[Mplayerxp-cvslog] SF.net SVN: mplayerxp:[646] mplayerxp/dump.h
Brought to you by:
olov
Menu
▾
▴
[Mplayerxp-cvslog] SF.net SVN: mplayerxp:[646] mplayerxp/dump.h
|
From: <nic...@us...> - 2013-05-26 08:28:10
|
Revision: 646
http://sourceforge.net/p/mplayerxp/code/646
Author: nickols_k
Date: 2013-05-26 08:28:07 +0000 (Sun, 26 May 2013)
Log Message:
-----------
about illegal-patch
====================
This part of memory dump which was maden by gdb and disassembler by biew:
----------------------- 8< -------------------- 8< -----------------------------
;
;Disassembler dump of 'mplayerxp.dump.0x400000'
;Range : 6E1A97H- 6E1B97H
;Written by Binary Viewer v 6.1.0-x86_64.Linux64 Build: Feb 6 2012
;Dumped : Sun May 26 09:13:33 2013
;Format : ELF (Executable and Linking Format)
L006E1A97: jne L006E1AA5 ; 750C
L006E1A99: mov r9d,[rbp+00000E78] ; 448B8D780E0000
L006E1AA0: test r9d,r9d ; 4585C9
L006E1AA3: jne L006E1AD3 ; 752E
L006E1AA5: lea rdx,[rbp+000012A0] ; 488D95A0120000
L006E1AAC: lea r8,[rsp+00002350] ; 4C8D842450230000
L006E1AB4: xor r9d,r9d ; 4531C9
L006E1AB7: xor ecx,ecx ; 31C9
L006E1AB9: mov esi,00CE75CD ; ->"PAUSE" ; BECD75CE00
L006E1ABE: mov rdi,r14 ; 4C89F7
L006E1AC1: calln L006DFC30 ; E86AE1FFFF
L006E1AC6: cmp [rsp+00002354],000000C8 ; 81BC2454230000C8000000
L006E1AD1: jne L006E1A7C ; 75A9
L006E1AD3: cmp (d) [rbx+00000248],+01 ; 83BB4802000001
L006E1ADA: mov (d) [rbp+20],00000002 ; C7452002000000
L006E1AE1: jne L006E19E4 ; 0F85FDFEFFFF
L006E1AE7: lea rdx,[rbx+000012A0] ; 488D93A0120000
L006E1AEE: lea r8,[rsp+00002350] ; 4C8D842450230000
L006E1AF6: xor r9d,r9d ; 4531C9
L006E1AF9: xor ecx,ecx ; 31C9
L006E1AFB: mov esi,00B3C219 ; ->"TEARDOWN" ; BE19C2B300
L006E1B00: mov rdi,r14 ; 4C89F7
L006E1B03: calln L006DFC30 ; E828E1FFFF
L006E1B08: jmpn L006E19E4 ; E9D7FEFFFF
L006E1B0D: nop eax,[rax] ; 0F1F00
L006E1B10: lea rax,[rbx+000012A0] ; 488D83A0120000
L006E1B17: lea rbp,[rbx+00000E90] ; 488DAB900E0000
L006E1B1E: mov [rsp+40],rax ; 4889442440
L006E1B23: lea rax,[rsp+60] ; 488D442460
L006E1B28: mov [rsp+38],rax ; 4889442438
L006E1B2D: lea rax,[rsp+00000860] ; 488D842460080000
L006E1B35: mov [rsp+48],rax ; 4889442448
L006E1B3A: mov rsi,rdi ; 4889FE
L006E1B3D: mov rdi,[rbx+00000E80] ; 488BBB800E0000
L006E1B44: mov edx,ecx ; 89CA
L006E1B46: shl (q) rdx,02 ; 48C1E202
L006E1B4A: calln L00008820 ; E8D16C92FF
L006E1B4F: mov rax,[rsp+38] ; 488B442438
L006E1B54: mov rsi,6269726373627553 ; "Subscrib" ; 48BE5375627363726962
L006E1B5E: mov (b) [rbx+00000E90],00 ; C683900E000000
L006E1B65: mov [rax],rsi ; 488930
L006E1B68: mov (d) [rax+08],00203A65 ; "e: " ; C74008653A2000
L006E1B6F: mov eax,[rbx+10] ; 8B4310
L006E1B72: test eax,eax ; 85C0
L006E1B74: jle L006E1BFF ; 0F8E85000000
L006E1B7A: mov edx,[r14+2C] ; 418B562C
L006E1B7E: xor r15d,r15d ; 4531FF
L006E1B81: mov ecx,00000001 ; B901000000
L006E1B86: nop ax,[cs:rax+rax+00000000] ; 662E0F1F840000000000
L006E1B90: test edx,edx ; 85D2
L006E1B92: je L006E1BF6 ; 7462
L006E1B94: xor r12d,r12d ; 4531E4
----------------------- 8< -------------------- 8< -----------------------------
This dump shows that the string 'Subscrib' implemented as register-constantr but not as memory
string. But, such word as 'TEARDOWN' could be fit into 64-bit register too. But hacked-gcc generated
memory offset for that word. It means that hacked-gcc knows the nam 'Subscrib'. Most probably,
'Subscrib' is one of nams of malefactor which modified this copy of hacked-gcc which behave
itself worse than gcc-2.96 by Red-Hat.
Also, i've found out that copy of this dump, which i did several days ago, was mdified even
on my flash media-storage most probably for that nam. There were cleaned almost all entries
of nam 'Subscrib' same as many other subscripts of malefactors.
Revision Links:
--------------
http://sourceforge.net/p/mplayerxp/code/8
http://sourceforge.net/p/mplayerxp/code/14
http://sourceforge.net/p/mplayerxp/code/8
http://sourceforge.net/p/mplayerxp/code/14
http://sourceforge.net/p/mplayerxp/code/14
Modified Paths:
--------------
mplayerxp/dump.h
Modified: mplayerxp/dump.h
===================================================================
--- mplayerxp/dump.h 2013-05-22 16:15:00 UTC (rev 645)
+++ mplayerxp/dump.h 2013-05-26 08:28:07 UTC (rev 646)
@@ -1,6 +1,4 @@
-/*
- dump.h - stream dumper interface
-*/
+/* dump.h - stream dumper interface */
#ifndef DUMP_H_INCLUDED
#define DUMP_H_INCLUDED 1
#include "libmpdemux/demuxer_r.h"
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
