-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCASE 35 EXPLAINED WORKING IN DETAILS
107 lines (80 loc) · 3.57 KB
/
CASE 35 EXPLAINED WORKING IN DETAILS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
CASE 35 EXPLAINED NEWLY BGMI 32BIT ONLY
int __fastcall sub_95F2E(int a1, unsigned __int8 *a2, size_t a3)
{
int result; // r0
unsigned int v7; // r0
unsigned __int8 *v8; // r0
int v9; // r0
int v10; // r6
__int64 v11; // r0
result = -1;
if ( a2 && !((a3 - 1) >> 10) )
{
if ( (unsigned int)((*(_DWORD *)(a1 + 4) - *(_DWORD *)a1) >> 2) > 0x400 )
return -1;
v7 = *a2;
if ( v7 >= 0x11 )
{
sub_277D10(a1 + 1044);
v8 = *(unsigned __int8 **)(a1 + 14);
*(_WORD *)(a1 + 12) = a3;
qmemcpy(v8, a2, a3);
v7 = sub_277D2E(a1 + 1044);
}
v9 = sub_95FC2(v7, a2, a3);
if ( v9 )
{
v10 = v9;
sub_277D10(a1 + 1044);
v11 = *(_QWORD *)(a1 + 4);
if ( (_DWORD)v11 == HIDWORD(v11) )
{
sub_9646A(a1);
LODWORD(v11) = *(_DWORD *)(a1 + 4);
}
if ( (_DWORD)v11 )
{
*(_DWORD *)v11 = v10;
*(_DWORD *)(a1 + 4) += 4;
}
sub_277D2E(a1 + 1044);
return 0;
}
else
{
return -1;
}
}
return result;
}
====================================================================================================================================================
The provided C++ function, `sub_95F2E`, is designed to process a stream of data represented as a sequence of bytes. It takes three parameters:
- `a1`: A pointer to a memory region where data will be stored and processed.
- `a2`: A pointer to the input data stream.
- `a3`: The size of the input data stream in bytes.
**Functionality**:
1. **Input Validation**:
- It checks if both `a2` (the input data pointer) and `a3` (the input data size) are valid.
- If either of them is `nullptr` or the size is too large (exceeding certain limits), the function returns `-1`, indicating an error.
2. **Buffer Check**:
- It verifies if there is sufficient space in the memory region pointed to by `a1` to accommodate the input data. If there is not enough space, the function returns `-1`.
3. **Data Processing**:
- It retrieves the first byte from the input data stream and examines its value (`v7`).
4. **Data Processing Based on the First Byte**:
- If `v7` is greater than or equal to 0x11, it performs the following steps:
- Clears a specific memory region (likely a buffer or temporary storage) at `a1 + 1044`.
- Copies the input data from `a2` into the memory region at `a1 + 14`.
- Calculates a checksum of the copied data using `sub_277D2E` and stores it at `a1 + 1044`.
- If `v7` is less than 0x11, it calls `sub_95FC2` to process the input data. If `sub_95FC2` returns a non-zero value, it proceeds to the next step.
5. **Data Storage**:
- It calculates the address where the processed data should be stored within the memory region pointed to by `a1`.
- If there is sufficient space available, it stores the processed data at the calculated address and updates the pointer `*(_DWORD *)(a1 + 4)` to reflect the new data location.
6. **Buffer Cleanup**:
- It clears the buffer or temporary storage at `a1 + 1044`.
7. **Return Value**:
- If the data was successfully processed and stored, the function returns `0`. Otherwise, it returns `-1`.
**In-Game Runtime Behavior**:
This function appears to be part of a game or software application's data processing or communication system.
It is responsible for receiving a stream of bytes, validating it, processing it based on specific rules or protocols,
and storing the processed data in a designated memory region.
The exact purpose and context of this function within the game's runtime environment would depend on the specific game or application it belongs to.