// IMarshalPPv既是IMarshal又是IPersistStream又是IMoniker
signed __int64 __fastcall CMarshalInterceptor::MarshalInterface(CMarshalInterceptor *this, struct IStream *stream, const struct _GUID *riid, IMarshal *IMarshalPPv, unsigned int dwDestContext, void *pvDestContext, unsigned int mshlflags)
{
const struct _GUID *v7; // rbp
struct IStream *stream_or_moniker_Ref; // rsi
CMarshalInterceptor *that; // rdi
CMarshalInterceptorVtblUnion *v11; // rcx
signed int hr; // ebx
struct IStream v13; // rax
void *v14; // rcx
CMarshalInterceptorVtblUnion *self; // rcx
struct IStream IPersistStreamPPvRef; // rax
struct IStream *v17; // rcx
__int64 v18; // [rsp+20h] [rbp-98h]
__int64 v19; // [rsp+30h] [rbp-88h]
int bytesWtrtten; // [rsp+40h] [rbp-78h]
IMarshal *IMarshalImpl; // [rsp+48h] [rbp-70h]
IPersistStream *IPersistStreamPPv; // [rsp+50h] [rbp-68h]
__int16 v23; // [rsp+58h] [rbp-60h]
__int64 v24; // [rsp+5Ah] [rbp-5Eh]
__int64 size; // [rsp+62h] [rbp-56h]
__int64 v26; // [rsp+6Ah] [rbp-4Eh]
int v27; // [rsp+72h] [rbp-46h]
__int16 v28; // [rsp+76h] [rbp-42h]
v7 = riid;
stream_or_moniker_Ref = stream;
that = this;
if ( !stream )
return 2147942487i64;
v11 = this[4]._SelfUnionVtbl;
if ( !v11 )
return 2147549183i64;
v23 = 0;
IMarshalImpl = 0i64;
v24 = 0i64;
size = 0i64;
v26 = 0i64;
v27 = 0;
v28 = 0;
*(_DWORD *)((char *)&v24 + 2) = 32;
LOWORD(v24) = 0;
if ( (*(signed int (__fastcall **)(CMarshalInterceptorVtblUnion *, GUID *, IMarshal **, IMarshal *))v11->_SelfMarshalVtbl.QueryInterface)(
v11,
&IID_IMarshal3,
&IMarshalImpl,
IMarshalPPv) < 0 )
{
// 当不支持IID_IMarshal3接口时
self = that[4]._SelfUnionVtbl;
IPersistStreamPPv = 0i64;
if ( (*(signed int (__fastcall **)(CMarshalInterceptorVtblUnion *, GUID *, IPersistStream **))self->_SelfMarshalVtbl.QueryInterface)(
self,
&IID_IPersistStream,
&IPersistStreamPPv) < 0 )
return (unsigned int)-2146367997;
// 只要Moniker支持IPersistStream接口
hr = ((__int64 (__fastcall *)(IPersistStream *, char *))IPersistStreamPPv->_SelfStreamVtbl->GetSizeMax)(
IPersistStreamPPv,
(char *)&size + 2);
if ( hr >= 0 )
{
IPersistStreamPPvRef.lpVtbl = stream_or_moniker_Ref->lpVtbl;
*(_DWORD *)((char *)&v24 + 6) = 3;
bytesWtrtten = 0;
// 实际上是OleSaveToStream
hr = ((__int64 (__fastcall *)(struct IStream *, __int16 *, signed __int64, int *))IPersistStreamPPvRef.lpVtbl->Write)(
stream_or_moniker_Ref,
&v23,
32i64,
&bytesWtrtten);
if ( bytesWtrtten != 32 && hr >= 0 )
hr = -2147287011;
if ( hr >= 0 )
{
v17 = (struct IStream *)that[5]._SelfUnionVtbl;
if ( v17 )
{
hr = CMarshalInterceptor::CopyStream(v17, stream_or_moniker_Ref);
(*((void (**)(void))that[5]._SelfUnionVtbl->_SelfMarshalVtbl.QueryInterface + 2))();
that[5]._SelfUnionVtbl = 0i64;
}
else
{
// 实际上是OleSaveToStream
hr = ((__int64 (__fastcall *)(IPersistStream *, struct IStream *, signed __int64))IPersistStreamPPv->_SelfStreamVtbl->Save)(
IPersistStreamPPv,
stream_or_moniker_Ref,
1i64);
}
}
}
v14 = IPersistStreamPPv;
}
else
{
hr = ((__int64 (__fastcall *)(IMarshal *, const struct _GUID *, CMarshalInterceptorVtblUnion *, _QWORD, void *, unsigned int, char *))IMarshalImpl->_selfMyMarshal->GetUnmarshalClass)(
IMarshalImpl,
v7,
that[4]._SelfUnionVtbl,
dwDestContext,
pvDestContext,
mshlflags,
(char *)&size + 2);
if ( hr >= 0 )
{
v13.lpVtbl = stream_or_moniker_Ref->lpVtbl;
*(_DWORD *)((char *)&v24 + 6) = 1;
bytesWtrtten = 0;
hr = ((__int64 (__fastcall *)(struct IStream *, __int16 *, signed __int64, int *))v13.lpVtbl->Write)(
stream_or_moniker_Ref,
&v23,
32i64,
&bytesWtrtten);
if ( bytesWtrtten != 32 && hr >= 0 )
hr = -2147287011;
if ( hr >= 0 )
{
LODWORD(v19) = mshlflags;
LODWORD(v18) = dwDestContext;
hr = ((__int64 (__fastcall *)(IMarshal *, struct IStream *, const struct _GUID *, CMarshalInterceptorVtblUnion *, __int64, void *, __int64))IMarshalImpl->_selfMyMarshal->MarshalInterface)(
IMarshalImpl,
stream_or_moniker_Ref,
v7,
that[4]._SelfUnionVtbl,
v18,
pvDestContext,
v19);
}
}
v14 = IMarshalImpl;
}
(*(void (**)(void))(*(_QWORD *)v14 + 16i64))();
return (unsigned int)hr;
}CMarshalInterceptor::MarshalInterface正确逆向结果
猜你喜欢
转载自blog.csdn.net/oShuangYue12/article/details/80862317
今日推荐
周排行