Home/ Questions/Q 6128907
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T16:40:49+00:00

I am beginner at dis-assembly. Below is the disassembly of CGContextReplacePathWithShapePath from IDA pro.

  • 0

I am beginner at dis-assembly. Below is the disassembly of CGContextReplacePathWithShapePath from IDA pro. I am trying to figure out the parameters to the routine.

Any help is highly appreciated. Also please post some pointers/hints on how to attack the dis-assembly.

__text:00024D1F ; =============== S U B R O U T I N E =======================================
__text:00024D1F
__text:00024D1F ; Attributes: bp-based frame
__text:00024D1F
__text:00024D1F                 public _CGContextReplacePathWithShapePath
__text:00024D1F _CGContextReplacePathWithShapePath proc near
__text:00024D1F
__text:00024D1F var_2C          = dword ptr -2Ch
__text:00024D1F var_20          = dword ptr -20h
__text:00024D1F var_1C          = dword ptr -1Ch
__text:00024D1F arg_0           = dword ptr  8
__text:00024D1F arg_4           = dword ptr  0Ch
__text:00024D1F
__text:00024D1F                 push    ebp
__text:00024D20                 mov     ebp, esp
__text:00024D22                 push    edi
__text:00024D23                 push    esi
__text:00024D24                 push    ebx
__text:00024D25                 sub     esp, 3Ch
__text:00024D28                 call    $+5
__text:00024D2D                 pop     ebx
__text:00024D2E                 mov     esi, [ebp+arg_0]
__text:00024D31                 test    esi, esi
__text:00024D33                 jz      short loc_24D3E
__text:00024D35                 cmp     dword ptr [esi+8], 43545854h
__text:00024D3C                 jz      short loc_24D5F
__text:00024D3E
__text:00024D3E loc_24D3E:                              ; CODE XREF: _CGContextReplacePathWithShapePath+14j
__text:00024D3E                 mov     [esp+8], esi
__text:00024D42                 lea     eax, (___func___26084 - 24D2Dh)[ebx] ; "CGContextReplacePathWithShapePath"
__text:00024D48                 mov     [esp+4], eax
__text:00024D4C                 lea     eax, (aSInvalidContex - 24D2Dh)[ebx] ; "%s: invalid context %p"
__text:00024D52                 mov     [esp], eax
__text:00024D55                 call    _CGPostError
__text:00024D5A                 jmp     loc_24DF2
__text:00024D5F ; ---------------------------------------------------------------------------
__text:00024D5F
__text:00024D5F loc_24D5F:                              ; CODE XREF: _CGContextReplacePathWithShapePath+1Dj
__text:00024D5F                 mov     eax, [esi+58h]
__text:00024D62                 test    eax, eax
__text:00024D64                 jz      short loc_24D75
__text:00024D66                 mov     [esp], eax
__text:00024D69                 call    _CGPathRelease
__text:00024D6E                 mov     dword ptr [esi+58h], 0
__text:00024D75
__text:00024D75 loc_24D75:                              ; CODE XREF: _CGContextReplacePathWithShapePath+45j
__text:00024D75                 mov     eax, [ebp+arg_4]
__text:00024D78                 mov     [esp], eax
__text:00024D7B                 call    _CGSRegionPathEnumerator
__text:00024D80                 mov     edi, eax
__text:00024D82                 xor     ebx, ebx
__text:00024D84                 lea     eax, [ebp+var_20]
__text:00024D87                 mov     [ebp+var_2C], eax
__text:00024D8A                 jmp     short loc_24DCA
__text:00024D8C ; ---------------------------------------------------------------------------
__text:00024D8C
__text:00024D8C loc_24D8C:                              ; CODE XREF: _CGContextReplacePathWithShapePath+BDj
__text:00024D8C                 jge     short loc_24DB4
__text:00024D8E                 inc     ebx
__text:00024D8F                 cmp     ebx, 1
__text:00024D92                 jz      short loc_24D9C
__text:00024D94                 mov     [esp], esi
__text:00024D97                 call    _CGContextClosePath
__text:00024D9C
__text:00024D9C loc_24D9C:                              ; CODE XREF: _CGContextReplacePathWithShapePath+73j
__text:00024D9C                 mov     eax, [ebp+var_1C]
__text:00024D9F                 mov     [esp+8], eax
__text:00024DA3                 mov     eax, [ebp+var_20]
__text:00024DA6                 mov     [esp+4], eax
__text:00024DAA                 mov     [esp], esi
__text:00024DAD                 call    _CGContextMoveToPoint
__text:00024DB2                 jmp     short loc_24DCA
__text:00024DB4 ; ---------------------------------------------------------------------------
__text:00024DB4
__text:00024DB4 loc_24DB4:                              ; CODE XREF: _CGContextReplacePathWithShapePath:loc_24D8Cj
__text:00024DB4                 mov     eax, [ebp+var_1C]
__text:00024DB7                 mov     [esp+8], eax
__text:00024DBB                 mov     eax, [ebp+var_20]
__text:00024DBE                 mov     [esp+4], eax
__text:00024DC2                 mov     [esp], esi
__text:00024DC5                 call    _CGContextAddLineToPoint
__text:00024DCA
__text:00024DCA loc_24DCA:                              ; CODE XREF: _CGContextReplacePathWithShapePath+6Bj
__text:00024DCA                                         ; _CGContextReplacePathWithShapePath+93j
__text:00024DCA                 mov     eax, [ebp+var_2C]
__text:00024DCD                 mov     [esp+4], eax
__text:00024DD1                 mov     [esp], edi
__text:00024DD4                 call    _CGSNextPoint
__text:00024DD9                 cmp     eax, 0
__text:00024DDC                 jnz     short loc_24D8C
__text:00024DDE                 test    ebx, ebx
__text:00024DE0                 jz      short loc_24DEA
__text:00024DE2                 mov     [esp], esi
__text:00024DE5                 call    _CGContextClosePath
__text:00024DEA
__text:00024DEA loc_24DEA:                              ; CODE XREF: _CGContextReplacePathWithShapePath+C1j
__text:00024DEA                 mov     [esp], edi
__text:00024DED                 call    _CGSReleaseRegionEnumerator
__text:00024DF2
__text:00024DF2 loc_24DF2:                              ; CODE XREF: _CGContextReplacePathWithShapePath+3Bj
__text:00024DF2                 add     esp, 3Ch
__text:00024DF5                 pop     ebx
__text:00024DF6                 pop     esi
__text:00024DF7                 pop     edi
__text:00024DF8                 leave
__text:00024DF9                 retn
__text:00024DF9 _CGContextReplacePathWithShapePath endp
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The first parameter is a context parameter of some sort.

    The function checks to see if it’s NULL and in that case jumps to loc_24D3E (where you can see it calls an error function _CGPostError with the format string "%s: invalid context %p"). BTW: Right after it checks a magic value in the context (at context+8) to see if it is valid otherwise it exits through the same error path. The magic value43545854h is CTXT as chars btw.

    __text:00024D2E                 mov     esi, [ebp+arg_0]
__text:00024D31                 test    esi, esi
__text:00024D33                 jz      short loc_24D3E

    As for the second parameter, it looks to be some kind of path as it is used as the sole parameter to CGSRegionPathEnumerator.

    __text:00024D75                 mov     eax, [ebp+arg_4]
__text:00024D78                 mov     [esp], eax
__text:00024D7B                 call    _CGSRegionPathEnumerator

    In C the function would look something like this:

    void CGContextReplacePathWithShapePath(Context* context, Path* path) {
    if(context == NULL || context->magic != 0x43545854) {
        CGPostError("%s: invalid context %p", "CGContextReplacePathWithShapePath", context);
        return;
    }
    // loc_24D5F
    if (context->path != NULL) {
        CGPathRelease(context->path);
        context->path = NULL;   
    }

    // loc_24D75
    RegionPathEnumerator* rpe =  CGSRegionPathEnumerator(path);
    // ....
}
    • 0