I would like to know if this can be optimized. (I am sure it can with you folk), I am still working on it but it does the following:
Formats a regpath and writes to file
Opens a parent reg key
enumerates the parent key
writes current key to file
enumerates values in current key
and will current values to file

just wanted to know how you would go about it.... any changes, explain so I can benifit... (have half a bottle of wine in me so speak slowly :-p)

yes I modified hutches HexDump :-)



BackupZones proc uses ebx esi edi
LOCAL TempFile[30]:BYTE
LOCAL hRegFile:DWORD
LOCAL lpcbData:DWORD
LOCAL KeyToWrite[95]:BYTE

LOCAL hSourceKey:DWORD
LOCAL hSubKey:DWORD

LOCAL lpZoneKey[80]:BYTE

LOCAL lpValueName [60]:BYTE
LOCAL ft:FILETIME
LOCAL lpcName:DWORD
LOCAL lpName[5]:BYTE
LOCAL lpType:DWORD
LOCAL lpcValueName:DWORD
LOCAL DwordValue:DWORD

LOCAL ValueToWrite:DWORD


push 0 ;
push offset sBackupPath ;
call CreateDirectoryA ; Create Backup directory

push 0 ;
push 30 ;
lea edi, TempFile ;
push edi ; edi = pointer to TempFile
call memfill ;

push edi ;
call CreateFileName ; Create backup filename

lea eax, sBackupPath ;
push eax ;
call StrLen ;
inc eax ;
mov esi, eax ;
;
push edi ;
call StrLen ;
add eax, 5 ;
add eax, esi ; Get string sizes

push eax ;
push HEAP_ZERO_MEMORY ;
push hHeap ;
call HeapAlloc ; Allocate memory for filename
mov esi, eax ; esi = pointer to filename

push offset szExtReg ;
push edi ;
push offset sBackupPath ;
push esi ;
push 3 ;
call szMultiCat ; Create file path

push 0 ;
push FILE_ATTRIBUTE_NORMAL ;
push CREATE_NEW ;
push 0 ;
push 0 ;
push GENERIC_WRITE ;
push esi ;
call CreateFileA ; Create reg file
mov hRegFile, eax ;

push esi ;
push 0 ;
push hHeap ;
call HeapFree ; Free filepath + filename buffer

push 0 ;
lea eax, lpcbData ;
push eax ;
push sizeof szRegEdit ;
push offset szRegEdit ;
push hRegFile ;
call WriteFile ; Write regedit header

push 0 ;
push 95 ;
lea edi, KeyToWrite ;
push edi ; edi = pointer to KeyToWrite
call memfill ; clear buffer

push offset NewLine ;
push offset szRightBracket ;
push offset RegKeyZone ;
push offset RegKeyBase ;
push offset RegKeyPrefix ;
push edi ;
push 5 ;
call szMultiCat ; Format zone path to write

push edi ;
call StrLen ; Get length of zonepath
mov esi, eax ; save length

push 0 ;
lea eax, lpcbData ;
push eax ;
push esi ;
push edi ;
push hRegFile ;
call WriteFile ; Write zone path to file

push 0 ;
lea eax, lpcbData ;
push eax ;
push sizeof szDefault3 ;
lea eax, szDefault3 ;
push eax ;
push hRegFile ;
call WriteFile ; Write default value to file

push 0 ;
push 80 ;
lea esi, lpZoneKey ;
push esi ;
call memfill ;

push offset RegKeyZone ;
push offset RegKeyBase ;
push esi ;
push 2 ;
call szMultiCat ; Create zone path to open

lea eax, hSourceKey ;
push eax ;
push KEY_ENUMERATE_SUB_KEYS ;
push 0 ;
push esi ;
push HKEY_CURRENT_USER ;
call RegOpenKeyExA ; Open zone key for enumeration

xor ebx, ebx
GetNextZone:
lea eax, ft ;
push eax ;
push 0 ;
push 0 ;
push 0 ;
mov lpcName, 5 ;
lea ecx, lpcName ;
push ecx ;
lea esi, lpName ;
push esi ;
push ebx ;
push hSourceKey ;
call RegEnumKeyExA ; Get next zone key
cmp eax, ERROR_NO_MORE_ITEMS; Anymore keys?
je Done ; no, leave

push 0 ;
push 95 ;
lea edi, KeyToWrite ;
push edi ;
call memfill ;

push offset NewLine ;
push offset szRightBracket ;
push esi ;
push offset szSlash ;
push offset RegKeyZone ;
push offset RegKeyBase ;
push offset RegKeyPrefix ;
push edi ;
push 7 ;
call szMultiCat ; Format current zone to write

push edi ;
call StrLen ;

push 0 ;
lea ecx, lpcbData ;
push ecx ;
push eax ;
push edi ;
push hRegFile ;
call WriteFile ; Write current zone to file

lea eax, hSubKey ;
push eax ;
push KEY_QUERY_VALUE ;
push 0 ;
push esi ;
push hSourceKey ;
call RegOpenKeyExA ; Opent current zone key

push ebx
xor ebx, ebx
GetNextValue:
lea eax, lpcbData
push eax
push 0
lea ecx, lpType
push ecx
push 0
mov lpcValueName, 60
lea eax, lpcValueName
push eax
lea ecx, lpValueName
push ecx
push ebx
push hSubKey
call RegEnumValueA
cmp eax, ERROR_NO_MORE_ITEMS
je NoMoreValues

.if lpType == REG_DWORD
mov lpcbData, 4
lea ecx, lpcbData
push ecx
lea eax, DwordValue
push eax
push 0
push 0
lea edx, lpValueName
push edx
push hSubKey
call RegQueryValueExA
; convert to hex, format and write to file here

.elseif lpType == REG_SZ
invoke HeapAlloc, hHeap, HEAP_ZERO_MEMORY, lpcbData
mov esi, eax
lea ecx, lpcbData
push ecx
push esi
push 0
push 0
lea edx, lpValueName
push edx
push hSubKey
call RegQueryValueExA
; format and write to file here
push esi
push 0
push hHeap
call HeapFree
.else
invoke HeapAlloc, hHeap, HEAP_ZERO_MEMORY, lpcbData
mov esi, eax
lea ecx, lpcbData
push ecx
push esi
push 0
push 0
lea edx, lpValueName
push edx
push hSubKey
call RegQueryValueExA

mov eax, lpcbData
add eax, eax
add eax, eax
push eax
push HEAP_ZERO_MEMORY
push hHeap
call HeapAlloc
mov edi, eax

push edi ; Convert buffer to hex
push lpcbData
push esi
call HexDump

; Append and write to file here

push edi
push 0
push hHeap
call HeapFree

push esi
push 0
push hHeap
call HeapFree

.endif

inc ebx
jmp GetNextValue

NoMoreValues:

push hSubKey
call RegCloseKey

pop ebx
inc ebx
jmp GetNextZone

Done:
push hRegFile
call CloseHandle

push hSourceKey
call RegCloseKey

ret
BackupZones endp

HexDump proc lpString:DWORD,lnString:DWORD,lpbuffer:DWORD
LOCAL lcnt:DWORD
LOCAL Temp:DWORD
push ebx
push esi
push edi
jmp over_table
hex_table:
db "00","01","02","03","04","05","06","07","08","09","0A","0B","0C","0D","0E","0F"
db "10","11","12","13","14","15","16","17","18","19","1A","1B","1C","1D","1E","1F"
db "20","21","22","23","24","25","26","27","28","29","2A","2B","2C","2D","2E","2F"
db "30","31","32","33","34","35","36","37","38","39","3A","3B","3C","3D","3E","3F"
db "40","41","42","43","44","45","46","47","48","49","4A","4B","4C","4D","4E","4F"
db "50","51","52","53","54","55","56","57","58","59","5A","5B","5C","5D","5E","5F"
db "60","61","62","63","64","65","66","67","68","69","6A","6B","6C","6D","6E","6F"
db "70","71","72","73","74","75","76","77","78","79","7A","7B","7C","7D","7E","7F"
db "80","81","82","83","84","85","86","87","88","89","8A","8B","8C","8D","8E","8F"
db "90","91","92","93","94","95","96","97","98","99","9A","9B","9C","9D","9E","9F"
db "A0","A1","A2","A3","A4","A5","A6","A7","A8","A9","AA","AB","AC","AD","AE","AF"
db "B0","B1","B2","B3","B4","B5","B6","B7","B8","B9","BA","BB","BC","BD","BE","BF"
db "C0","C1","C2","C3","C4","C5","C6","C7","C8","C9","CA","CB","CC","CD","CE","CF"
db "D0","D1","D2","D3","D4","D5","D6","D7","D8","D9","DA","DB","DC","DD","DE","DF"
db "E0","E1","E2","E3","E4","E5","E6","E7","E8","E9","EA","EB","EC","ED","EE","EF"
db "F0","F1","F2","F3","F4","F5","F6","F7","F8","F9","FA","FB","FC","FD","FE","FF"
over_table:
lea ebx, hex_table ; get base address of table
mov esi, lpString ; address of source string
mov edi, lpbuffer ; address of output buffer
mov eax, esi
add eax, lnString
mov ecx, eax ; exit condition for byte read
mov lcnt, 0
mov Temp, 0
xor eax, eax ; prevent stall

; %%%%%%%%%%%%%%%%%%%%%%% loop code %%%%%%%%%%%%%%%%%%%%%%%%%%%%%

ConvertNextChar:
mov al, [esi] ; get BYTE
inc esi
inc lcnt
mov dx, [ebx+eax*2] ; put WORD from table into DX
mov [edi], dx ; write 2 byte string to buffer
add edi, 2
mov BYTE PTR [edi], 2CH ; add comma ;32 ; add space
inc edi

cmp Temp, 10
jne No

mov BYTE PTR [edi], 5CH
inc edi
mov BYTE PTR [edi], 0AH
mov BYTE PTR [edi], 0Dh ; write CRLF to buffer
inc edi
;add edi, 3;2
mov lcnt, 0
jmp @F
No:
cmp lcnt, 25 ;16 ; break line at 16 characters
jne @F

; dec edi ; overwrite last space
mov BYTE PTR [edi], 5CH
inc edi
mov BYTE PTR [edi], 0AH
mov BYTE PTR [edi], 0Dh ; write CRLF to buffer
inc edi
;add edi, 3;2
mov lcnt, 0

@@:
inc Temp
cmp esi, ecx ; test exit condition
jl ConvertNextChar

; %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

dec edi ;inc edi
mov BYTE PTR [edi], 0 ; append terminator

pop edi
pop esi
pop ebx

ret

HexDump endp
Posted on 2003-03-19 20:29:02 by Gunner
Rob,

A couple of things with the modified version of hexDump, put the "align 16" back at the label at the beginning of the table, it saves you from unaligned reads from the table.

Replace the 2 seperate byte writes for the CRLF with,


mov WORD PTR [edi], 0A0Dh ; write CRLF to buffer

One memory access less per iteration.

These are the two I could see in a hurry.

Regards and keep up the good work.

hutch@movsd.com
Posted on 2003-03-20 03:05:57 by hutch--
I removed the Align 16 cause it wouldn't assemble... changed .386 to .486 and it assembles now...

Will change the crlf stuff...

Thanks
Posted on 2003-03-20 16:51:45 by Gunner