-
-
在分析一个lzma压缩算法的代码时遇到点问题
-
2016-6-14 17:20
10659
-
signed int __usercall sub_40B4E0<eax>(int a1<eax>, unsigned int a2<edx>, int a3<ecx>)
{
signed int result; // eax@2
int v4; // edx@3
int v5; // edx@3
char v6; // al@5
signed __int64 v7; // qax@7
if ( a2 >= 5 )
{
BYTE3(v4) = 0;
*(&v4 + 1) = *(a1 + 4);
LOBYTE(v4) = *(a1 + 3);
v5 = *(a1 + 1) | ((*(a1 + 2) | (v4 << 8)) << 8);
if ( v5 < 0x1000 )
v5 = 4096;
*(a3 + 12) = v5;
v6 = *a1;
if ( v6 < 0xE1u )
{
*a3 = v6 % 9;
v7 = v6 / 9;
*(a3 + 8) = v7 / 5;
*(a3 + 4) = v7 % 5;
result = 0;
}
else
{
result = 4;
}
}
else
{
result = 4;
}
return result;
}
请问 BYTE3(v4) = 0;
*(&v4 + 1) = *(a1 + 4);
LOBYTE(v4) = *(a1 + 3); 是什么意思 呢 这个v4是什么数据类型呢
7zip官方提供的lzma解密代码是这样的
SRes LzmaProps_Decode(CLzmaProps *p, const Byte *data, unsigned size)
{
UInt32 dicSize;
Byte d;
if (size < LZMA_PROPS_SIZE)
return SZ_ERROR_UNSUPPORTED;
else
dicSize = data[1] | ((UInt32)data[2] << 8) | ((UInt32)data[3] << 16) | ((UInt32)data[4] << 24);
if (dicSize < LZMA_DIC_MIN)
dicSize = LZMA_DIC_MIN;
p->dicSize = dicSize;
d = data[0];
if (d >= (9 * 5 * 5))
return SZ_ERROR_UNSUPPORTED;
p->lc = d % 9;
d /= 9;
p->pb = d / 5;
p->lp = d % 5;
return SZ_OK;
}
[CTF入门培训]顶尖高校博士及硕士团队亲授《30小时教你玩转CTF》,视频+靶场+题目!助力进入CTF世界
