; | |
v4 = *thisPtr; | |
textOutOffset = (*thisPtr)->text.outOffset; | |
v6 = aslrEnabled; | |
v7 = a2; | |
if ( textOutOffset & 0xFFF ) | |
return 0xCC01; | |
v8 = v4->rodata.outOffset; | |
if ( v8 & 0xFFF ) | |
return 0xCC01; | |
dataOutOffset = v4->data.outOffset; | |
if ( dataOutOffset & 0xFFF | |
|| textOutOffset + (((unsigned __int64)v4->text.decompressedSize + 4095) >> 12) > v8 | |
|| v8 + (((unsigned __int64)v4->rodata.decompressedSize + 4095) >> 12) > dataOutOffset ) | |
{ | |
return 0xCC01; | |
} | |
bssOutOffset = v4->bss.outOffset; | |
LODWORD(dataEnd) = v4->data.decompressedSize + dataOutOffset; | |
result = 52225; | |
if ( (unsigned int)dataEnd <= bssOutOffset && (unsigned int)dataOutOffset <= (unsigned int)dataEnd ) | |
{ | |
bssDecompressedSize = v4->bss.decompressedSize; | |
bssOverflows = __CFADD__(bssDecompressedSize, bssOutOffset); | |
bssEnd = bssDecompressedSize + bssOutOffset; | |
if ( bssOverflows ) | |
return 0xCC01; | |
if ( !(v4->flags & 8) && v4->flags & 0x10 ) | |
return 59393; | |
if ( v4->flags & 0x10 ) | |
v16 = 0x8000000000LL; | |
else | |
v16 = 0x40000000LL; | |
if ( (_DWORD)textOutOffset ) | |
goto LABEL_35; | |
v17 = bssDecompressedSize == 0; | |
v18 = 0x200000LL; | |
if ( v17 ) | |
dataEnd = (unsigned int)dataEnd; | |
else | |
dataEnd = bssEnd; | |
if ( v4->flags & 0x10 ) | |
v18 = 0x8000000LL; | |
a2->codeAddress = v18 + textOutOffset; | |
a2->codeNumPages = (unsigned __int64)(4095 - textOutOffset + dataEnd) >> 12; | |
a2->titleId = v4->titleId; | |
a2->category = v4->field_kprocess_0x280; | |
memset(a2, 0, 0xCuLL); | |
memcpy(v7, v4->name, 0xCuLL); | |
v19 = v7->codeAddress; | |
v20 = v7->codeNumPages; | |
v7->mmuFlags = 0; | |
if ( v20 + (v19 >> 12) > v16 >> 12 ) | |
LABEL_35: | |
kernelpanic(); | |
if ( v6 ) | |
{ | |
v7->codeAddress += randrange(0LL, (v16 >> 21) - ((v19 + (v20 << 12) + 0x1FFFFF) >> 21)) << 21; | |
v21 = v7->mmuFlags | 0x20; | |
v7->mmuFlags = v21; | |
v22 = *v3; | |
v23 = (*v3)->flags; | |
if ( !((*v3)->flags & 8) ) | |
{ | |
LABEL_27: | |
result = 0; | |
if ( v23 & 0x10 ) | |
v21 |= 6u; | |
v7->mmuFlags = v21; | |
return result; | |
} | |
} | |
else | |
{ | |
v21 = 0; | |
v22 = *v3; | |
v23 = (*v3)->flags; | |
if ( !((*v3)->flags & 8) ) | |
goto LABEL_27; | |
} | |
v21 |= 1u; | |
v7->mmuFlags = v21; | |
v23 = v22->flags; | |
goto LABEL_27; | |
} | |
return result; | |
} | |
BOOL __fastcall Kip1::Decompress(Kip1 **thisPtr, u8 *buffer, ProcessCreationInfo *processCreationInfo) | |
{ | |
Kip1 *this; // x26 | |
char *v5; // x25 | |
__int64 v6; // x21 | |
__int64 v7; // x22 | |
__int64 v8; // x23 | |
__int64 v9; // x24 | |
u8 *v10; // x20 | |
Kip1 *v11; // x8 | |
u8 *v12; // x21 | |
u8 *v13; // x22 | |
u8 *v14; // x20 | |
this = *thisPtr; | |
v5 = (char *)*thisPtr + (*thisPtr)->text.compressedSize; | |
v6 = (*thisPtr)->text.outOffset; | |
v7 = (*thisPtr)->rodata.outOffset; | |
v8 = (*thisPtr)->data.outOffset; | |
v9 = (*thisPtr)->rodata.compressedSize; | |
v10 = buffer; | |
memset(buffer, 0, (signed __int64)processCreationInfo->codeNumPages << 12); | |
v11 = *thisPtr; | |
if ( ((*thisPtr)->text.decompressedSize + 4095LL) & 0x1FFFFF000LL ) | |
{ | |
v12 = &v10[v6]; | |
memcpy(v12, &this[1], v11->text.compressedSize); | |
v11 = *thisPtr; | |
if ( (*thisPtr)->flags & 1 ) | |
{ | |
LZ4::DecompressInPlace(&v12[v11->text.compressedSize]); | |
v11 = *thisPtr; | |
} | |
} | |
if ( (v11->rodata.decompressedSize + 4095LL) & 0x1FFFFF000LL ) | |
{ | |
v13 = &v10[v7]; | |
memcpy(v13, v5 + 256, v11->rodata.compressedSize); | |
v11 = *thisPtr; | |
if ( (*thisPtr)->flags & 2 ) | |
{ | |
LZ4::DecompressInPlace(&v13[v11->rodata.compressedSize]); | |
v11 = *thisPtr; | |
} | |
} | |
if ( (v11->data.decompressedSize + 4095LL) & 0x1FFFFF000LL ) | |
{ | |
v14 = &v10[v8]; | |
memcpy(v14, &v5[v9 + 256], v11->data.compressedSize); | |
if ( (*thisPtr)->flags & 4 ) | |
LZ4::DecompressInPlace(&v14[(*thisPtr)->data.compressedSize]); | |
} | |
cleanInvalidateDataCache(); | |
invalidateInstructionCache(); | |
return 0; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment