这游戏以前分析过,本贴再写得详细一些。
) v( i5 L$ m' g7 d: B/ J& E+ K* G: C这是一个DirectDraw游戏,在Post Mortem\Dlls下的DX7SoundManager.dll里完成对DirectDraw的初始化,
+ X6 [. \ ?/ v* x3 d注意,初始化不是用导入函数方式进行,而是以loadlibrary方式进行的。
. m3 T+ |7 V% t% X- f7 u! z+ W& X2 c7 q4 `
参考DDRAW.H得知CreateSurface是其中第7个函数,则函数偏移量为4X(7-1)=24,就是0x18.
9 U! y* c2 P5 {3 F X- STDMETHOD(QueryInterface) (THIS_ REFIID riid, LPVOID FAR * ppvObj) PURE;
" _/ r* j* N3 a. d - STDMETHOD_(ULONG,AddRef) (THIS) PURE;
1 f% l) l. b& |+ I - STDMETHOD_(ULONG,Release) (THIS) PURE;' G6 C' l- s# J& W3 `+ k3 K
- STDMETHOD(Compact)(THIS) PURE;% `1 s8 v6 q W- {. v/ @
- STDMETHOD(CreateClipper)(THIS_ DWORD, LPDIRECTDRAWCLIPPER FAR*, IUnknown FAR * ) PURE;
8 j. ~# s* R2 H0 @+ x - STDMETHOD(CreatePalette)(THIS_ DWORD, LPPALETTEENTRY, LPDIRECTDRAWPALETTE FAR*, IUnknown FAR * ) PURE;9 a, r8 _$ A0 G( d2 I: R& M7 c1 }- v
- STDMETHOD(CreateSurface)(THIS_ LPDDSURFACEDESC, LPDIRECTDRAWSURFACE FAR *, IUnknown FAR *) PURE;
以下一段中完成CreateSurface。- .text:24BC2E53 call dword ptr [ecx+18h]
" g4 C, k. K. t+ ~/ t# Z L, {! k, k
: u, x/ ^( G; i" x9 e
2 \, Z4 G& F" F o( z- # Q( e9 o% A' C8 u1 e' }1 Z
- .text:24BC2CD2 ; =============== S U B R O U T I N E =======================================# J$ P ]9 M( g, D9 _0 z
- .text:24BC2CD2+ k2 @& _/ d7 L+ ~% b. U# H9 ~
- .text:24BC2CD2 ; Attributes: bp-based frame& w$ I) L8 }6 z; v$ }
- .text:24BC2CD2
. x p( F0 _4 @6 u - .text:24BC2CD2 sub_24BC2CD2 proc near ; CODE XREF: .text:loc_24BC2811↑p d9 h" `+ j# z8 _
- .text:24BC2CD2
' I; a3 t4 u7 t - .text:24BC2CD2 Dst = dword ptr -90h
# j! @& W5 t9 o/ o7 Z/ n - .text:24BC2CD2 var_8C = dword ptr -8Ch
0 d" ]& m* V+ T0 n* H0 k - .text:24BC2CD2 var_28 = dword ptr -28h
1 N2 o: I5 G+ i6 h a5 z) I - .text:24BC2CD2 var_24 = dword ptr -24h3 q: H4 i4 M! G8 q" e& }
- .text:24BC2CD2 var_20 = dword ptr -20h; {" }5 j8 F' z
- .text:24BC2CD2 var_1C = dword ptr -1Ch- j" V: W ^9 b7 c& w+ i
- .text:24BC2CD2 var_18 = dword ptr -18h
2 O( [0 S' L# {" _" `9 ?6 ~ - .text:24BC2CD2 ppv = dword ptr -14h" v& s4 L6 k5 J! u2 P+ K- N, S- |! S
- .text:24BC2CD2 var_10 = dword ptr -10h
5 r+ \# P; c# t- N) r, S - .text:24BC2CD2 var_C = dword ptr -0Ch4 A. y" a- W* R3 K( ~: ?% U
- .text:24BC2CD2 var_8 = dword ptr -82 k6 Z' v& Y S% g% v
- .text:24BC2CD2 hLibModule = dword ptr -4& u( G6 z+ d/ W
- .text:24BC2CD27 c5 ]+ K- X' `6 L/ F& I
- .text:24BC2CD2 push ebp
$ y3 O$ F5 X2 B8 W1 Y - .text:24BC2CD3 mov ebp, esp' D- Y- {8 ~: ~3 F+ d2 Q$ g
- .text:24BC2CD5 sub esp, 90h* n: W1 r' z2 j9 L
- .text:24BC2CDB push ebx
$ a* F, \% s0 w$ x - .text:24BC2CDC mov ebx, ds:LoadLibraryA2 M7 E# e$ P' Z: Z/ z+ y2 H
- .text:24BC2CE2 push esi9 Z6 r, t, d3 w7 z* A
- .text:24BC2CE3 push edi0 l) F" n7 s# [' e6 @/ S5 C
- .text:24BC2CE4 xor edi, edi# p: y3 v( D# B- w ^
- .text:24BC2CE6 push offset LibFileName ; "DDRAW.DLL"
( f0 X! V1 |, e1 [+ o - .text:24BC2CEB mov [ebp+var_8], edi
- U+ m2 s' N. L9 h7 H& L; X - .text:24BC2CEE mov [ebp+var_1C], edi3 d* b7 w. B# U
- .text:24BC2CF1 mov [ebp+var_C], edi
2 H7 _! T4 d# R0 z& V8 u' u - .text:24BC2CF4 mov [ebp+var_10], edi
" Q; [$ ~2 }. w9 [ - .text:24BC2CF7 mov [ebp+var_18], edi
# y( r7 r9 [# O. i* }2 J - .text:24BC2CFA call ebx ; LoadLibraryA
' w5 T7 k) W1 a8 y6 ]$ L5 f - .text:24BC2CFC mov esi, eax0 A; U+ f: b! ?% b* M, @* Z9 N
- .text:24BC2CFE cmp esi, edi
/ {6 D1 m) k5 F+ K( m% ~: e( Q9 M - .text:24BC2D00 mov [ebp+hLibModule], esi
0 g% ?! N9 X: N2 @- v - .text:24BC2D03 jnz short loc_24BC2D0F4 k* j' u( |/ m6 }# t
- .text:24BC2D05 push offset aCouldnTLoadlib ; "Couldn't LoadLibrary DDraw\r\n"
A' ~) U% N0 { - .text:24BC2D0A jmp loc_24BC2E6D
B2 c2 Z% ?' O2 j9 s- } - .text:24BC2D0F ; --------------------------------------------------------------------------- X, m" _+ H. @( U5 W
- .text:24BC2D0F) C2 Z1 r! ~( N3 \; \6 ~, i
- .text:24BC2D0F loc_24BC2D0F: ; CODE XREF: sub_24BC2CD2+31↑j" d1 T4 O8 F; \! U$ E: l4 A: W
- .text:24BC2D0F push offset ProcName ; "DirectDrawCreate"
/ c3 b* n: O4 T [; j4 ] - .text:24BC2D14 push esi ; hModule' R: L4 t8 f- c/ C- [
- .text:24BC2D15 call ds:GetProcAddress- ^4 \ A0 G$ Y- n
- .text:24BC2D1B cmp eax, edi: i* J& f& |9 i% }: c% o) t
- .text:24BC2D1D jnz short loc_24BC2D30
$ Z9 `( r; M: N+ o7 | - .text:24BC2D1F push esi ; hLibModule. l2 K% _* k! J
- .text:24BC2D20 call ds:FreeLibrary
& s4 j! x& P( y! w4 W - .text:24BC2D26 push offset aCouldnTGetproc ; "Couldn't GetProcAddress DirectDrawCreat"...
) f. E7 B) Y! k/ v8 \ - .text:24BC2D2B jmp loc_24BC2E6D
: U4 u' S* M p5 ]# o - .text:24BC2D30 ; ---------------------------------------------------------------------------
* w5 D! Q( N, h: ^ - .text:24BC2D30: K4 ?! d7 P; J1 P0 _7 X$ l6 m1 Q" W
- .text:24BC2D30 loc_24BC2D30: ; CODE XREF: sub_24BC2CD2+4B↑j
# J% o# N! ~7 B ? - .text:24BC2D30 lea ecx, [ebp+var_8]
" i2 }3 V2 `; ^9 X. K - .text:24BC2D33 push edi
2 v, K! S) a0 w3 n- V3 e( R. ] - .text:24BC2D34 push ecx
" d. O2 m$ ^" q1 Z2 O' n# S8 S4 J - .text:24BC2D35 push edi
, ]0 e' }3 y& l0 b0 B- Q - .text:24BC2D36 call eax6 W( G7 P: i1 X% G7 Y( Q: ^
- .text:24BC2D38 test eax, eax
+ g# } S7 {! { S8 d - .text:24BC2D3A jge short loc_24BC2D4D
4 r K- [ g, s& \5 y - .text:24BC2D3C push esi ; hLibModule
' n9 D3 a" f2 w: v$ t3 M) W7 J) t' O - .text:24BC2D3D call ds:FreeLibrary
) _/ o$ H* J* \+ W9 h1 f - .text:24BC2D43 push offset aCouldnTCreateD ; "Couldn't create DDraw\r\n"- r9 r9 I$ V) |8 N6 e% T5 O
- .text:24BC2D48 jmp loc_24BC2E6D% g. M4 V7 |) M8 P4 {0 r
- .text:24BC2D4D ; ---------------------------------------------------------------------------! R$ U- {, y7 s# Y, M: @
- .text:24BC2D4D' j( \2 ]/ C0 F
- .text:24BC2D4D loc_24BC2D4D: ; CODE XREF: sub_24BC2CD2+68↑j
4 T3 b' b( m; p9 Q: h0 f& o - .text:24BC2D4D mov eax, [ebp+var_8]
9 y" a0 t1 p; s. Q& j - .text:24BC2D50 lea edx, [ebp+var_1C]
0 A4 ^2 V! ^+ A, n0 Z! W - .text:24BC2D53 push edx
' Q, b' y2 ?0 H4 _) w0 m# ~ - .text:24BC2D54 push offset unk_24BC4470
9 @) o+ o, r" @: ~5 L - .text:24BC2D59 mov ecx, [eax]9 B! [, G5 k+ B, Y4 Q* \6 R" U
- .text:24BC2D5B push eax
7 a, r+ |! H- E0 x# D - .text:24BC2D5C call dword ptr [ecx]7 @1 C" V3 v4 d; L' y# b j
- .text:24BC2D5E test eax, eax* O7 i9 s( ]$ B3 a# V3 D
- .text:24BC2D60 jge short loc_24BC2D87( j, O- c: q! ^
- .text:24BC2D62 mov eax, [ebp+var_8]1 ?( N8 p; |1 m: G
- .text:24BC2D65 push eax/ m# H# z9 f" k9 T v% M6 _: N n
- .text:24BC2D66 mov ecx, [eax]5 g/ }, X+ Z- O% f7 g
- .text:24BC2D68 call dword ptr [ecx+8]
) U* \# J2 u5 d0 Q# y" F, A' ] - .text:24BC2D6B push esi ; hLibModule) X3 b3 i, k& S4 ?
- .text:24BC2D6C call ds:FreeLibrary
$ G7 Y! Z# r7 b% j* i- M - .text:24BC2D72 push offset OutputString ; "Couldn't QI DDraw2\r\n", J. W! r% j7 B! b$ G
- .text:24BC2D77 call ds:OutputDebugStringA
! }0 B3 ?3 @9 O& @' \ - .text:24BC2D7D mov eax, 100h
5 G5 L. D* M: C& e! j - .text:24BC2D82 jmp loc_24BC3011" E( h9 {! U B+ V
- .text:24BC2D87 ; --------------------------------------------------------------------------- E8 m) O3 S$ F, Q8 J
- .text:24BC2D87
9 N6 ^# g- M* m8 a* Q - .text:24BC2D87 loc_24BC2D87: ; CODE XREF: sub_24BC2CD2+8E↑j7 V3 q9 s" Q" V: d
- .text:24BC2D87 mov eax, [ebp+var_1C]; w% n: C Q6 Y% Z
- .text:24BC2D8A push eax
5 D3 {& Q+ A$ { - .text:24BC2D8B mov ecx, [eax]& F6 A, D5 @9 Z0 t0 v9 n' \
- .text:24BC2D8D call dword ptr [ecx+8]
; F0 L6 `8 w: D; E; ?" w - .text:24BC2D90 push offset aDinputDll ; "DINPUT.DLL". _5 Q/ T) U! Y% ]! i+ I6 o
- .text:24BC2D95 call ebx ; LoadLibraryA
. p0 v3 T9 [( @& ?- c - .text:24BC2D97 mov esi, eax
9 m' w6 L/ o8 c9 P - .text:24BC2D99 cmp esi, edi2 o- A' U* r/ }3 a$ f
- .text:24BC2D9B jnz short loc_24BC2DB6, ]) E, \/ d/ s
- .text:24BC2D9D mov eax, [ebp+var_8]
5 {+ }! x- `3 A/ t - .text:24BC2DA0 push eax
9 R3 b5 d$ S1 j% M - .text:24BC2DA1 mov ecx, [eax]7 O% }) R, d2 e% B& N {4 Y
- .text:24BC2DA3 call dword ptr [ecx+8]
" g- W. i6 V7 v - .text:24BC2DA6 push [ebp+hLibModule] ; hLibModule2 {7 p H: L9 {8 }* }
- .text:24BC2DA9 call ds:FreeLibrary
0 O9 ?% j7 W% S, N+ A1 @3 I! \ - .text:24BC2DAF push offset aCouldnTLoadlib_0 ; "Couldn't LoadLibrary DInput\r\n"
' [ R$ G, v" L' D - .text:24BC2DB4 jmp short loc_24BC2DE2- r( U2 j# s% [6 q f
- .text:24BC2DB6 ; ---------------------------------------------------------------------------
2 l/ T# X6 z9 E* @4 r - .text:24BC2DB60 `) {* K/ S$ u; Z% [% A" M+ @& |
- .text:24BC2DB6 loc_24BC2DB6: ; CODE XREF: sub_24BC2CD2+C9↑j& b7 S3 E5 \$ |' m
- .text:24BC2DB6 push offset aDirectinputcre ; "DirectInputCreateA"( s+ }, L; E& z6 l; U
- .text:24BC2DBB push esi ; hModule
`# c0 \0 A; l8 O0 c9 v - .text:24BC2DBC call ds:GetProcAddress
, C1 T6 T* R3 ~# ~7 A6 l - .text:24BC2DC2 push esi ; hLibModule8 x6 W, @. ^! M& T8 B
- .text:24BC2DC3 mov esi, ds:FreeLibrary
. \) J: Z* n1 L# S( ~4 t+ G - .text:24BC2DC9 test eax, eax, Y/ j$ r" H+ Y8 _# H4 Z
- .text:24BC2DCB jnz short loc_24BC2DF2* P5 b- a0 s; W) G8 |. o. i' d e) l5 @
- .text:24BC2DCD call esi ; FreeLibrary$ C" N/ a2 G6 C ^3 E9 A2 E
- .text:24BC2DCF mov eax, [ebp+var_8]* }( s; Y3 |- P( f+ J& I
- .text:24BC2DD2 push eax) `. E v4 a1 x* D8 n, `) K
- .text:24BC2DD3 mov ecx, [eax]" \! d/ w4 p3 N6 x
- .text:24BC2DD5 call dword ptr [ecx+8]
* Z6 l4 X* {( D# h" x) v, Q - .text:24BC2DD8 push [ebp+hLibModule] ; hLibModule# y/ B. G" F4 c" |
- .text:24BC2DDB call esi ; FreeLibrary! @' t" u9 Y( _0 ]
- .text:24BC2DDD push offset aCouldnTGetproc_0 ; "Couldn't GetProcAddress DInputCreate\r"...: T% B: ?7 S! r: n& }& c& m! g
- .text:24BC2DE2
$ a2 z' G& D A" z/ X. v: `4 P9 l - .text:24BC2DE2 loc_24BC2DE2: ; CODE XREF: sub_24BC2CD2+E2↑j
3 Q Z! C# G& X$ N. \ - .text:24BC2DE2 call ds:OutputDebugStringA
; p' Z6 }: n7 w. ?9 v4 Z - .text:24BC2DE8 mov eax, 200h
T' H" F |/ U! v. q c0 b - .text:24BC2DED jmp loc_24BC3011
1 @5 S, Y+ i5 h) Z, f: o2 ~+ G - .text:24BC2DF2 ; ---------------------------------------------------------------------------' H! G3 N$ n: H; ?& ?
- .text:24BC2DF2# T% N4 f5 l" e6 L9 F- B" d
- .text:24BC2DF2 loc_24BC2DF2: ; CODE XREF: sub_24BC2CD2+F9↑j0 y! K! C7 V5 A( [1 [# Y
- .text:24BC2DF2 call esi ; FreeLibrary
; q7 a0 l# K/ s6 l - .text:24BC2DF4 push 6Ch ; Size
$ Q! _9 |1 t. y$ d3 Q& x* F( } - .text:24BC2DF6 lea eax, [ebp+Dst]
3 \ y* K6 l1 F7 p8 I; n - .text:24BC2DFC push edi ; Val
: B* _7 I) g, q5 l - .text:24BC2DFD push eax ; Dst+ r! Y# y4 g2 }7 t% J
- .text:24BC2DFE call memset% R! z& O9 x& o- G8 F: Z
- .text:24BC2E03 mov eax, [ebp+var_8]
, w0 k3 s; o2 B( c - .text:24BC2E06 add esp, 0Ch
. f0 ~" p0 K, E: a, t# ]8 t - .text:24BC2E09 mov [ebp+Dst], 6Ch: |) Z8 ]" H, I5 o, o( G% u
- .text:24BC2E13 mov [ebp+var_8C], 1$ U, h+ i! C) g& h7 g: H
- .text:24BC2E1D mov [ebp+var_28], 200h) E! K8 W9 _+ w2 H
- .text:24BC2E24 mov ecx, [eax]
( r- z, d& J6 G- P2 [4 v+ K" E - .text:24BC2E26 push 8
+ e2 |* d X) Y! _( R( H, V - .text:24BC2E28 push edi
' v5 ?3 G, y/ ^5 c0 \* ]& J' T7 }# B* A - .text:24BC2E29 push eax
j3 u0 y( F( ^. k' f! M - .text:24BC2E2A call dword ptr [ecx+50h]# ^0 k. J2 Z$ u$ u
- .text:24BC2E2D test eax, eax
8 G$ p! e# d# ~- C! @0 J2 j - .text:24BC2E2F mov eax, [ebp+var_8]
$ X7 e3 ?- u- T: [ - .text:24BC2E32 mov ecx, [eax]
7 g( s7 H4 A! D - .text:24BC2E34 jge short loc_24BC2E463 S2 d, H7 ^7 r6 {$ U/ R* ]
- .text:24BC2E36 push eax/ Q. I7 \* r: z7 ]9 V
- .text:24BC2E37 call dword ptr [ecx+8]6 o/ T8 [% Z1 x( m2 Q
- .text:24BC2E3A push [ebp+hLibModule] ; hLibModule
* G# T/ w- @! T6 r" s f0 n, j7 G - .text:24BC2E3D call esi ; FreeLibrary
3 z/ i; y( b5 `0 w - .text:24BC2E3F push offset aCouldnTSetCoop ; "Couldn't Set coop level\r\n"
) S; T! b1 p5 \ - .text:24BC2E44 jmp short loc_24BC2E6D
3 T! {/ e1 l M: Y5 P - .text:24BC2E46 ; ---------------------------------------------------------------------------
# i3 Q% y' m) i5 F5 X1 k: \ - .text:24BC2E46% s+ n7 \& ?2 l2 v: p
- .text:24BC2E46 loc_24BC2E46: ; CODE XREF: sub_24BC2CD2+162↑j
& \6 ~0 `) { [/ q! p - .text:24BC2E46 lea edx, [ebp+var_C]
2 M. S# K' K5 }- I' P - .text:24BC2E49 push edi
+ {. n3 C2 i2 O; U: p, D7 X+ l' g - .text:24BC2E4A push edx
& s* ?3 @, C% Z3 M# W$ r" h( d ] - .text:24BC2E4B lea edx, [ebp+Dst]$ E+ t" z1 k8 G2 {# }8 n
- .text:24BC2E51 push edx
! i" R7 A7 n0 r( x - .text:24BC2E52 push eax
; n/ m7 G: q" {( y- [ j6 J - .text:24BC2E53 call dword ptr [ecx+18h]- t8 c* ~& n: r9 V( S
- .text:24BC2E56 test eax, eax
& b5 i7 G( r# j1 a. W - .text:24BC2E58 jge short loc_24BC2E7A$ A& T- f* ^ l B& n, I! q$ b
- .text:24BC2E5A mov eax, [ebp+var_8]- k5 u: @& A6 r5 G! \- M
- .text:24BC2E5D push eax
( h) \ @4 k! ^# Q3 t. _) D - .text:24BC2E5E mov ecx, [eax]
Y0 |4 r6 c" C - .text:24BC2E60 call dword ptr [ecx+8]
& Z- X, Y P1 q: H - .text:24BC2E63 push [ebp+hLibModule] ; hLibModule
* p( K/ o9 c! |8 l( A& |& y - .text:24BC2E66 call esi ; FreeLibrary; ?/ {4 v) ~8 H0 n+ F" o
- .text:24BC2E68 push offset aCouldnTCreates ; "Couldn't CreateSurface\r\n"
* ]- m2 `/ y$ [& L7 G - .text:24BC2E6D
% {- \, }" k; ?" Q - .text:24BC2E6D loc_24BC2E6D: ; CODE XREF: sub_24BC2CD2+38↑j" q7 C1 o9 d1 d* l; s
- .text:24BC2E6D ; sub_24BC2CD2+59↑j ...+ `6 h- Q4 @" @! v3 s: B
- .text:24BC2E6D call ds:OutputDebugStringA
6 ?- n! c% y: V+ X s' b9 f4 ~, @ - .text:24BC2E73 xor eax, eax+ f9 i# b$ z* }6 k
- .text:24BC2E75 jmp loc_24BC3011) z# O/ Y( @) q1 N9 Y8 l
- .text:24BC2E7A ; ---------------------------------------------------------------------------
5 B0 e: C$ @3 h( N
1 r9 R+ ]3 F- _9 x* V; | |
发表于 2023-8-25 16:59
QQ好友和群
QQ空间
腾讯微博
腾讯朋友
收藏
分享
很美好
很差劲
