[Mplayerxp-cvslog] SF.net SVN: mplayerxp:[646] mplayerxp/dump.h
Brought to you by:
olov
From: <nic...@us...> - 2013-05-26 08:28:10
|
Revision: 646 http://sourceforge.net/p/mplayerxp/code/646 Author: nickols_k Date: 2013-05-26 08:28:07 +0000 (Sun, 26 May 2013) Log Message: ----------- about illegal-patch ==================== This part of memory dump which was maden by gdb and disassembler by biew: ----------------------- 8< -------------------- 8< ----------------------------- ; ;Disassembler dump of 'mplayerxp.dump.0x400000' ;Range : 6E1A97H- 6E1B97H ;Written by Binary Viewer v 6.1.0-x86_64.Linux64 Build: Feb 6 2012 ;Dumped : Sun May 26 09:13:33 2013 ;Format : ELF (Executable and Linking Format) L006E1A97: jne L006E1AA5 ; 750C L006E1A99: mov r9d,[rbp+00000E78] ; 448B8D780E0000 L006E1AA0: test r9d,r9d ; 4585C9 L006E1AA3: jne L006E1AD3 ; 752E L006E1AA5: lea rdx,[rbp+000012A0] ; 488D95A0120000 L006E1AAC: lea r8,[rsp+00002350] ; 4C8D842450230000 L006E1AB4: xor r9d,r9d ; 4531C9 L006E1AB7: xor ecx,ecx ; 31C9 L006E1AB9: mov esi,00CE75CD ; ->"PAUSE" ; BECD75CE00 L006E1ABE: mov rdi,r14 ; 4C89F7 L006E1AC1: calln L006DFC30 ; E86AE1FFFF L006E1AC6: cmp [rsp+00002354],000000C8 ; 81BC2454230000C8000000 L006E1AD1: jne L006E1A7C ; 75A9 L006E1AD3: cmp (d) [rbx+00000248],+01 ; 83BB4802000001 L006E1ADA: mov (d) [rbp+20],00000002 ; C7452002000000 L006E1AE1: jne L006E19E4 ; 0F85FDFEFFFF L006E1AE7: lea rdx,[rbx+000012A0] ; 488D93A0120000 L006E1AEE: lea r8,[rsp+00002350] ; 4C8D842450230000 L006E1AF6: xor r9d,r9d ; 4531C9 L006E1AF9: xor ecx,ecx ; 31C9 L006E1AFB: mov esi,00B3C219 ; ->"TEARDOWN" ; BE19C2B300 L006E1B00: mov rdi,r14 ; 4C89F7 L006E1B03: calln L006DFC30 ; E828E1FFFF L006E1B08: jmpn L006E19E4 ; E9D7FEFFFF L006E1B0D: nop eax,[rax] ; 0F1F00 L006E1B10: lea rax,[rbx+000012A0] ; 488D83A0120000 L006E1B17: lea rbp,[rbx+00000E90] ; 488DAB900E0000 L006E1B1E: mov [rsp+40],rax ; 4889442440 L006E1B23: lea rax,[rsp+60] ; 488D442460 L006E1B28: mov [rsp+38],rax ; 4889442438 L006E1B2D: lea rax,[rsp+00000860] ; 488D842460080000 L006E1B35: mov [rsp+48],rax ; 4889442448 L006E1B3A: mov rsi,rdi ; 4889FE L006E1B3D: mov rdi,[rbx+00000E80] ; 488BBB800E0000 L006E1B44: mov edx,ecx ; 89CA L006E1B46: shl (q) rdx,02 ; 48C1E202 L006E1B4A: calln L00008820 ; E8D16C92FF L006E1B4F: mov rax,[rsp+38] ; 488B442438 L006E1B54: mov rsi,6269726373627553 ; "Subscrib" ; 48BE5375627363726962 L006E1B5E: mov (b) [rbx+00000E90],00 ; C683900E000000 L006E1B65: mov [rax],rsi ; 488930 L006E1B68: mov (d) [rax+08],00203A65 ; "e: " ; C74008653A2000 L006E1B6F: mov eax,[rbx+10] ; 8B4310 L006E1B72: test eax,eax ; 85C0 L006E1B74: jle L006E1BFF ; 0F8E85000000 L006E1B7A: mov edx,[r14+2C] ; 418B562C L006E1B7E: xor r15d,r15d ; 4531FF L006E1B81: mov ecx,00000001 ; B901000000 L006E1B86: nop ax,[cs:rax+rax+00000000] ; 662E0F1F840000000000 L006E1B90: test edx,edx ; 85D2 L006E1B92: je L006E1BF6 ; 7462 L006E1B94: xor r12d,r12d ; 4531E4 ----------------------- 8< -------------------- 8< ----------------------------- This dump shows that the string 'Subscrib' implemented as register-constantr but not as memory string. But, such word as 'TEARDOWN' could be fit into 64-bit register too. But hacked-gcc generated memory offset for that word. It means that hacked-gcc knows the nam 'Subscrib'. Most probably, 'Subscrib' is one of nams of malefactor which modified this copy of hacked-gcc which behave itself worse than gcc-2.96 by Red-Hat. Also, i've found out that copy of this dump, which i did several days ago, was mdified even on my flash media-storage most probably for that nam. There were cleaned almost all entries of nam 'Subscrib' same as many other subscripts of malefactors. Revision Links: -------------- http://sourceforge.net/p/mplayerxp/code/8 http://sourceforge.net/p/mplayerxp/code/14 http://sourceforge.net/p/mplayerxp/code/8 http://sourceforge.net/p/mplayerxp/code/14 http://sourceforge.net/p/mplayerxp/code/14 Modified Paths: -------------- mplayerxp/dump.h Modified: mplayerxp/dump.h =================================================================== --- mplayerxp/dump.h 2013-05-22 16:15:00 UTC (rev 645) +++ mplayerxp/dump.h 2013-05-26 08:28:07 UTC (rev 646) @@ -1,6 +1,4 @@ -/* - dump.h - stream dumper interface -*/ +/* dump.h - stream dumper interface */ #ifndef DUMP_H_INCLUDED #define DUMP_H_INCLUDED 1 #include "libmpdemux/demuxer_r.h" This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |