JustPaste.it - Share Text & Images the Easy Way

【依頼の目的と内容説明】 shell32.dllの解析
【プロセッサの種類】 x86 【OSの種類】 Win Server 2003 【言語】 C/C++
【報酬金額と送金方法】報酬なし
【アセンブリまたは機械語】
proc shell32.dll!PathResolve@12 Label_7C903EE0
Label_7C903EE0:
7C903EE0: mov edi, edi
7C903EE2: push ebp
7C903EE3: mov ebp, esp
7C903EE5: push ecx
7C903EE6: push ebx
7C903EE7: mov ebx, [ebp+0x10]
7C903EEA: mov eax, ebx
7C903EEC: and al, 0x8
7C903EEE: neg al
7C903EF0: push esi
7C903EF1: push edi
7C903EF2: mov edi, ebx
7C903EF4: sbb eax, eax
7C903EF6: and eax, 0xffffffd0
7C903EF9: add eax, 0x3f
7C903EFC: and edi, 0x1
7C903EFF: mov [ebp-0x4], eax
7C903F02: jz Label_7C903F0C
7C903F04: push 0x2
7C903F06: call kernel32.dll!SetLastError
Label_7C903F0C:
7C903F0C: mov esi, [ebp+0x8] # jump_from : 7C903F02
7C903F0F: push esi
7C903F10: call shlwapi.dll!PathUnquoteSpacesW
7C903F16: push esi
7C903F17: call shlwapi.dll!PathIsRootW
7C903F1D: test eax, eax
7C903F1F: push esi
7C903F20: jnz Label_7C97420F
7C903F26: call shlwapi.dll!PathIsFileSpecW
7C903F2C: test eax, eax
7C903F2E: jz Label_7C95C590
7C903F34: test bl, 0x3
7C903F37: jz Label_7C903F4B
7C903F39: push dword [ebp-0x4]
7C903F3C: push 0x1
7C903F3E: push dword [ebp+0xc]
7C903F41: push esi
7C903F42: call Func7C903F7F@16
7C903F47: test eax, eax
7C903F49: jnz Label_7C903F70
Label_7C903F4B:
7C903F4B: push dword [ebp+0xc] # jump_from : 7C903F37
7C903F4E: push esi
7C903F4F: call shlwapi.dll!PathFindOnPathW
7C903F55: test eax, eax
7C903F57: jz Label_7C95C5FB
7C903F5D: test bl, 0x10
7C903F60: jz Label_7C903F70
7C903F62: push esi
7C903F63: call Func7C8FF2D3@4
7C903F68: test eax, eax
7C903F6A: jz Label_7C974264
Label_7C903F70:
7C903F70: xor eax, eax # jump_from : 7C903F49 7C903F60 7C95C5B4 7C97424B
7C903F72: inc eax
Label_7C903F73:
7C903F73: pop edi # jump_from : 7C95C5F6 7C95C5FD 7C97425F 7C97427B 7C9742AA
7C903F74: pop esi
7C903F75: pop ebx
7C903F76: leave
7C903F77: ret 0xc
Label_7C95C590:
7C95C590: push esi # jump_from : 7C903F2E
7C95C591: call shlwapi.dll!PathIsURLW
7C95C597: test eax, eax
7C95C599: jnz Label_7C95C5FB
7C95C59B: xor ebx, ebx
7C95C59D: test byte [ebp+0x10], 0x4
7C95C5A1: jnz Label_7C974280
7C95C5A7: xor eax, eax
Label_7C95C5A9:
7C95C5A9: push 0x1 # jump_from : 7C974285
7C95C5AB: push eax
7C95C5AC: push esi
7C95C5AD: call Func7C95C607@12
7C95C5B2: cmp edi, ebx
7C95C5B4: jz Label_7C903F70
7C95C5BA: test byte [ebp+0x10], 0x3
7C95C5BE: mov edi, [0x7c8d1ff8]
7C95C5C4: mov [ebp+0x8], ebx
7C95C5C7: jz Label_7C95C5DA
7C95C5C9: push dword [ebp-0x4]
7C95C5CC: push ebx
7C95C5CD: push dword [ebp+0xc]
7C95C5D0: push esi
7C95C5D1: call Func7C903F7F@16
7C95C5D6: test eax, eax
7C95C5D8: jnz Label_7C95C5E2
Label_7C95C5DA:
7C95C5DA: push ebx # jump_from : 7C95C5C7
7C95C5DB: push esi
7C95C5DC: call edi
7C95C5DE: test eax, eax
7C95C5E0: jz Label_7C95C5F3
Label_7C95C5E2:
7C95C5E2: test byte [ebp+0x10], 0x10 # jump_from : 7C95C5D8
7C95C5E6: mov dword [ebp+0x8], 0x1
7C95C5ED: jnz Label_7C97428A
Label_7C95C5F3:
7C95C5F3: mov eax, [ebp+0x8] # jump_from : 7C95C5E0 7C974292
7C95C5F6: jmp Label_7C903F73
Label_7C95C5FB:
7C95C5FB: xor eax, eax # jump_from : 7C903F57 7C95C599 7C97426C 7C9742A0
7C95C5FD: jmp Label_7C903F73
Label_7C97420F:
7C97420F: call shlwapi.dll!PathIsUNCServerW # jump_from : 7C903F20
7C974215: xor ebx, ebx
7C974217: test eax, eax
7C974219: jnz Label_7C974249
7C97421B: push esi
7C97421C: call shlwapi.dll!PathIsUNCServerShareW
7C974222: test eax, eax
7C974224: jnz Label_7C974249
7C974226: cmp word [esi], 0x5c
7C97422A: jnz Label_7C974249
7C97422C: cmp [esi+0x2], bx
7C974230: jnz Label_7C974249
7C974232: test byte [ebp+0x10], 0x4
7C974236: jz Label_7C97423F
7C974238: mov eax, [ebp+0xc]
7C97423B: mov eax, [eax]
7C97423D: jmp Label_7C974241
Label_7C97423F:
7C97423F: xor eax, eax # jump_from : 7C974236
Label_7C974241:
7C974241: push ebx # jump_from : 7C97423D
7C974242: push eax
7C974243: push esi
7C974244: call Func7C95C607@12
Label_7C974249:
7C974249: cmp edi, ebx # jump_from : 7C974219 7C974224 7C97422A 7C974230
7C97424B: jz Label_7C903F70
7C974251: push ebx
7C974252: push esi
7C974253: call shlwapi.dll!446
7C974259: neg eax
7C97425B: sbb eax, eax
7C97425D: neg eax
7C97425F: jmp Label_7C903F73
Label_7C974264:
7C974264: push esi # jump_from : 7C903F6A
7C974265: call Func7C9A5238@4
7C97426A: test eax, eax
7C97426C: jz Label_7C95C5FB
7C974272: push 0x0
7C974274: push esi
7C974275: call shlwapi.dll!446
7C97427B: jmp Label_7C903F73
Label_7C974280:
7C974280: mov eax, [ebp+0xc] # jump_from : 7C95C5A1
7C974283: mov eax, [eax]
7C974285: jmp Label_7C95C5A9
Label_7C97428A:
7C97428A: push esi # jump_from : 7C95C5ED
7C97428B: call Func7C8FF2D3@4
7C974290: test eax, eax
7C974292: jnz Label_7C95C5F3
7C974298: push esi
7C974299: call Func7C9A5238@4
7C97429E: test eax, eax
7C9742A0: jz Label_7C95C5FB
7C9742A6: push ebx
7C9742A7: push esi
7C9742A8: call edi
7C9742AA: jmp Label_7C903F73
end proc

VOID WINAPI SetLastError(DWORD dwErrCode);
VOID WINAPI PathUnquoteSpacesW(LPWSTR lpszPath);
BOOL WINAPI PathIsRootW(LPCWSTR lpszPath);
BOOL WINAPI PathIsFileSpecW(LPCWSTR lpszPath);
BOOL WINAPI PathFindOnPathW(LPWSTR lpszFile, LPCWSTR *lppszOtherDirs);
BOOL WINAPI PathIsURLW(LPCWSTR lpstrPath);
BOOL Func7C903F7F(LPCWSTR path, LPCWSTR *dirs, BOOL flag, DWORD dwWhich);
VOID Func7C95C607(LPWSTR pszPath, LPCWSTR pszDir, DWORD dwFlags);
BOOL WINAPI PathIsUNCServerW(LPCWSTR lpszPath);
BOOL WINAPI PathIsUNCServerShareW(LPCWSTR lpszPath);
BOOL WINAPI Func7C8FF2D3(LPCWSTR path);
INT WINAPI Func7C9A5238(LPWSTR p1);

shlwapi.dll!446は、BOOL WINAPI PathFileExistsAndAttributesW(LPCWSTR lpszPath, DWORD *dwAttr)です。
解読お願いします。