这游戏以前分析过,本贴再写得详细一些。$ D$ O, m* t, D) w# x; k" k
这是一个DirectDraw游戏,在Post Mortem\Dlls下的DX7SoundManager.dll里完成对DirectDraw的初始化,
% ^9 e& L) S/ w5 m0 U( _' ] _注意,初始化不是用导入函数方式进行,而是以loadlibrary方式进行的。
' ^2 N5 h7 D. U
# Z& n& r5 O, l* z" g) g. q参考DDRAW.H得知CreateSurface是其中第7个函数,则函数偏移量为4X(7-1)=24,就是0x18.# m5 Q3 t+ S" x' f# U# Y8 Q
- STDMETHOD(QueryInterface) (THIS_ REFIID riid, LPVOID FAR * ppvObj) PURE;& ?7 B- V1 n2 S8 o& i7 G* N1 ~
- STDMETHOD_(ULONG,AddRef) (THIS) PURE;
9 @% K0 f7 ]) ^6 }3 f0 m - STDMETHOD_(ULONG,Release) (THIS) PURE;
4 b' `, q4 I* k: f/ F9 n - STDMETHOD(Compact)(THIS) PURE;
0 C9 p$ s- [! m9 u9 l! q* F' m - STDMETHOD(CreateClipper)(THIS_ DWORD, LPDIRECTDRAWCLIPPER FAR*, IUnknown FAR * ) PURE;
# J' x3 N# C( j7 Y- O* G5 o7 n+ ? - STDMETHOD(CreatePalette)(THIS_ DWORD, LPPALETTEENTRY, LPDIRECTDRAWPALETTE FAR*, IUnknown FAR * ) PURE;- s% [& A" ?8 z+ E$ j
- STDMETHOD(CreateSurface)(THIS_ LPDDSURFACEDESC, LPDIRECTDRAWSURFACE FAR *, IUnknown FAR *) PURE;
; y4 Q- J ^. O以下一段中完成CreateSurface。- .text:24BC2E53 call dword ptr [ecx+18h]
1 y+ [4 m: q5 N2 E0 o3 x) W
. M. H( q! y: e- h' n& g; U
3 y- n- |0 d, v$ b1 E$ G% u
- : ?* u' r$ c0 m- E% X/ g( {# E
- .text:24BC2CD2 ; =============== S U B R O U T I N E =======================================
+ ]+ ] l& m: p; ~ - .text:24BC2CD2
! F. z( i |. ~4 n V - .text:24BC2CD2 ; Attributes: bp-based frame& t3 j4 c2 P: X2 A1 U) p
- .text:24BC2CD23 E* D: r+ d; r9 g9 N
- .text:24BC2CD2 sub_24BC2CD2 proc near ; CODE XREF: .text:loc_24BC2811↑p$ a- M/ N0 n" G) Z5 i$ c
- .text:24BC2CD2! Y1 K3 R# t4 d, `! W
- .text:24BC2CD2 Dst = dword ptr -90h0 h" r) L# A' m+ _
- .text:24BC2CD2 var_8C = dword ptr -8Ch
9 U9 s: I ]- X! ? - .text:24BC2CD2 var_28 = dword ptr -28h# k9 H4 B; d9 D3 Q* r
- .text:24BC2CD2 var_24 = dword ptr -24h
9 [% B/ g0 }. R$ v+ P - .text:24BC2CD2 var_20 = dword ptr -20h
) h% V4 C8 R9 c/ e- ~1 f% a+ e4 H - .text:24BC2CD2 var_1C = dword ptr -1Ch7 u1 P. I3 M2 g. Q% b, s
- .text:24BC2CD2 var_18 = dword ptr -18h
& _( Y9 q1 U, C! W; i5 x2 v5 X - .text:24BC2CD2 ppv = dword ptr -14h
4 [* K# x; Q% X" E8 [0 o% @ - .text:24BC2CD2 var_10 = dword ptr -10h
" Y: f J7 U+ @% M( ] - .text:24BC2CD2 var_C = dword ptr -0Ch
' H4 w4 M( l2 J. n - .text:24BC2CD2 var_8 = dword ptr -8) b7 @6 a9 i0 o* a
- .text:24BC2CD2 hLibModule = dword ptr -4
$ X7 T8 @9 ^: R - .text:24BC2CD2
) q; X* p$ e7 F g: k3 H* O) _& K - .text:24BC2CD2 push ebp
! U) c- v: a7 g9 v - .text:24BC2CD3 mov ebp, esp
, |/ W+ g" N8 H3 Q$ Z% H - .text:24BC2CD5 sub esp, 90h
; j0 y2 r" d, r' {; P% F( Q - .text:24BC2CDB push ebx3 q- p! s8 J: }
- .text:24BC2CDC mov ebx, ds:LoadLibraryA
! a @9 y$ f5 @( I: y - .text:24BC2CE2 push esi U6 Z3 _$ C* }: M
- .text:24BC2CE3 push edi& w2 B' l+ n- m. q( ]$ t9 o
- .text:24BC2CE4 xor edi, edi1 t9 w3 w' A; W! n2 B% I5 ?$ {1 z
- .text:24BC2CE6 push offset LibFileName ; "DDRAW.DLL"7 Y5 |' ]" ~! n% ~! F9 W1 x# L. b
- .text:24BC2CEB mov [ebp+var_8], edi% F0 ~* u0 c' N/ q
- .text:24BC2CEE mov [ebp+var_1C], edi3 k+ Z8 v7 g3 `) l1 p
- .text:24BC2CF1 mov [ebp+var_C], edi
9 q, D A, _8 D - .text:24BC2CF4 mov [ebp+var_10], edi
8 S7 L) X5 _+ z - .text:24BC2CF7 mov [ebp+var_18], edi
! p( S8 n1 m5 |; `0 A - .text:24BC2CFA call ebx ; LoadLibraryA
" \7 L! q- ?& j9 x1 i. ~ - .text:24BC2CFC mov esi, eax
( b$ G9 ?' F7 m+ H$ z1 \; J - .text:24BC2CFE cmp esi, edi
+ b# ^: u- k' X& m3 r9 A+ @/ ~ - .text:24BC2D00 mov [ebp+hLibModule], esi/ ~9 @+ `% M4 e) ~# e/ F
- .text:24BC2D03 jnz short loc_24BC2D0F
+ u- \0 W; r9 I& m/ X - .text:24BC2D05 push offset aCouldnTLoadlib ; "Couldn't LoadLibrary DDraw\r\n". u2 \: x' }# A* i& w% _
- .text:24BC2D0A jmp loc_24BC2E6D9 Y3 E2 I/ i! Y$ B$ K/ p2 Y
- .text:24BC2D0F ; ---------------------------------------------------------------------------( N" \8 v, I3 Z1 }" M/ N
- .text:24BC2D0F% ]1 X$ E9 L1 ?( Y6 W$ i- l
- .text:24BC2D0F loc_24BC2D0F: ; CODE XREF: sub_24BC2CD2+31↑j; ^( f% t3 F3 p& T7 r! ]& {0 v
- .text:24BC2D0F push offset ProcName ; "DirectDrawCreate"3 D! o3 I- t$ C1 Q
- .text:24BC2D14 push esi ; hModule
$ E, [" z" b1 N* B; t6 U1 j2 x& { - .text:24BC2D15 call ds:GetProcAddress
" p* G- e& p# X# Q3 r - .text:24BC2D1B cmp eax, edi& m8 _2 c& C8 G+ s4 l. X0 J
- .text:24BC2D1D jnz short loc_24BC2D30) Z9 M9 I Z$ m1 z
- .text:24BC2D1F push esi ; hLibModule
' ]2 K3 O( B5 e) Y1 P - .text:24BC2D20 call ds:FreeLibrary6 Y) U! I) j/ W. o. E
- .text:24BC2D26 push offset aCouldnTGetproc ; "Couldn't GetProcAddress DirectDrawCreat"...' Z0 o7 {! C1 A
- .text:24BC2D2B jmp loc_24BC2E6D
% |' v0 q6 t( {2 r9 V& f8 }7 q% r, O - .text:24BC2D30 ; ---------------------------------------------------------------------------
1 F9 q4 s2 a- ? - .text:24BC2D30
5 U% U) N! X6 Z; |# s$ @ - .text:24BC2D30 loc_24BC2D30: ; CODE XREF: sub_24BC2CD2+4B↑j
2 W: S3 C6 {4 D o' t6 {6 s. P - .text:24BC2D30 lea ecx, [ebp+var_8]
* ?& l7 d3 [2 x q* m - .text:24BC2D33 push edi9 L4 H; a+ K! O. s2 C. |
- .text:24BC2D34 push ecx1 q0 B, O7 h! G% {" Z3 [, M
- .text:24BC2D35 push edi
& j% F' S: K. S/ M - .text:24BC2D36 call eax+ w; u- _: b; }7 \! ]
- .text:24BC2D38 test eax, eax
2 E& j0 u1 g" Q - .text:24BC2D3A jge short loc_24BC2D4D
' a7 O# Y8 @& S: z2 G3 I - .text:24BC2D3C push esi ; hLibModule4 A, C2 ?3 v& l9 j
- .text:24BC2D3D call ds:FreeLibrary
" z( X0 C+ R/ s8 k9 t - .text:24BC2D43 push offset aCouldnTCreateD ; "Couldn't create DDraw\r\n"
3 ~( X$ R% i @ - .text:24BC2D48 jmp loc_24BC2E6D& B, v8 K7 G- }1 T/ h! i, m
- .text:24BC2D4D ; ---------------------------------------------------------------------------
% Q# X$ h9 j% p - .text:24BC2D4D9 N$ Q7 w0 U& j l1 X" b- @, S
- .text:24BC2D4D loc_24BC2D4D: ; CODE XREF: sub_24BC2CD2+68↑j/ _" j& Z S+ i( b1 {2 J+ ` e
- .text:24BC2D4D mov eax, [ebp+var_8]. l) ]7 U! Z* m1 C. H% Q
- .text:24BC2D50 lea edx, [ebp+var_1C]2 ?5 } ^) R: y) b/ |2 T& g
- .text:24BC2D53 push edx
* h0 k- S) L6 N2 a& n - .text:24BC2D54 push offset unk_24BC4470/ Z7 n% m s( j
- .text:24BC2D59 mov ecx, [eax]- j1 i- z4 N. X7 R/ I+ m/ p+ |" ~
- .text:24BC2D5B push eax3 [2 e% I) r4 N0 i* M$ g6 S" T
- .text:24BC2D5C call dword ptr [ecx]
; ?4 T! x, ?6 y8 r# P' I - .text:24BC2D5E test eax, eax
5 o9 u/ R! y! A) m - .text:24BC2D60 jge short loc_24BC2D87
( I) H( V, k" M( X5 ~0 X, j8 J - .text:24BC2D62 mov eax, [ebp+var_8]
8 q/ j2 Q% m- S& N/ T. { B- p6 [ - .text:24BC2D65 push eax2 |& m1 ?7 q1 y$ D/ ?: G
- .text:24BC2D66 mov ecx, [eax]
: f% U% k0 }+ u - .text:24BC2D68 call dword ptr [ecx+8]
. ]. ], {1 S" Q6 Q0 |! y - .text:24BC2D6B push esi ; hLibModule# M# J- C& ?: ]( d5 z1 C
- .text:24BC2D6C call ds:FreeLibrary
, H+ _1 m, N# H; D S' r8 d - .text:24BC2D72 push offset OutputString ; "Couldn't QI DDraw2\r\n"
" `0 w" j2 ?/ W' {# t- j- B$ K - .text:24BC2D77 call ds:OutputDebugStringA
9 ?# L0 E' _: [5 w - .text:24BC2D7D mov eax, 100h
: M4 A' e9 V4 N. S( } - .text:24BC2D82 jmp loc_24BC3011 z4 o9 p* c- z, \, s
- .text:24BC2D87 ; ---------------------------------------------------------------------------
& I+ `$ O9 B& a7 a% y7 X; ^ - .text:24BC2D87
0 q9 y5 H# G, z+ v+ k& V0 Y- \ - .text:24BC2D87 loc_24BC2D87: ; CODE XREF: sub_24BC2CD2+8E↑j
$ h# i/ B& _2 W) u8 U# L - .text:24BC2D87 mov eax, [ebp+var_1C]: n& R; w! h2 t1 e9 @1 _
- .text:24BC2D8A push eax9 q, u* d- T$ I1 z1 p+ M& @
- .text:24BC2D8B mov ecx, [eax]9 Q! _7 Z; N& _9 j$ w5 p/ L
- .text:24BC2D8D call dword ptr [ecx+8]
0 E4 c1 g$ ]$ \! `, H0 I - .text:24BC2D90 push offset aDinputDll ; "DINPUT.DLL"* R$ x9 l& g& I
- .text:24BC2D95 call ebx ; LoadLibraryA+ p; n, L1 u" x' h* O7 F4 \
- .text:24BC2D97 mov esi, eax
/ Y" b: D9 p& h, k' R: r0 C - .text:24BC2D99 cmp esi, edi
' j; R4 j) |. k/ i- s5 x - .text:24BC2D9B jnz short loc_24BC2DB6, G% T9 c4 w9 m: c5 x z
- .text:24BC2D9D mov eax, [ebp+var_8]+ O3 k" r! o2 L
- .text:24BC2DA0 push eax
F8 a9 @" P; u( h2 Z+ M - .text:24BC2DA1 mov ecx, [eax]
: T% X; C3 v6 ~# y& e& e - .text:24BC2DA3 call dword ptr [ecx+8]
2 H9 H3 m% F2 v0 O0 y" M* u2 e - .text:24BC2DA6 push [ebp+hLibModule] ; hLibModule
( M' p3 M% P; \" h - .text:24BC2DA9 call ds:FreeLibrary
: P2 a8 l& }$ c3 g3 U3 R* P# N - .text:24BC2DAF push offset aCouldnTLoadlib_0 ; "Couldn't LoadLibrary DInput\r\n"
8 n8 z# z2 o0 O- ^9 P - .text:24BC2DB4 jmp short loc_24BC2DE2# Z+ N# D2 E7 H" C$ x4 K
- .text:24BC2DB6 ; ---------------------------------------------------------------------------7 K3 b1 x1 N2 G2 @- E0 [. v) ^5 B
- .text:24BC2DB6# u L+ O2 u9 ^1 I4 A) X. h
- .text:24BC2DB6 loc_24BC2DB6: ; CODE XREF: sub_24BC2CD2+C9↑j) g, [2 j8 @/ r8 b& x; r
- .text:24BC2DB6 push offset aDirectinputcre ; "DirectInputCreateA"
5 `4 l( G9 }0 X0 g2 U - .text:24BC2DBB push esi ; hModule
+ p, Z( x9 s% j1 E* O - .text:24BC2DBC call ds:GetProcAddress4 Y6 p. v5 V; N
- .text:24BC2DC2 push esi ; hLibModule4 _1 h$ D, \& U; K3 p# X
- .text:24BC2DC3 mov esi, ds:FreeLibrary
7 C5 \4 B v, s% u5 c9 v' m; W - .text:24BC2DC9 test eax, eax
8 G+ U5 ]5 a$ B" Y" x - .text:24BC2DCB jnz short loc_24BC2DF2
e0 N7 e5 @9 V% k# o, s& [, ?& H) S6 R - .text:24BC2DCD call esi ; FreeLibrary
' D2 j6 |1 z6 Y4 W1 |" w) p - .text:24BC2DCF mov eax, [ebp+var_8]% M/ K3 b8 U* {2 m6 W" u( B
- .text:24BC2DD2 push eax3 l# d2 ]; \) ?: c2 g( e- D! p
- .text:24BC2DD3 mov ecx, [eax]" i& V# Y# X' o9 m' h- F) c
- .text:24BC2DD5 call dword ptr [ecx+8]& x# N% d6 i& Z- t$ T q# k6 p
- .text:24BC2DD8 push [ebp+hLibModule] ; hLibModule, b' f, q2 T! j: W# f7 Q* p* u
- .text:24BC2DDB call esi ; FreeLibrary
& e7 B+ l8 J8 e - .text:24BC2DDD push offset aCouldnTGetproc_0 ; "Couldn't GetProcAddress DInputCreate\r"...& _+ s% X0 N; ], Z% [/ g
- .text:24BC2DE2& E' o# g! e! O0 {2 g/ e E
- .text:24BC2DE2 loc_24BC2DE2: ; CODE XREF: sub_24BC2CD2+E2↑j' q+ v4 T' ]: o: x7 J
- .text:24BC2DE2 call ds:OutputDebugStringA3 V' _! m" M/ ?# [+ Y' Q9 y, \
- .text:24BC2DE8 mov eax, 200h
- C' V/ J0 e! L; N6 O - .text:24BC2DED jmp loc_24BC3011
% s: N1 C/ Q+ B- K3 T2 @- u - .text:24BC2DF2 ; ---------------------------------------------------------------------------
" ^) u; e+ ^: p: Y - .text:24BC2DF2# ~ w# g: W" o
- .text:24BC2DF2 loc_24BC2DF2: ; CODE XREF: sub_24BC2CD2+F9↑j
U/ y7 b; W" W4 g7 _ - .text:24BC2DF2 call esi ; FreeLibrary
0 ^" a8 _! b3 C8 E) [' m5 E* K- X - .text:24BC2DF4 push 6Ch ; Size& G) v: A3 S- N# ^: E4 w
- .text:24BC2DF6 lea eax, [ebp+Dst]* k: C+ \/ s$ Y) L+ V* O( ]
- .text:24BC2DFC push edi ; Val3 b$ Q( O8 ~# L/ }
- .text:24BC2DFD push eax ; Dst4 H2 u, o5 f/ T5 M" w
- .text:24BC2DFE call memset8 [- d9 s8 U. q4 E# P
- .text:24BC2E03 mov eax, [ebp+var_8]! } z% N: `( q3 }4 ^# B
- .text:24BC2E06 add esp, 0Ch1 Z: H! L! ]/ O; \- @ |
- .text:24BC2E09 mov [ebp+Dst], 6Ch8 N8 w" { q. M. \4 I
- .text:24BC2E13 mov [ebp+var_8C], 17 V- H+ ~" r; Y8 l
- .text:24BC2E1D mov [ebp+var_28], 200h. x; N0 O# {3 \3 x1 \
- .text:24BC2E24 mov ecx, [eax]1 C1 J+ I, w: _4 i% q1 N8 ?
- .text:24BC2E26 push 8
( _1 e v2 [0 T ]( L - .text:24BC2E28 push edi
5 V" k' p. D* `: v$ {( S: b - .text:24BC2E29 push eax& q- r. p- V; _
- .text:24BC2E2A call dword ptr [ecx+50h]+ Q6 P' a4 v: v; Y# t. B6 N0 r
- .text:24BC2E2D test eax, eax% P3 t( h8 [) k2 a; y' _
- .text:24BC2E2F mov eax, [ebp+var_8]
5 J3 f- p9 B5 a* A - .text:24BC2E32 mov ecx, [eax] ~. e3 S# E1 b) F3 t. K) p
- .text:24BC2E34 jge short loc_24BC2E46. h: ]7 l3 a7 E' w1 y
- .text:24BC2E36 push eax
& m7 ~0 L. e+ {5 B( O F - .text:24BC2E37 call dword ptr [ecx+8]. y3 y% ^9 _9 {1 E0 x: t ]
- .text:24BC2E3A push [ebp+hLibModule] ; hLibModule
9 l' K. R% e' H% O4 [ - .text:24BC2E3D call esi ; FreeLibrary ~6 l2 a) m! s8 v7 B
- .text:24BC2E3F push offset aCouldnTSetCoop ; "Couldn't Set coop level\r\n"
9 i3 | U# i% |9 z# m: `' u - .text:24BC2E44 jmp short loc_24BC2E6D
: }% m8 S; }/ E1 P* G/ U - .text:24BC2E46 ; ---------------------------------------------------------------------------, L; C" [8 G( p1 K% v# F6 k2 y
- .text:24BC2E46
( K7 j9 G0 k1 [6 z$ ~4 |$ b3 a! n) o - .text:24BC2E46 loc_24BC2E46: ; CODE XREF: sub_24BC2CD2+162↑j
4 d8 d2 O' ~0 z) Z, y& o - .text:24BC2E46 lea edx, [ebp+var_C]
, G, ~% i; d0 R) x' [; ?( r+ I - .text:24BC2E49 push edi
2 u% h* S2 p* ~ - .text:24BC2E4A push edx
; J8 X9 B: K) D - .text:24BC2E4B lea edx, [ebp+Dst]
9 z, R6 W3 t5 M, g; f - .text:24BC2E51 push edx6 @% }. o; P0 D) B
- .text:24BC2E52 push eax; [& i4 q7 `. P
- .text:24BC2E53 call dword ptr [ecx+18h]7 ~0 e x3 A/ }3 U- K
- .text:24BC2E56 test eax, eax- _* _/ M( W$ p& b
- .text:24BC2E58 jge short loc_24BC2E7A# \, g9 U% o1 T, i
- .text:24BC2E5A mov eax, [ebp+var_8]
/ e9 J$ Q. }! a, U, ?" I% w m - .text:24BC2E5D push eax9 I4 ]5 B( g% W P
- .text:24BC2E5E mov ecx, [eax]- Q5 p K- g, }4 ^- v" [/ U) n
- .text:24BC2E60 call dword ptr [ecx+8]0 ?% ?/ p* ~* V* t" z
- .text:24BC2E63 push [ebp+hLibModule] ; hLibModule3 e% B4 q* [$ k* z( L B
- .text:24BC2E66 call esi ; FreeLibrary
% Q( ]+ F+ P* h2 N - .text:24BC2E68 push offset aCouldnTCreates ; "Couldn't CreateSurface\r\n"
! g |8 W% v& t/ b - .text:24BC2E6D
% X; ^ t0 W( ?+ {6 K2 M - .text:24BC2E6D loc_24BC2E6D: ; CODE XREF: sub_24BC2CD2+38↑j
; a9 J5 i& Y0 s' U2 _' M( ]( O - .text:24BC2E6D ; sub_24BC2CD2+59↑j ...
% `. i/ G7 |5 |) x8 f! I! R# U - .text:24BC2E6D call ds:OutputDebugStringA; S# p5 s2 D! `5 l" f* w; W/ G4 n! t
- .text:24BC2E73 xor eax, eax6 \) ~7 u0 y' S" t
- .text:24BC2E75 jmp loc_24BC3011! {/ Q8 |; t: h
- .text:24BC2E7A ; ---------------------------------------------------------------------------
* X6 h! K# [1 O& Y5 _8 i( b8 J7 W, ^. b/ t
|
发表于 2023-8-25 16:59
QQ好友和群
QQ空间
腾讯微博
腾讯朋友
收藏
分享
很美好
很差劲
