Hex-rays,MATLAB,MEX,cast uintptr_t失败

时间:2016-02-02 03:00:16

标签: c++ matlab casting mex decompiling

我使用Hex-Rays反编译了一些dll,并尝试将其再次编译为MATLAB MEX。由于Hex使用win 7 64反编译了double *作为int而且我使用了win 7 64 double *使用uintptr_t。不幸的是,有时我会遇到“分段错误”。用它。

这是我的代码

#include "mex.h"
#include <stdint.h>

double __stdcall dzSell(int a1, double a2, int a3, int a4, int a5)
{
  int v5; // ecx@1
  double v6; // st7@3
  double result; // st7@4
  int v8; // ebp@5
  double v9; // st6@5
  double v10; // st5@5
  int v11; // edx@5
  int v12; // esi@6
  int v13; // ecx@6
  double v14; // rt0@10
  double v15; // st5@10
  double v16; // st6@10
  double v17; // rt1@12
  double v18; // rt2@15
  double v19; // st5@15
  double v20; // st6@15
  double v21; // rtt@17
  double v22; // rt0@20
  double v23; // st5@20
  double v24; // st6@20
  double v25; // rt1@22
  double v26; // rt2@25
  double v27; // st5@25
  double v28; // st6@25
  double v29; // rtt@27
  int v30; // esi@29
  int v31; // ecx@29
  double v32; // rt0@33
  double v33; // st5@33
  double v34; // st6@33
  double v35; // rt1@35
  signed int v36; // edi@36
  double v37; // st3@36
  double v38; // st4@36
  double v39; // st2@37
  double v40; // st2@38
  double v41; // rt1@38
  double v42; // st2@38
  double v43; // rt2@38
  signed int v44; // esi@40
  double v45; // st1@40
  int v46; // edx@41
  int v47; // ecx@41
  double v48; // rt0@43
  double v49; // st1@43
  double v50; // st4@43
  double v51; // rtt@45
  double v52; // st5@47
  double v53; // st3@47
  double v54; // rtt@48
  double v55; // rt1@48
  double v56; // st3@48
  double v57; // rt2@48
  double v58; // [sp+4h] [bp-8h]@3
  int v59; // [sp+20h] [bp+14h]@1
  int v60; // [sp+20h] [bp+14h]@5

  v5 = a4 - a5;
  v59 = a4 - a5;
  if ( v59 >= a3 )
    v59 = a3;
  v6 = (double)v59;
  v58 = v6;
  if ( v6 >= 1.0 )
  {
    v8 = v5 - 1;
    v9 = *(double *)(a1 + 8 * (v5 - 1));
    v10 = v9;
    v60 = a1 + 8 * (v5 - 1);
    v11 = 1;
    if ( a3 - 1 < 4 )
    {
LABEL_28:
      if ( v11 < a3 )
      {
        v30 = v8 - v11;
        v31 = a1 + 8 * (v8 - v11);
        do
        {
          if ( v30 < 0 )
            break;
          if ( v10 < *(double *)v31 )
            v10 = *(double *)v31;
          v32 = v10;
          v33 = v9;
          v34 = v32;
          if ( v33 > *(double *)v31 )
            v33 = *(double *)v31;
          ++v11;
          v35 = v33;
          v10 = v34;
          v9 = v35;
          v31 -= 8;
          --v30;
        }
        while ( v11 < a3 );
      }
    }
    else
    {
      v12 = v5 - 4;
      v13 = a1 + 8 * (v5 - 4);
      while ( v12 + 2 >= 0 )
      {
        if ( v10 < *(double *)(v13 + 16) )
          v10 = *(double *)(v13 + 16);
        v14 = v10;
        v15 = v9;
        v16 = v14;
        if ( v15 > *(double *)(v13 + 16) )
          v15 = *(double *)(v13 + 16);
        v17 = v15;
        v10 = v16;
        v9 = v17;
        if ( v12 + 1 < 0 )
          break;
        if ( v10 < *(double *)(v13 + 8) )
          v10 = *(double *)(v13 + 8);
        v18 = v10;
        v19 = v9;
        v20 = v18;
        if ( v19 > *(double *)(v13 + 8) )
          v19 = *(double *)(v13 + 8);
        v21 = v19;
        v10 = v20;
        v9 = v21;
        if ( v12 < 0 )
          break;
        if ( v10 < *(double *)v13 )
          v10 = *(double *)v13;
        v22 = v10;
        v23 = v9;
        v24 = v22;
        if ( v23 > *(double *)v13 )
          v23 = *(double *)v13;
        v25 = v23;
        v10 = v24;
        v9 = v25;
        if ( v12 - 1 < 0 )
          break;
        if ( v10 < *(double *)(v13 - 8) )
          v10 = *(double *)(v13 - 8);
        v26 = v10;
        v27 = v9;
        v28 = v26;
        if ( v27 > *(double *)(v13 - 8) )
          v27 = *(double *)(v13 - 8);
        v11 += 4;
        v29 = v27;
        v10 = v28;
        v9 = v29;
        v13 -= 32;
        v12 -= 4;
        if ( v11 >= a3 - 3 )
          goto LABEL_28;
      }
    }
    v36 = 50;
    v37 = 0.5;
    v38 = (v10 + v9) * 0.5;
    if ( v38 - v9 <= 0.005 )
    {
      result = v38;
    }
    else
    {
      v39 = 0.0;
      while ( v36 > 0 )
      {
        v44 = 0;
        v45 = v39;
        if ( v39 < v6 )
        {
          v46 = v60;
          v47 = v8;
          do
          {
            if ( v47 < 0 )
              break;
            v48 = v45;
            v49 = v38;
            v50 = v48;
            if ( v49 < *(double *)v46 )
              v39 = v39 + 1.0;
            ++v44;
            v46 -= 8;
            --v47;
            v51 = v49;
            v45 = v50;
            v38 = v51;
          }
          while ( (double)v44 < v6 );
        }
        if ( a2 - 0.001 <= v39 / v6 )
        {
          v54 = (v38 + v10) * v37;
          v9 = v38;
          v55 = v37;
          v56 = v10;
          v52 = v55;
          v57 = v56;
          v53 = v54;
          v38 = v57;
        }
        else
        {
          v52 = v37;
          v53 = (v38 + v9) * v37;
        }
        --v36;
        if ( v53 - v9 <= 0.005 )
          return v53;
        v6 = v58;
        v40 = v52;
        v10 = v38;
        v41 = v40;
        v42 = v53;
        v37 = v41;
        v43 = v42;
        v39 = v45;
        v38 = v43;
      }
      result = v38;
    }
  }
  else
  {
    result = 2147483647.0;
  }
  return result;
}

void mexFunction(int nlhs, mxArray *plhs[], int nrhs, const mxArray *prhs[]) {

    double *buffer;
    double Probability;
    int DzLookBackBars;
    int Bars;
    int i;
    double result;

  // Check inputs
  if (nrhs != 5) {//if the user has given anything but one arg, then error
    mexErrMsgIdAndTxt("Numerical:myGetPr:nrhs", "Require 5 args");
  }
  if (!mxIsNumeric(prhs[0])) {//if input is not numeric (for example a string), then errror
    mexErrMsgIdAndTxt("Numerical:myGetPr:isnumeric", "Require args that is numeric");
  }

  if(nlhs!=1) {
    mexErrMsgIdAndTxt("MyToolbox:arrayProduct:nlhs","One output required.");
  }

  /* make sure the first input argument is type double */
  if( !mxIsDouble(prhs[0]) || 
         mxIsComplex(prhs[0])) {
        mexErrMsgIdAndTxt("MyToolbox:arrayProduct:notDouble","Input matrix must be type double.");
  }

  // Check output

      int dims[] = {1,1};  //dimensions of output

      buffer =  mxGetPr(prhs[0]);
      Probability =  mxGetScalar(prhs[1]);
      DzLookBackBars = mxGetScalar(prhs[2]);
      Bars = mxGetScalar(prhs[3]);
      i = mxGetScalar(prhs[4]);

      result = dzSell ((uintptr_t)buffer, Probability,  DzLookBackBars, Bars, i);

      plhs[0] = mxCreateDoubleScalar(result);

}

和这里证明错误投射的屏幕

enter image description here

任何想法如何处理它?<​​/ p>

通过Hex-Rays反编译数组的例子就在这里

Hex-Rays decompiles array to int

这里是反汇编文件

http://www.mediafire.com/view/w82l6somwr7o450/dissasembly.txt

的Krzysztof

2 个答案:

答案 0 :(得分:1)

将反编译器视为先行,而不是产生良好的代码。

特别是,它创建的代码根本不是可移植的。为了能够编译不同的指针大小,您需要修复类型信息。

答案 1 :(得分:0)

解决方案是在函数定义和反编译函数内使用uintptr_t和intptr_t 64位整数。反编译的dll来自32位系统,但我的函数假设在win 7 64下工作。我使用IDA 64和反编译器,但生成的伪代码是32位。