0DFD3346 8BF0 mov esi,eax
0DFD3348 52 push edx
0DFD3349 56 push esi
0DFD334A E8 CFBC0300 call <jmp.&ACAD.acedEvaluateLisp>
0DFD334F 8BC6 mov eax,esi
0DFD3351 83C4 08 add esp,0x8
acedEvaluateLisp入口:
00B11DE0 > 53 push ebx
00B11DE1 8B5C24 0C mov ebx,dword ptr ss:[esp+0xC]
00B11DE5 C703 00000000 mov dword ptr ds:[ebx],0x0
00B11DEB A1 043AD700 mov eax,dword ptr ds:[0xD73A04]
00B11DF0 8B40 08 mov eax,dword ptr ds:[eax+0x8]
00B11DF3 85C0 test eax,eax
00B11DF5 75 02 jnz short acad.00B11DF9
00B11DF7 5B pop ebx ; ddd.0DFD334F
00B11DF8 C3 retn
00B11DF9 56 push esi
00B11DFA 8BB0 DC030000 mov esi,dword ptr ds:[eax+0x3DC] ; acad.0064006E
00B11E00 85F6 test esi,esi
00B11E02 75 05 jnz short acad.00B11E09
00B11E04 5E pop esi ; ddd.0DFD334F
00B11E05 33C0 xor eax,eax
00B11E07 5B pop ebx ; ddd.0DFD334F
00B11E08 C3 retn
00B11E09 57 push edi
00B11E0A 8B3D BC07D600 mov edi,dword ptr ds:[0xD607BC]
00B11E10 8BCE mov ecx,esi
00B11E12 C705 BC07D600 0>mov dword ptr ds:[0xD607BC],0x1
00B11E1C E8 BF2097FF call acad.00483EE0
00483EE0 56 push esi
00483EE1 8BF1 mov esi,ecx
00483EE3 8B86 DC050000 mov eax,dword ptr ds:[esi+0x5DC]
00483EE9 85C0 test eax,eax
00483EEB 74 13 je short acad.00483F00
00483EED 50 push eax
00483EEE E8 AD0B0000 call acad.00484AA0
00483EF3 83C4 04 add esp,0x4
00483EF6 C786 DC050000 0>mov dword ptr ds:[esi+0x5DC],0x0
00483F00 5E pop esi ; acad.00B11E21
00483F01 C3 retn
00B11E21 8B4C24 10 mov ecx,dword ptr ss:[esp+0x10]
00B11E25 6A 00 push 0x0
00B11E27 51 push ecx
00B11E28 56 push esi
00B11E29 E8 C2BE97FF call acad.0048DCF0
0048DCF0 83EC 4C sub esp,0x4C
0048DCF3 A1 0CB9D500 mov eax,dword ptr ds:[0xD5B90C]
0048DCF8 33C4 xor eax,esp
0048DCFA 894424 48 mov dword ptr ss:[esp+0x48],eax
0048DCFE 8B4424 54 mov eax,dword ptr ss:[esp+0x54]
0048DD02 53 push ebx
0048DD03 55 push ebp
0048DD04 8B6C24 58 mov ebp,dword ptr ss:[esp+0x58]
0048DD08 56 push esi
0048DD09 33DB xor ebx,ebx
0048DD0B 66:8338 01 cmp word ptr ds:[eax],0x1
0048DD0F 57 push edi
0048DD10 8BBD CC050000 mov edi,dword ptr ss:[ebp+0x5CC]
0048DD16 894424 10 mov dword ptr ss:[esp+0x10],eax
0048DD1A 895C24 14 mov dword ptr ss:[esp+0x14],ebx
0048DD1E 75 18 jnz short acad.0048DD38
0048DD20 83C0 02 add eax,0x2
0048DD23 50 push eax
0048DD24 E8 4766FFFF call acad.00484370
0048DD29 8BF0 mov esi,eax
0048DD2B 83C4 04 add esp,0x4
0048DD2E 85F6 test esi,esi
0048DD30 0F84 99000000 je acad.0048DDCF
0048DD36 EB 66 jmp short acad.0048DD9E
0048DD38 8BB7 FC000000 mov esi,dword ptr ds:[edi+0xFC]
0048DD3E 85F6 test esi,esi
0048DD40 75 1D jnz short acad.0048DD5F
0048DD42 68 04BAC200 push acad.00C2BA04 ; UNICODE "Veval-str+"
0048DD47 E8 2466FFFF call acad.00484370
0048DD4C 8BF0 mov esi,eax
0048DD4E 83C4 04 add esp,0x4
0048DD51 85F6 test esi,esi
0048DD53 74 7A je short acad.0048DDCF
0048DD55 8B4424 10 mov eax,dword ptr ss:[esp+0x10]
0048DD59 89B7 FC000000 mov dword ptr ds:[edi+0xFC],esi
0048DD5F 66:0FB64C24 68 movzx cx,byte ptr ss:[esp+0x68]
0048DD65 894424 40 mov dword ptr ss:[esp+0x40],eax
0048DD69 8D4424 14 lea eax,dword ptr ss:[esp+0x14]
0048DD6D 66:894C24 20 mov word ptr ss:[esp+0x20],cx
0048DD72 50 push eax
0048DD73 8D4C24 3C lea ecx,dword ptr ss:[esp+0x3C]
0048DD77 8D5424 1C lea edx,dword ptr ss:[esp+0x1C]
0048DD7B 51 push ecx
0048DD7C 66:C74424 24 8B>mov word ptr ss:[esp+0x24],0x138B
0048DD83 895C24 20 mov dword ptr ss:[esp+0x20],ebx
0048DD87 66:C74424 44 8D>mov word ptr ss:[esp+0x44],0x138D
0048DD8E 895424 40 mov dword ptr ss:[esp+0x40],edx
0048DD92 E8 E968FFFF call acad.00484680
00484680 55 push ebp
00484681 8BEC mov ebp,esp
00484683 83E4 F8 and esp,-0x8
00484686 8B45 0C mov eax,dword ptr ss:[ebp+0xC]
00484689 83EC 0C sub esp,0xC
0048468C 53 push ebx
0048468D 56 push esi
0048468E 57 push edi
0048468F 8B7D 08 mov edi,dword ptr ss:[ebp+0x8]
00484692 85FF test edi,edi
00484694 C700 00000000 mov dword ptr ds:[eax],0x0
0048469A 75 0A jnz short acad.004846A6
0048469C 83C8 FF or eax,-0x1
0048469F 5F pop edi ; acad.0048DD97
004846A0 5E pop esi ; acad.0048DD97
004846A1 5B pop ebx ; acad.0048DD97
004846A2 8BE5 mov esp,ebp
004846A4 5D pop ebp ; acad.0048DD97
004846A5 C3 retn
004846A6 C74424 10 00000>mov dword ptr ss:[esp+0x10],0x0
004846AE 8BFF mov edi,edi
004846B0 0FBF5F 04 movsx ebx,word ptr ds:[edi+0x4]
004846B4 81FB 88130000 cmp ebx,0x1388
004846BA 7C 24 jl short acad.004846E0
004846BC 81FB 9C130000 cmp ebx,0x139C
004846C2 74 1C je short acad.004846E0
004846C4 85DB test ebx,ebx
004846C6 7D 0C jge short acad.004846D4
004846C8 8D8B 88130000 lea ecx,dword ptr ds:[ebx+0x1388]
004846CE 894C24 0C mov dword ptr ss:[esp+0xC],ecx
004846D2 EB 19 jmp short acad.004846ED
004846D4 8D93 78ECFFFF lea edx,dword ptr ds:[ebx-0x1388]
004846DA 895424 0C mov dword ptr ss:[esp+0xC],edx
004846DE EB 0D jmp short acad.004846ED
004846E0 53 push ebx
004846E1 E8 1AE10900 call acad.00522800
004846E6 83C4 04 add esp,0x4
004846E9 894424 0C mov dword ptr ss:[esp+0xC],eax
004846ED 8B4424 0C mov eax,dword ptr ss:[esp+0xC]
004846F1 50 push eax
004846F2 E8 CD366800 call <jmp.&acdb17.acutNewRb>
acutNewRb()函数分配一新的结果缓冲区,并设置restype字段为v。acutNewRb()函数返回一个指向新分配的结果缓冲区的指针。参数v应为在adscodes.h文件中定义的结果类型码中的一个(例如RTPOINT)。别忘记调用acutRelRb()函数释放用acutNewRb()函数分配的内存。
004846F7 8BF0 mov esi,eax
004846F9 83C4 04 add esp,0x4
004846FC 85F6 test esi,esi
004846FE ^ 74 9C je short acad.0048469C
00484700 81FB 9C130000 cmp ebx,0x139C
00484706 75 08 jnz short acad.00484710
00484708 66:C746 04 0000 mov word ptr ds:[esi+0x4],0x0
0048470E EB 04 jmp short acad.00484714
00484710 66:895E 04 mov word ptr ds:[esi+0x4],bx
00484714 8B4424 0C mov eax,dword ptr ss:[esp+0xC]
00484718 83C0 FF add eax,-0x1
0048471B 83F8 1E cmp eax,0x1E
0048471E 0F87 2A010000 ja acad.0048484E
00484724 0FB688 90494800 movzx ecx,byte ptr ds:[eax+0x484990]
0048472B FF248D 68494800 jmp dword ptr ds:[ecx*4+0x484968]
00484732 81FB 88130000 cmp ebx,0x1388
00484738 DD47 08 fld qword ptr ds:[edi+0x8]
0048473B DD5E 08 fstp qword ptr ds:[esi+0x8]
0048473E 0F8E DE000000 jle acad.00484822
00484744 66:C746 04 8913 mov word ptr ds:[esi+0x4],0x1389
0048474A E9 D3000000 jmp acad.00484822
0048474F DD47 08 fld qword ptr ds:[edi+0x8]
00484752 DD5E 08 fstp qword ptr ds:[esi+0x8]
00484755 DD47 10 fld qword ptr ds:[edi+0x10]
00484758 DD5E 10 fstp qword ptr ds:[esi+0x10]
0048475B D9EE fldz
0048475D DD5E 18 fstp qword ptr ds:[esi+0x18]
00484760 E9 BD000000 jmp acad.00484822
00484765 DD47 08 fld qword ptr ds:[edi+0x8]
00484768 DD5E 08 fstp qword ptr ds:[esi+0x8]
0048476B DD47 10 fld qword ptr ds:[edi+0x10]
0048476E DD5E 10 fstp qword ptr ds:[esi+0x10]
00484771 DD47 18 fld qword ptr ds:[edi+0x18]
00484774 DD5E 18 fstp qword ptr ds:[esi+0x18]
00484777 E9 A6000000 jmp acad.00484822
0048477C 66:8B57 08 mov dx,word ptr ds:[edi+0x8]
00484780 66:8956 08 mov word ptr ds:[esi+0x8],dx
00484784 E9 99000000 jmp acad.00484822
00484789 83FB FD cmp ebx,-0x3
0048478C 0F84 90000000 je acad.00484822
00484792 81FB EC030000 cmp ebx,0x3EC
00484798 74 27 je short acad.004847C1
0048479A B8 67666666 mov eax,0x66666667
0048479F F7EB imul ebx
004847A1 C1FA 02 sar edx,0x2
004847A4 8BC2 mov eax,edx
004847A6 C1E8 1F shr eax,0x1F
004847A9 03C2 add eax,edx
004847AB 83F8 1F cmp eax,0x1F
004847AE 74 11 je short acad.004847C1
004847B0 8B4F 08 mov ecx,dword ptr ds:[edi+0x8]
004847B3 51 push ecx
004847B4 E8 A7E5FFFF call acad.00482D60
00482D60 57 push edi
00482D61 8B7C24 08 mov edi,dword ptr ss:[esp+0x8]
00482D65 85FF test edi,edi
00482D67 75 04 jnz short acad.00482D6D
00482D69 33C0 xor eax,eax
00482D6B 5F pop edi ; acad.004847B9
00482D6C C3 retn
00482D6D 56 push esi
00482D6E 57 push edi
00482D6F E8 9C202400 call acad.006C4E10
得到字符串的长度?
006C4E10 8B4C24 04 mov ecx,dword ptr ss:[esp+0x4]
006C4E14 33C0 xor eax,eax
006C4E16 66:3901 cmp word ptr ds:[ecx],ax
006C4E19 74 11 je short acad.006C4E2C
006C4E1B EB 03 jmp short acad.006C4E20
006C4E1D 8D49 00 lea ecx,dword ptr ds:[ecx]
006C4E20 83C1 02 add ecx,0x2
006C4E23 83C0 01 add eax,0x1
006C4E26 66:8339 00 cmp word ptr ds:[ecx],0x0
006C4E2A ^ 75 F4 jnz short acad.006C4E20
006C4E2C C2 0400 retn 0x4
006C4E2F CC int3
00482D74 8D4400 02 lea eax,dword ptr ds:[eax+eax+0x2]
00482D78 50 push eax
00482D79 FF15 B803BC00 call dword ptr ds:[<&MSVCR80.malloc>] ; msvcr80.malloc
00482D7F 8BF0 mov esi,eax 分配的内存地址
00482D81 83C4 04 add esp,0x4
00482D84 85F6 test esi,esi
00482D86 74 0F je short acad.00482D97
00482D88 57 push edi 源字符串
00482D89 56 push esi 分配的内存
00482D8A E8 D11BF8FF call acad.00404960
;把源字符串复制到分配的内存中
00404960 8B4424 04 mov eax,dword ptr ss:[esp+0x4]
00404964 56 push esi
00404965 8B7424 0C mov esi,dword ptr ss:[esp+0xC]
00404969 0FB70E movzx ecx,word ptr ds:[esi]
0040496C 66:85C9 test cx,cx
0040496F 8BD0 mov edx,eax
00404971 74 11 je short acad.00404984
00404973 83C6 02 add esi,0x2
00404976 66:890A mov word ptr ds:[edx],cx
00404979 0FB70E movzx ecx,word ptr ds:[esi]
0040497C 83C2 02 add edx,0x2
0040497F 66:85C9 test cx,cx ;为0结束
00404982 ^ 75 EF jnz short acad.00404973;循环
00404984 66:8B0E mov cx,word ptr ds:[esi]
00404987 66:890A mov word ptr ds:[edx],cx
0040498A 5E pop esi ;分配的内存地址
0040498B C3 retn
00482D8F 83C4 08 add esp,0x8
00482D92 8BC6 mov eax,esi
00482D94 5E pop esi ; acad.004847B9
00482D95 5F pop edi ; acad.004847B9
00482D96 C3 retn
00482D97 5E pop esi ; acad.004847B9
00482D98 33C0 xor eax,eax
00482D9A 5F pop edi ; acad.004847B9
00482D9B C3 retn
004847B9 83C4 04 add esp,0x4
004847BC 8946 08 mov dword ptr ds:[esi+0x8],eax
004847BF EB 61 jmp short acad.00484822
004847C1 66:8B57 08 mov dx,word ptr ds:[edi+0x8]
004847C5 66:8956 08 mov word ptr ds:[esi+0x8],dx
004847C9 0FBF47 08 movsx eax,word ptr ds:[edi+0x8]
004847CD 50 push eax
004847CE 6A 01 push 0x1
004847D0 FF15 2C03BC00 call dword ptr ds:[<&MSVCR80.calloc>] ; msvcr80.calloc
004847D6 83C4 08 add esp,0x8
004847D9 85C0 test eax,eax
004847DB 8946 0C mov dword ptr ds:[esi+0xC],eax
004847DE ^ 0F84 B8FEFFFF je acad.0048469C
004847E4 0FBF4F 08 movsx ecx,word ptr ds:[edi+0x8]
004847E8 8B57 0C mov edx,dword ptr ds:[edi+0xC]
004847EB 51 push ecx
004847EC 52 push edx
004847ED 50 push eax
004847EE E8 BF9D6A00 call <jmp.&MSVCR80.memcpy>
004847F3 83C4 0C add esp,0xC
004847F6 EB 2A jmp short acad.00484822
004847F8 8B47 08 mov eax,dword ptr ds:[edi+0x8]
004847FB 8946 08 mov dword ptr ds:[esi+0x8],eax
004847FE 8B4F 0C mov ecx,dword ptr ds:[edi+0xC]
00484801 894E 0C mov dword ptr ds:[esi+0xC],ecx
00484804 EB 1C jmp short acad.00484822
00484806 8B57 08 mov edx,dword ptr ds:[edi+0x8]
00484809 8956 08 mov dword ptr ds:[esi+0x8],edx
0048480C 8B47 0C mov eax,dword ptr ds:[edi+0xC]
0048480F 8946 0C mov dword ptr ds:[esi+0xC],eax
00484812 EB 0E jmp short acad.00484822
00484814 8B4F 08 mov ecx,dword ptr ds:[edi+0x8]
00484817 894E 08 mov dword ptr ds:[esi+0x8],ecx
0048481A EB 06 jmp short acad.00484822
0048481C 66:C746 08 FFFF mov word ptr ds:[esi+0x8],0xFFFF
00484822 8B45 0C mov eax,dword ptr ss:[ebp+0xC]
00484825 8338 00 cmp dword ptr ds:[eax],0x0
00484828 75 04 jnz short acad.0048482E
0048482A 8930 mov dword ptr ds:[eax],esi
0048482C EB 06 jmp short acad.00484834
0048482E 8B4C24 10 mov ecx,dword ptr ss:[esp+0x10]
00484832 8931 mov dword ptr ds:[ecx],esi
00484834 8B3F mov edi,dword ptr ds:[edi]
00484836 85FF test edi,edi
00484838 897424 10 mov dword ptr ss:[esp+0x10],esi
0048483C ^ 0F85 6EFEFFFF jnz acad.004846B0
00484842 B8 64000000 mov eax,0x64
00484847 5F pop edi ; acad.0048DD97
00484848 5E pop esi ; acad.0048DD97
00484849 5B pop ebx ; acad.0048DD97
0048484A 8BE5 mov esp,ebp
0048484C 5D pop ebp ; acad.0048DD97
0048484D C3 retn
0048484E E8 4D62F9FF call acad.0041AAA0
00484853 8BD8 mov ebx,eax
00484855 85DB test ebx,ebx
00484857 75 07 jnz short acad.00484860
00484859 A1 98DDD700 mov eax,dword ptr ds:[0xD7DD98]
0048485E EB 34 jmp short acad.00484894
00484860 8B7B 10 mov edi,dword ptr ds:[ebx+0x10]
00484863 FF15 F01FD700 call dword ptr ds:[0xD71FF0] ; acad.00468D10
00484869 3B47 14 cmp eax,dword ptr ds:[edi+0x14]
0048486C 75 05 jnz short acad.00484873
0048486E 8D47 08 lea eax,dword ptr ds:[edi+0x8]
00484871 EB 12 jmp short acad.00484885
00484873 3B47 2C cmp eax,dword ptr ds:[edi+0x2C]
00484876 75 05 jnz short acad.0048487D
00484878 8D47 20 lea eax,dword ptr ds:[edi+0x20]
0048487B EB 08 jmp short acad.00484885
0048487D 3B47 44 cmp eax,dword ptr ds:[edi+0x44]
00484880 75 07 jnz short acad.00484889
00484882 8D47 38 lea eax,dword ptr ds:[edi+0x38]
00484885 85C0 test eax,eax
00484887 75 08 jnz short acad.00484891
00484889 8B83 E4050000 mov eax,dword ptr ds:[ebx+0x5E4]
0048488F EB 03 jmp short acad.00484894
00484891 8B40 14 mov eax,dword ptr ds:[eax+0x14]
00484894 85C0 test eax,eax
00484896 74 0B je short acad.004848A3
00484898 8B40 14 mov eax,dword ptr ds:[eax+0x14]
0048489B 85C0 test eax,eax
0048489D 74 04 je short acad.004848A3
0048489F 3BC6 cmp eax,esi
004848A1 74 11 je short acad.004848B4
004848A3 8B3E mov edi,dword ptr ds:[esi] ; acad.00C2CDD4
004848A5 56 push esi
004848A6 E8 C5060000 call acad.00484F70
004848AB 83C4 04 add esp,0x4
004848AE 85FF test edi,edi
004848B0 8BF7 mov esi,edi
004848B2 ^ 75 EF jnz short acad.004848A3
004848B4 8B55 0C mov edx,dword ptr ss:[ebp+0xC]
004848B7 8B1A mov ebx,dword ptr ds:[edx]
004848B9 E8 E261F9FF call acad.0041AAA0
004848BE 8BF8 mov edi,eax
004848C0 85FF test edi,edi
004848C2 75 07 jnz short acad.004848CB
004848C4 A1 98DDD700 mov eax,dword ptr ds:[0xD7DD98]
004848C9 EB 34 jmp short acad.004848FF
004848CB 8B77 10 mov esi,dword ptr ds:[edi+0x10]
004848CE FF15 F01FD700 call dword ptr ds:[0xD71FF0] ; acad.00468D10
004848D4 3B46 14 cmp eax,dword ptr ds:[esi+0x14]
004848D7 75 05 jnz short acad.004848DE
004848D9 8D46 08 lea eax,dword ptr ds:[esi+0x8]
004848DC EB 12 jmp short acad.004848F0
004848DE 3B46 2C cmp eax,dword ptr ds:[esi+0x2C]
004848E1 75 05 jnz short acad.004848E8
004848E3 8D46 20 lea eax,dword ptr ds:[esi+0x20]
004848E6 EB 08 jmp short acad.004848F0
004848E8 3B46 44 cmp eax,dword ptr ds:[esi+0x44] ; acad.00490044
004848EB 75 07 jnz short acad.004848F4
004848ED 8D46 38 lea eax,dword ptr ds:[esi+0x38]
004848F0 85C0 test eax,eax
004848F2 75 08 jnz short acad.004848FC
004848F4 8B87 E4050000 mov eax,dword ptr ds:[edi+0x5E4] ; acad.00430043
004848FA EB 03 jmp short acad.004848FF
004848FC 8B40 14 mov eax,dword ptr ds:[eax+0x14]
004848FF 85C0 test eax,eax
00484901 74 0B je short acad.0048490E
00484903 8B40 14 mov eax,dword ptr ds:[eax+0x14]
00484906 85C0 test eax,eax
00484908 74 04 je short acad.0048490E
0048490A 3BC3 cmp eax,ebx
0048490C 74 17 je short acad.00484925
0048490E 85DB test ebx,ebx
00484910 8BC3 mov eax,ebx
00484912 74 11 je short acad.00484925
00484914 8B30 mov esi,dword ptr ds:[eax]
00484916 50 push eax
00484917 E8 54060000 call acad.00484F70
0048491C 83C4 04 add esp,0x4
0048491F 85F6 test esi,esi
00484921 8BC6 mov eax,esi
00484923 ^ 75 EF jnz short acad.00484914
00484925 8B45 0C mov eax,dword ptr ss:[ebp+0xC]
00484928 8D4C24 14 lea ecx,dword ptr ss:[esp+0x14]
0048492C 68 8C590000 push 0x598C
00484931 51 push ecx
00484932 C700 00000000 mov dword ptr ds:[eax],0x0
00484938 E8 1363F9FF call acad.0041AC50
0048493D 83C4 08 add esp,0x8
00484940 8BC8 mov ecx,eax
00484942 FF15 4CF7BB00 call dword ptr ds:[<&MFC80U.#ATL::CSimpleS>; mfc80u.#ATL::CSimpleStringT<char,1>::GetString_3391
00484948 50 push eax
00484949 E8 DEA76A00 call <jmp.&acdb17.acdbFail>
0048494E 83C4 04 add esp,0x4
00484951 8D4C24 14 lea ecx,dword ptr ss:[esp+0x14]
00484955 FF15 58F7BB00 call dword ptr ds:[<&MFC80U.#ATL::CStringT>; mfc80u.#ATL::CStringT<char,StrTraitMFC_DLL<char,ATL::ChTraitsCRT<char> > >::~CStringT<char,StrTraitMFC_DLL<char,ATL::ChTraitsCRT<char> > >_578
0048495B 5F pop edi ; acad.0048DD97
0048495C 5E pop esi ; acad.0048DD97
0048495D 83C8 FF or eax,-0x1
00484960 5B pop ebx ; acad.0048DD97
00484961 8BE5 mov esp,ebp
00484963 5D pop ebp ; acad.0048DD97
00484964 C3 retn
0048DD97 8B5C24 1C mov ebx,dword ptr ss:[esp+0x1C] ; ddd.0DFD334F
0048DD9B 83C4 08 add esp,0x8
0048DD9E 8BCF mov ecx,edi
0048DDA0 E8 2B67FFFF call acad.004844D0
004844D0 56 push esi
004844D1 8BF1 mov esi,ecx
004844D3 8B8E F8000000 mov ecx,dword ptr ds:[esi+0xF8]
004844D9 85C9 test ecx,ecx
004844DB 74 27 je short acad.00484504
004844DD E8 4E99FFFF call acad.0047DE30
0047DE30 85C9 test ecx,ecx
0047DE32 74 5F je short acad.0047DE93
0047DE34 F681 70050000 0>test byte ptr ds:[ecx+0x570],0x1
0047DE3B 75 56 jnz short acad.0047DE93
0047DE3D 8379 70 00 cmp dword ptr ds:[ecx+0x70],0x0
0047DE41 75 50 jnz short acad.0047DE93
0047DE43 8B41 18 mov eax,dword ptr ds:[ecx+0x18]
0047DE46 8B90 0C040000 mov edx,dword ptr ds:[eax+0x40C]
0047DE4C 85D2 test edx,edx
0047DE4E 74 43 je short acad.0047DE93
0047DE50 66:83BA 3004000>cmp word ptr ds:[edx+0x430],0x0
0047DE58 75 39 jnz short acad.0047DE93
0047DE5A 66:833D A841D60>cmp word ptr ds:[0xD641A8],0x0
0047DE62 75 2F jnz short acad.0047DE93
0047DE64 8B81 CC050000 mov eax,dword ptr ds:[ecx+0x5CC]
0047DE6A 85C0 test eax,eax
0047DE6C 74 25 je short acad.0047DE93
0047DE6E 8378 04 00 cmp dword ptr ds:[eax+0x4],0x0
0047DE72 7F 1F jg short acad.0047DE93
0047DE74 66:83BA A80D000>cmp word ptr ds:[edx+0xDA8],0x0
0047DE7C 75 15 jnz short acad.0047DE93
0047DE7E 80B9 E9050000 0>cmp byte ptr ds:[ecx+0x5E9],0x0
0047DE85 74 0C je short acad.0047DE93
0047DE87 80BA 901C0000 0>cmp byte ptr ds:[edx+0x1C90],0x0
0047DE8E 75 03 jnz short acad.0047DE93
0047DE90 B0 01 mov al,0x1
0047DE92 C3 retn
0047DE93 32C0 xor al,al
0047DE95 C3 retn
004844E2 84C0 test al,al
004844E4 74 1E je short acad.00484504
004844E6 E8 1579F8FF call acad.acDocManagerPtr
.获得当前文档管理对象指针
ACCORE_PORT AcApDocManager* acDocManagerPtr();
004844EB 8B10 mov edx,dword ptr ds:[eax]
004844ED 8BC8 mov ecx,eax
004844EF 8B42 18 mov eax,dword ptr ds:[edx+0x18]
004844F2 FFD0 call eax
004844F4 8B10 mov edx,dword ptr ds:[eax]
004844F6 8BC8 mov ecx,eax
004844F8 8B42 3C mov eax,dword ptr ds:[edx+0x3C]
004844FB FFD0 call eax
004844FD 8BC8 mov ecx,eax
004844FF E8 8C330200 call acad.004A7890
00484504 8346 04 01 add dword ptr ds:[esi+0x4],0x1
00484508 5E pop esi ; acad.0048DDA5
00484509 C3 retn
0048DDA5 6A 00 push 0x0
0048DDA7 8D5424 14 lea edx,dword ptr ss:[esp+0x14]
0048DDAB 52 push edx
0048DDAC 53 push ebx
0048DDAD 56 push esi
0048DDAE 8BCD mov ecx,ebp
0048DDB0 E8 5B67FFFF call acad.00484510
00484510 83EC 10 sub esp,0x10
00484513 8B4424 1C mov eax,dword ptr ss:[esp+0x1C]
00484517 85C0 test eax,eax
00484519 53 push ebx
0048451A 8BD9 mov ebx,ecx
0048451C 57 push edi
0048451D 895C24 14 mov dword ptr ss:[esp+0x14],ebx
00484521 74 06 je short acad.00484529
00484523 C700 00000000 mov dword ptr ds:[eax],0x0
00484529 8B4424 28 mov eax,dword ptr ss:[esp+0x28]
0048452D 85C0 test eax,eax
0048452F 74 06 je short acad.00484537
00484531 C700 96130000 mov dword ptr ds:[eax],0x1396
00484537 8B7C24 1C mov edi,dword ptr ss:[esp+0x1C]
0048453B 85FF test edi,edi
0048453D 75 0B jnz short acad.0048454A
0048453F 5F pop edi ; acad.0048DDB5
00484540 83C8 FF or eax,-0x1
00484543 5B pop ebx ; acad.0048DDB5
00484544 83C4 10 add esp,0x10
00484547 C2 1000 retn 0x10
0048454A 8B07 mov eax,dword ptr ds:[edi]
0048454C 8B50 28 mov edx,dword ptr ds:[eax+0x28]
0048454F 55 push ebp
00484550 56 push esi
00484551 8BCF mov ecx,edi
00484553 FFD2 call edx
00801F00 8B41 1C mov eax,dword ptr ds:[ecx+0x1C]
00801F03 C3 retn
00484555 8B10 mov edx,dword ptr ds:[eax]
00484557 8BC8 mov ecx,eax
00484559 8B42 18 mov eax,dword ptr ds:[edx+0x18]
0048455C FFD0 call eax
00F6F9D0 > 56 push esi
00F6F9D1 8BF1 mov esi,ecx
00F6F9D3 837E 14 00 cmp dword ptr ds:[esi+0x14],0x0
00F6F9D7 75 1D jnz short acdb17.00F6F9F6
00F6F9D9 837E 0C 00 cmp dword ptr ds:[esi+0xC],0x0
00F6F9DD 75 11 jnz short acdb17.00F6F9F0
00F6F9DF 8B4E 08 mov ecx,dword ptr ds:[esi+0x8]
00F6F9E2 85C9 test ecx,ecx
00F6F9E4 74 0A je short acdb17.00F6F9F0
00F6F9E6 8B01 mov eax,dword ptr ds:[ecx] ; acdb17.017029D0
00F6F9E8 8B50 28 mov edx,dword ptr ds:[eax+0x28]
00F6F9EB FFD2 call edx ; acdb17.017029D0
00F6F9ED 8946 0C mov dword ptr ds:[esi+0xC],eax ; acdb17.AcRxGenHand::getAppInfoPtr
00F6F9F0 8B46 0C mov eax,dword ptr ds:[esi+0xC]
00F6F9F3 8946 14 mov dword ptr ds:[esi+0x14],eax ; acdb17.AcRxGenHand::getAppInfoPtr
00F6F9F6 8D46 10 lea eax,dword ptr ds:[esi+0x10]
00F6F9F9 5E pop esi ; acad.0048455E
00F6F9FA C3 retn
0048455E 8BF0 mov esi,eax
00484560 56 push esi
00484561 8BCB mov ecx,ebx
00484563 E8 B847FEFF call acad.00468D20
00468D20 56 push esi
00468D21 57 push edi
00468D22 8BF9 mov edi,ecx
00468D24 8B77 10 mov esi,dword ptr ds:[edi+0x10]
00468D27 FF15 F01FD700 call dword ptr ds:[0xD71FF0] ; acad.00468D10
00468D10 64:A1 10000000 mov eax,dword ptr fs:[0x10]
00468D16 C3 retn
00468D2D 3B46 14 cmp eax,dword ptr ds:[esi+0x14]
00468D30 75 05 jnz short acad.00468D37
00468D32 8D46 08 lea eax,dword ptr ds:[esi+0x8]
00468D35 EB 12 jmp short acad.00468D49
00468D37 3B46 2C cmp eax,dword ptr ds:[esi+0x2C]
00468D3A 75 05 jnz short acad.00468D41
00468D3C 8D46 20 lea eax,dword ptr ds:[esi+0x20]
00468D3F EB 08 jmp short acad.00468D49
00468D41 3B46 44 cmp eax,dword ptr ds:[esi+0x44]
00468D44 75 07 jnz short acad.00468D4D
00468D46 8D46 38 lea eax,dword ptr ds:[esi+0x38]
00468D49 85C0 test eax,eax
00468D4B 75 17 jnz short acad.00468D64
00468D4D 8B5424 0C mov edx,dword ptr ss:[esp+0xC]
00468D51 8B87 E4050000 mov eax,dword ptr ds:[edi+0x5E4] ; acad.00540055
00468D57 8D8F E4050000 lea ecx,dword ptr ds:[edi+0x5E4]
00468D5D 5F pop edi ; acad.00484568
00468D5E 8911 mov dword ptr ds:[ecx],edx ; acdb17.017029D0
00468D60 5E pop esi ; acad.00484568
00468D61 C2 0400 retn 0x4
00468D64 8B5424 0C mov edx,dword ptr ss:[esp+0xC]
00468D68 8D48 14 lea ecx,dword ptr ds:[eax+0x14]
00468D6B 8B01 mov eax,dword ptr ds:[ecx] ; acad.00C09664
00468D6D 5F pop edi ; acad.00484568
00468D6E 8911 mov dword ptr ds:[ecx],edx ; acdb17.017029D0
00468D70 5E pop esi ; acad.00484568
00468D71 C2 0400 retn 0x4
00484568 8B56 20 mov edx,dword ptr ds:[esi+0x20]
0048456B 8B4E 14 mov ecx,dword ptr ds:[esi+0x14]
0048456E 894424 18 mov dword ptr ss:[esp+0x18],eax
00484572 8B46 24 mov eax,dword ptr ds:[esi+0x24]
00484575 8D5E 14 lea ebx,dword ptr ds:[esi+0x14]
00484578 895424 10 mov dword ptr ss:[esp+0x10],edx
0048457C C703 00000000 mov dword ptr ds:[ebx],0x0
00484582 C746 20 0000000>mov dword ptr ds:[esi+0x20],0x0
00484589 C746 24 9613000>mov dword ptr ds:[esi+0x24],0x1396
00484590 8B17 mov edx,dword ptr ds:[edi]
00484592 894C24 24 mov dword ptr ss:[esp+0x24],ecx
00484596 894424 14 mov dword ptr ss:[esp+0x14],eax
0048459A 8B42 34 mov eax,dword ptr ds:[edx+0x34]
0048459D 8BCF mov ecx,edi
0048459F FFD0 call eax
0045A5F0 8B41 20 mov eax,dword ptr ds:[ecx+0x20]
0045A5F3 C3 retn
004845A1 8B4C24 28 mov ecx,dword ptr ss:[esp+0x28]
004845A5 53 push ebx
004845A6 51 push ecx
004845A7 8946 0C mov dword ptr ds:[esi+0xC],eax
004845AA E8 D1000000 call acad.00484680
004845AF 8346 10 01 add dword ptr ds:[esi+0x10],0x1
004845B3 8B17 mov edx,dword ptr ds:[edi]
004845B5 8B42 24 mov eax,dword ptr ds:[edx+0x24]
004845B8 83C4 08 add esp,0x8
004845BB 8BCF mov ecx,edi
004845BD 83CD FF or ebp,-0x1
004845C0 FFD0 call eax
004845C2 85C0 test eax,eax
004845C4 74 25 je short acad.004845EB
004845C6 57 push edi
004845C7 E8 E4CE6800 call acad.00B114B0
004845CC 8BE8 mov ebp,eax
004845CE 83C4 04 add esp,0x4
004845D1 83FD 01 cmp ebp,0x1
004845D4 74 04 je short acad.004845DA
004845D6 85ED test ebp,ebp
004845D8 75 07 jnz short acad.004845E1
004845DA BD 64000000 mov ebp,0x64
004845DF EB 2A jmp short acad.0048460B
004845E1 83FD 64 cmp ebp,0x64
004845E4 74 25 je short acad.0048460B
004845E6 83CD FF or ebp,-0x1
004845E9 EB 20 jmp short acad.0048460B
004845EB 837E 10 02 cmp dword ptr ds:[esi+0x10],0x2
004845EF 7D 1A jge short acad.0048460B
004845F1 8B4E 1C mov ecx,dword ptr ds:[esi+0x1C]
004845F4 51 push ecx
004845F5 6A 05 push 0x5
004845F7 E8 54CF6800 call acad.00B11550
004845FC 83C4 08 add esp,0x8
004845FF F7D8 neg eax
00484601 1BC0 sbb eax,eax
00484603 83E0 65 and eax,0x65
00484606 83C0 FF add eax,-0x1
00484609 8BE8 mov ebp,eax
0048460B 8B4424 30 mov eax,dword ptr ss:[esp+0x30]
0048460F 85C0 test eax,eax
00484611 74 05 je short acad.00484618
00484613 8B56 24 mov edx,dword ptr ds:[esi+0x24]
00484616 8910 mov dword ptr ds:[eax],edx
00484618 8B4424 2C mov eax,dword ptr ss:[esp+0x2C]
0048461C 8346 10 FF add dword ptr ds:[esi+0x10],-0x1
00484620 85C0 test eax,eax
00484622 74 0D je short acad.00484631
00484624 50 push eax
00484625 8B46 20 mov eax,dword ptr ds:[esi+0x20]
00484628 50 push eax
00484629 E8 52000000 call acad.00484680
0048462E 83C4 08 add esp,0x8
00484631 8B03 mov eax,dword ptr ds:[ebx]
00484633 8B4C24 24 mov ecx,dword ptr ss:[esp+0x24]
00484637 50 push eax
00484638 890B mov dword ptr ds:[ebx],ecx
0048463A E8 61040000 call acad.00484AA0
0048463F 8B56 20 mov edx,dword ptr ds:[esi+0x20]
00484642 52 push edx
00484643 E8 58040000 call acad.00484AA0
00484648 8B4C24 1C mov ecx,dword ptr ss:[esp+0x1C]
0048464C 8B5424 20 mov edx,dword ptr ss:[esp+0x20]
00484650 8B4424 18 mov eax,dword ptr ss:[esp+0x18]
00484654 83C4 08 add esp,0x8
00484657 894E 24 mov dword ptr ds:[esi+0x24],ecx
0048465A 8B4C24 1C mov ecx,dword ptr ss:[esp+0x1C]
0048465E 52 push edx
0048465F 8946 20 mov dword ptr ds:[esi+0x20],eax
00484662 E8 B946FEFF call acad.00468D20
00484667 5E pop esi ; acad.0048DDB5
00484668 8BC5 mov eax,ebp
0048466A 5D pop ebp ; acad.0048DDB5
0048466B 5F pop edi ; acad.0048DDB5
0048466C 5B pop ebx ; acad.0048DDB5
0048466D 83C4 10 add esp,0x10
00484670 C2 1000 retn 0x10
0048DDB5 8B4424 10 mov eax,dword ptr ss:[esp+0x10]
0048DDB9 8BCF mov ecx,edi
0048DDBB 8985 DC050000 mov dword ptr ss:[ebp+0x5DC],eax
0048DDC1 E8 BA72FFFF call acad.00485080
00485080 8341 04 FF add dword ptr ds:[ecx+0x4],-0x1
00485084 8B89 F8000000 mov ecx,dword ptr ds:[ecx+0xF8]
0048508A 85C9 test ecx,ecx
0048508C 74 27 je short acad.004850B5
0048508E E8 9D8DFFFF call acad.0047DE30
00485093 84C0 test al,al
00485095 74 1E je short acad.004850B5
00485097 E8 646DF8FF call acad.acDocManagerPtr
0048509C 8B10 mov edx,dword ptr ds:[eax]
0048509E 8BC8 mov ecx,eax
004850A0 8B42 18 mov eax,dword ptr ds:[edx+0x18]
004850A3 FFD0 call eax
004850A5 8B10 mov edx,dword ptr ds:[eax]
004850A7 8BC8 mov ecx,eax
004850A9 8B42 3C mov eax,dword ptr ds:[edx+0x3C]
004850AC FFD0 call eax
004850AE 8BC8 mov ecx,eax
004850B0 E9 7BA51000 jmp acad.0058F630
004850B5 C3 retn
0048DDC6 53 push ebx
0048DDC7 E8 D46CFFFF call acad.00484AA0
00484AA0 E8 6BDAFFFF call acad.00482510
00484AA5 85C0 test eax,eax
00484AA7 8B4C24 04 mov ecx,dword ptr ss:[esp+0x4]
00484AAB 74 11 je short acad.00484ABE
00484AAD 8B40 14 mov eax,dword ptr ds:[eax+0x14]
00484AB0 85C0 test eax,eax
00484AB2 74 0A je short acad.00484ABE
00484AB4 3BC1 cmp eax,ecx
00484AB6 75 06 jnz short acad.00484ABE
00484AB8 B8 77ECFFFF mov eax,-0x1389
00484ABD C3 retn
00484ABE 85C9 test ecx,ecx
00484AC0 8BC1 mov eax,ecx
00484AC2 74 13 je short acad.00484AD7
00484AC4 56 push esi
00484AC5 8B30 mov esi,dword ptr ds:[eax]
00484AC7 50 push eax
00484AC8 E8 A3040000 call acad.00484F70
00484F70 56 push esi
00484F71 8B7424 08 mov esi,dword ptr ss:[esp+0x8]
00484F75 85F6 test esi,esi
00484F77 0F84 C6000000 je acad.00485043
00484F7D 0FB74E 04 movzx ecx,word ptr ds:[esi+0x4]
00484F81 66:81F9 8813 cmp cx,0x1388
00484F86 57 push edi
00484F87 8B3D 6803BC00 mov edi,dword ptr ds:[<&MSVCR80.free>] ; msvcr80.free
00484F8D 0F8D 83000000 jge acad.00485016
00484F93 66:81F9 EC03 cmp cx,0x3EC
00484F98 74 77 je short acad.00485011
00484F9A 0FBFD1 movsx edx,cx
00484F9D B8 67666666 mov eax,0x66666667
00484FA2 F7EA imul edx
00484FA4 C1FA 02 sar edx,0x2
00484FA7 8BC2 mov eax,edx
00484FA9 C1E8 1F shr eax,0x1F
00484FAC 03C2 add eax,edx
00484FAE 83F8 1F cmp eax,0x1F
00484FB1 74 5E je short acad.00485011
00484FB3 66:83F9 FC cmp cx,0xFFFC
00484FB7 74 3F je short acad.00484FF8
00484FB9 66:81F9 E803 cmp cx,0x3E8
00484FBE 7C 0A jl short acad.00484FCA
00484FC0 81C1 18FCFFFF add ecx,-0x3E8
00484FC6 66:894E 04 mov word ptr ds:[esi+0x4],cx
00484FCA 0FB74E 04 movzx ecx,word ptr ds:[esi+0x4]
00484FCE 81E1 FF010000 and ecx,0x1FF
00484FD4 B8 67666666 mov eax,0x66666667
00484FD9 F7E9 imul ecx
00484FDB C1FA 02 sar edx,0x2
00484FDE 8BC2 mov eax,edx
00484FE0 C1E8 1F shr eax,0x1F
00484FE3 03C2 add eax,edx
00484FE5 83F8 29 cmp eax,0x29
00484FE8 77 52 ja short acad.0048503C
00484FEA 0FB688 50504800 movzx ecx,byte ptr ds:[eax+0x485050]
00484FF1 FF248D 48504800 jmp dword ptr ds:[ecx*4+0x485048]
00484FF8 8B46 08 mov eax,dword ptr ds:[esi+0x8]
00484FFB 85C0 test eax,eax
00484FFD 74 3D je short acad.0048503C
00484FFF 50 push eax
00485000 E8 9B0E0100 call acad.00495EA0
00485005 83C4 04 add esp,0x4
00485008 56 push esi
00485009 FFD7 call edi
0048500B 83C4 04 add esp,0x4
0048500E 5F pop edi ; acad.00484ACD
0048500F 5E pop esi ; acad.00484ACD
00485010 C3 retn
00484ACD 83C4 04 add esp,0x4
00484AD0 85F6 test esi,esi
00484AD2 8BC6 mov eax,esi
00484AD4 ^ 75 EF jnz short acad.00484AC5
00484AD6 5E pop esi ; acad.0048DDCC
00484AD7 B8 EC130000 mov eax,0x13EC
00484ADC C3 retn
0048DDCC 83C4 04 add esp,0x4
0048DDCF 8B4C24 58 mov ecx,dword ptr ss:[esp+0x58]
0048DDD3 5F pop edi ; acad.00B11E2E
0048DDD4 5E pop esi ; acad.00B11E2E
0048DDD5 5D pop ebp ; acad.00B11E2E
0048DDD6 5B pop ebx ; acad.00B11E2E
0048DDD7 33CC xor ecx,esp
0048DDD9 E8 8E056A00 call acad.00B2E36C
0048DDDE 83C4 4C add esp,0x4C
0048DDE1 C3 retn
00B11E2E 8B96 DC050000 mov edx,dword ptr ds:[esi+0x5DC]
00B11E34 8913 mov dword ptr ds:[ebx],edx
00B11E36 83C4 0C add esp,0xC
00B11E39 C786 DC050000 0>mov dword ptr ds:[esi+0x5DC],0x0
00B11E43 893D BC07D600 mov dword ptr ds:[0xD607BC],edi
00B11E49 5F pop edi ; ddd.0DFD334F
00B11E4A 5E pop esi ; ddd.0DFD334F
00B11E4B B8 01000000 mov eax,0x1
00B11E50 5B pop ebx ; ddd.0DFD334F
00B11E51 C3 retn