Joseph Doherty
fe2a6db786
rust / build / test / clippy / fmt (push) Has been cancelled
Layout:
- src/ .NET 10 x64 reference: MxNativeCodec, MxNativeClient,
MxAsbClient, probes, tests, harnesses. Executable spec.
- design/ Architectural plan for the Rust port (M0–M6), error
model, protocol invariants, risks (R1–R16), adversarial
review log (review.md).
- rust/ Rust workspace. M0 skeleton + M1 codec parity.
mxaccess-codec: 215 unit tests + 2 cross-implementation
parity tests (byte-identical against .NET reference).
Other crates are M0 stubs awaiting M2+.
- captures/ Frida + netsh + pcap evidence per CLAUDE.md
("captures are evidence, not throwaway logs").
- analysis/ Decompiled C# (frida/proxy/decompiled-*),
Ghidra exports for native DLLs (`exports/` only —
working state at `projects/` and AVEVA's input
binaries at `input/` are gitignored).
- docs/ Reverse-engineering reference docs.
- tools/ Setup-LiveProbeEnv.ps1 (Infisical credential fetcher),
Compute-Crc.ps1 (.NET parity helper).
- .github/workflows/ Rust CI: fmt + build + test + clippy on Windows.
- LICENSE MIT (Joseph Doherty, 2026).
Verified:
- cargo test --workspace → 217 passed (215 unit + 2 .NET parity), 0 failed
- cargo clippy --workspace -- -D warnings → clean
- cargo fmt --all -- --check → clean
- cargo publish --dry-run -p mxaccess-codec → packages cleanly
Excluded from history (see .gitignore):
- **/bin, **/obj, **/target — build artifacts
- analysis/ghidra/projects/ — Ghidra working state (regenerable)
- analysis/ghidra/input/ — AVEVA proprietary DLLs (vendor IP)
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
274 lines
11 KiB
Markdown
274 lines
11 KiB
Markdown
# LmxProxy.dll selected decompile
|
|
|
|
## FUN_1001657f at 1001657f
|
|
|
|
Signature: `undefined __stdcall FUN_1001657f(uint param_1, undefined4 param_2)`
|
|
|
|
```c
|
|
|
|
/* WARNING: Function: __EH_prolog3_catch_GS replaced with injection: EH_prolog3 */
|
|
|
|
void FUN_1001657f(uint param_1,undefined4 param_2)
|
|
|
|
{
|
|
DWORD DVar1;
|
|
basic_ostream<wchar_t,struct_std::char_traits<wchar_t>_> bVar2;
|
|
undefined *puVar3;
|
|
int iVar4;
|
|
int *piVar5;
|
|
DWORD DVar6;
|
|
undefined4 *puVar7;
|
|
HRESULT HVar8;
|
|
basic_ostream<wchar_t,struct_std::char_traits<wchar_t>_> *pbVar9;
|
|
uint uVar10;
|
|
undefined4 uVar11;
|
|
wchar_t *pwVar12;
|
|
_func_basic_ostream<wchar_t,struct_std::char_traits<wchar_t>_>_ptr_basic_ostream<wchar_t,struct_std::char_traits<wchar_t>_>_ptr
|
|
*p_Var13;
|
|
void **in_stack_ffffff1c;
|
|
undefined1 local_d4 [36];
|
|
VARIANTARG local_b0;
|
|
_union_2683 local_a0;
|
|
VARIANTARG local_90;
|
|
VARIANTARG local_80;
|
|
int *local_70 [2];
|
|
DWORD local_68;
|
|
undefined *local_64;
|
|
IUnknown *local_60 [2];
|
|
BSTR local_58;
|
|
uint local_54;
|
|
int *local_50 [2];
|
|
SAFEARRAY *local_48;
|
|
undefined1 local_44 [4];
|
|
FILETIME local_40;
|
|
undefined2 local_38 [8];
|
|
undefined1 local_28 [32];
|
|
uint local_8;
|
|
undefined4 uStack_4;
|
|
|
|
uStack_4 = 0xc4;
|
|
local_54 = param_1;
|
|
local_68 = 0;
|
|
local_64 = (undefined *)0x0;
|
|
local_58 = (BSTR)0x0;
|
|
local_8 = 0;
|
|
FUN_1000107a((int *)local_50);
|
|
local_8 = CONCAT31(local_8._1_3_,1);
|
|
uVar11 = 0;
|
|
uVar10 = 3;
|
|
puVar3 = FUN_10003248();
|
|
iVar4 = FUN_10003897(puVar3,uVar10);
|
|
puVar3 = FUN_10003248();
|
|
uVar10 = FUN_1000305b(puVar3,iVar4,uVar11);
|
|
if ((char)uVar10 != '\0') {
|
|
pwVar12 = L"OnDataChange callback received";
|
|
piVar5 = (int *)FUN_10003248();
|
|
FUN_100031b7(piVar5,pwVar12);
|
|
}
|
|
if (DAT_10029594 == 0) {
|
|
local_8 = local_8 & 0xffffff00;
|
|
FUN_1000111b((int *)local_50);
|
|
local_8 = 0xffffffff;
|
|
SysFreeString(local_58);
|
|
}
|
|
else {
|
|
DVar6 = GetCurrentThreadId();
|
|
if (DVar6 == DAT_10029594) {
|
|
iVar4 = *(int *)(param_1 + 8);
|
|
FUN_1000f663((void *)(iVar4 + 0x2c),&local_40.dwHighDateTime,(int *)(param_1 + 0xc));
|
|
DVar6 = local_40.dwHighDateTime;
|
|
if ((((undefined *)local_40.dwHighDateTime != *(undefined **)(iVar4 + 0x30)) &&
|
|
(FUN_1000f5ef((undefined *)(local_40.dwHighDateTime + 0x3c),&local_40.dwHighDateTime,
|
|
(int *)(param_1 + 0x10)), DVar1 = local_40.dwHighDateTime,
|
|
(undefined *)local_40.dwHighDateTime != *(undefined **)(DVar6 + 0x40))) &&
|
|
(*(char *)(local_40.dwHighDateTime + 0x1c) != '\0')) {
|
|
if (*(char *)(local_40.dwHighDateTime + 0x1f) == '\0') {
|
|
if (*(char *)(local_40.dwHighDateTime + 0x1e) == '\0') {
|
|
local_40.dwHighDateTime = 0;
|
|
local_28._0_4_ = (uint)(ushort)local_28._2_2_ << 0x10;
|
|
local_28._4_4_ = 0;
|
|
local_28._8_4_ = 0;
|
|
local_28._12_4_ = (undefined *)0x0;
|
|
(**(code **)(**(int **)(DVar6 + 0x24) + 0x60))
|
|
(*(int **)(DVar6 + 0x24),*(undefined4 *)(DVar1 + 0x18),
|
|
&local_40.dwHighDateTime,local_28);
|
|
if ((local_28._0_2_ == 0xffff) && (local_28._4_4_ == 0)) {
|
|
*(undefined1 *)(DVar1 + 0x1e) = 1;
|
|
*(byte *)(DVar1 + 0x1d) = (byte)(local_40.dwHighDateTime >> 1) & 1;
|
|
}
|
|
}
|
|
piVar5 = *(int **)(DVar6 + 0x24);
|
|
if (local_50[0] != (int *)0x0) {
|
|
(**(code **)(*local_50[0] + 8))(local_50[0]);
|
|
local_50[0] = (int *)0x0;
|
|
}
|
|
iVar4 = (**(code **)(*piVar5 + 0x50))
|
|
(piVar5,*(undefined4 *)(DVar1 + 0x18),local_44,&local_68,local_38,
|
|
&local_58,local_50);
|
|
}
|
|
else {
|
|
if (*(char *)(local_40.dwHighDateTime + 0x1e) == '\0') {
|
|
local_40.dwHighDateTime = 0;
|
|
local_28._0_4_ = (uint)(ushort)local_28._2_2_ << 0x10;
|
|
local_28._4_4_ = 0;
|
|
local_28._8_4_ = 0;
|
|
local_28._12_4_ = (undefined *)0x0;
|
|
(**(code **)(**(int **)(DVar6 + 0x30) + 0x28))
|
|
(*(int **)(DVar6 + 0x30),*(undefined4 *)(DVar1 + 0x18),
|
|
&local_40.dwHighDateTime,local_28);
|
|
if ((local_28._0_2_ == 0xffff) && (local_28._4_4_ == 0)) {
|
|
*(undefined1 *)(DVar1 + 0x1e) = 1;
|
|
*(byte *)(DVar1 + 0x1d) = (byte)(local_40.dwHighDateTime >> 1) & 1;
|
|
}
|
|
}
|
|
piVar5 = *(int **)(DVar6 + 0x30);
|
|
if (local_50[0] != (int *)0x0) {
|
|
(**(code **)(*local_50[0] + 8))(local_50[0]);
|
|
local_50[0] = (int *)0x0;
|
|
}
|
|
iVar4 = (**(code **)(*piVar5 + 0x20))
|
|
(piVar5,*(undefined4 *)(DVar1 + 0x18),local_44,&local_68,local_38,
|
|
local_50);
|
|
}
|
|
iVar4 = FUN_1000f8d9((undefined4 *)(uint)(iVar4 == 0),iVar4,0x6d,"MxCallback.cpp");
|
|
if (iVar4 != 0) {
|
|
if (*(char *)(DVar1 + 0x28) == '\0') {
|
|
FUN_1000107a((int *)local_60);
|
|
local_8 = CONCAT31(local_8._1_3_,4);
|
|
if (*(char *)(DVar1 + 0x1d) == '\0') {
|
|
local_40.dwLowDateTime = 0;
|
|
local_40.dwHighDateTime = 0;
|
|
CoFileTimeNow(&local_40);
|
|
local_28._8_4_ = local_40.dwLowDateTime;
|
|
local_28._12_4_ = local_40.dwHighDateTime;
|
|
}
|
|
else {
|
|
local_28._8_4_ = local_68;
|
|
local_28._12_4_ = local_64;
|
|
}
|
|
HVar8 = (*local_60[0]->lpVtbl[5].QueryInterface)
|
|
(local_60[0],(IID *)(local_28 + 8),in_stack_ffffff1c);
|
|
if (HVar8 < 0) {
|
|
_com_issue_errorex(HVar8,local_60[0],(_GUID *)&DAT_1001b590);
|
|
}
|
|
puVar3 = FUN_100012e6(local_60);
|
|
FUN_10001269(local_70,puVar3);
|
|
local_8._0_1_ = 5;
|
|
FUN_100060a2((CComVariant *)&local_b0,local_70[0],0x40);
|
|
local_8._0_1_ = 6;
|
|
FUN_100060a2((CComVariant *)&local_a0.n2,local_50[0],0);
|
|
local_8._0_1_ = 7;
|
|
HVar8 = FUN_10003f60(&local_48,local_38,1);
|
|
if (HVar8 < 0) {
|
|
bVar2 = FUN_10003f01(*(basic_ostream<wchar_t,struct_std::char_traits<wchar_t>_> **)
|
|
(DAT_100294e0 + 8));
|
|
if (bVar2 != (basic_ostream<wchar_t,struct_std::char_traits<wchar_t>_>)0x0) {
|
|
p_Var13 = endl_exref;
|
|
pbVar9 = (basic_ostream<wchar_t,struct_std::char_traits<wchar_t>_> *)
|
|
FUN_10002dbf(*(int **)(DAT_100294e0 + 8),
|
|
L"CUserConnectionCallback::OnDataChange - Create MxStatus SafeArray failed. hr = "
|
|
);
|
|
pbVar9 = std::basic_ostream<wchar_t,struct_std::char_traits<wchar_t>_>::operator<<
|
|
(pbVar9,HVar8);
|
|
std::basic_ostream<wchar_t,struct_std::char_traits<wchar_t>_>::operator<<
|
|
(pbVar9,p_Var13);
|
|
}
|
|
}
|
|
else {
|
|
local_8 = CONCAT31(local_8._1_3_,8);
|
|
FUN_10015f72((void *)(*(int *)(local_54 + 8) + 0xc),*(long *)(local_54 + 0xc),
|
|
*(long *)(local_54 + 0x10),local_a0._0_4_);
|
|
local_8._0_1_ = 7;
|
|
local_8._1_3_ = 0;
|
|
HVar8 = SafeArrayDestroy(local_48);
|
|
if (HVar8 != 0) {
|
|
pwVar12 =
|
|
L"CUserConnectionCallback::OnDataChange - SafeArrayDestroy failed - hr %08X";
|
|
piVar5 = (int *)FUN_10003248();
|
|
FUN_1000308b(piVar5,pwVar12);
|
|
}
|
|
}
|
|
local_8._0_1_ = 6;
|
|
VariantClear((VARIANTARG *)&local_a0.n2);
|
|
local_8._0_1_ = 5;
|
|
VariantClear(&local_b0);
|
|
local_8._0_1_ = 4;
|
|
FUN_1000111b((int *)local_70);
|
|
local_8 = CONCAT31(local_8._1_3_,1);
|
|
FUN_1000111b((int *)local_60);
|
|
}
|
|
else {
|
|
VariantInit(&local_80);
|
|
local_8._0_1_ = 10;
|
|
VariantInit(&local_90);
|
|
local_8._0_1_ = 0xb;
|
|
VariantInit((VARIANTARG *)local_28);
|
|
local_8._0_1_ = 0xc;
|
|
local_40.dwHighDateTime = 0;
|
|
FUN_100069ad(local_50[0],(ushort *)&local_80,(undefined2 *)&local_90,
|
|
(undefined2 *)local_28,(BSTR)&local_40.dwHighDateTime);
|
|
HVar8 = FUN_10003f60(&local_48,local_38,1);
|
|
if (HVar8 < 0) {
|
|
bVar2 = FUN_10003f01(*(basic_ostream<wchar_t,struct_std::char_traits<wchar_t>_> **)
|
|
(DAT_100294e0 + 8));
|
|
if (bVar2 != (basic_ostream<wchar_t,struct_std::char_traits<wchar_t>_>)0x0) {
|
|
p_Var13 = endl_exref;
|
|
pbVar9 = (basic_ostream<wchar_t,struct_std::char_traits<wchar_t>_> *)
|
|
FUN_10002dbf(*(int **)(DAT_100294e0 + 8),
|
|
L"CUserConnectionCallback::OnDataChange - Create MxStatus SafeArray failed on Buffered Data callback. hr = "
|
|
);
|
|
pbVar9 = std::basic_ostream<wchar_t,struct_std::char_traits<wchar_t>_>::operator<<
|
|
(pbVar9,HVar8);
|
|
std::basic_ostream<wchar_t,struct_std::char_traits<wchar_t>_>::operator<<
|
|
(pbVar9,p_Var13);
|
|
}
|
|
}
|
|
else {
|
|
local_8 = CONCAT31(local_8._1_3_,0xd);
|
|
FUN_100163c0((void *)(*(int *)(local_54 + 8) + 0x18),*(long *)(local_54 + 0xc),
|
|
*(long *)(local_54 + 0x10),local_40.dwHighDateTime);
|
|
local_8._0_1_ = 0xc;
|
|
local_8._1_3_ = 0;
|
|
HVar8 = SafeArrayDestroy(local_48);
|
|
if (HVar8 != 0) {
|
|
pwVar12 =
|
|
L"CUserConnectionCallback::OnDataChange - SafeArrayDestroy failed - hr %08X";
|
|
piVar5 = (int *)FUN_10003248();
|
|
FUN_1000308b(piVar5,pwVar12);
|
|
}
|
|
}
|
|
local_8._0_1_ = 0xb;
|
|
VariantClear((VARIANTARG *)local_28);
|
|
local_8._0_1_ = 10;
|
|
VariantClear(&local_90);
|
|
local_8 = CONCAT31(local_8._1_3_,1);
|
|
VariantClear(&local_80);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
else {
|
|
local_40.dwHighDateTime = (DWORD)&DAT_100295bc;
|
|
EnterCriticalSection((LPCRITICAL_SECTION)&DAT_100295bc);
|
|
local_8._0_1_ = 2;
|
|
puVar7 = FUN_10015e06(local_d4,(int *)(-(uint)(param_1 != 4) & param_1),param_2);
|
|
local_8._0_1_ = 3;
|
|
FUN_1001654d(&DAT_100295b0,DAT_100295b0,puVar7);
|
|
local_8._0_1_ = 2;
|
|
FUN_1000d639((int)local_d4);
|
|
local_8 = CONCAT31(local_8._1_3_,1);
|
|
LeaveCriticalSection((LPCRITICAL_SECTION)&DAT_100295bc);
|
|
}
|
|
local_8 = local_8 & 0xffffff00;
|
|
FUN_1000111b((int *)local_50);
|
|
local_8 = 0xffffffff;
|
|
SysFreeString(local_58);
|
|
}
|
|
FUN_10017482();
|
|
return;
|
|
}
|
|
|
|
|
|
```
|
|
|