Hi all!

I'm looking at some code in IDA, and it appears to be a complex if-statement, however I'm having trouble translating it. Would one of you be able to take a look? :)

.text:6C823D1A		cmp     , 0
.text:6C823D1E jz      locIsNotInitialised
.text:6C823D24 mov    eax,
.text:6C823D27 add    eax, -103
.text:6C823D2A sub    eax, 5
.text:6C823D2D jb      short loc_6C823D57
.text:6C823D2F add    eax, -15
.text:6C823D32 sub    eax, 3
.text:6C823D35 jb      short loc_6C823D57
.text:6C823D37 cmp    , 0
.text:6C823D3B jz      locIsNotInitialised
.text:6C823D41 mov    eax,
.text:6C823D44 sub    eax, 119
.text:6C823D47 jz      short loc_6C823D57
.text:6C823D49 sub    eax, 2
.text:6C823D4C jz      short loc_6C823D57
.text:6C823D4E sub    eax, 5
.text:6C823D51 jnz    locIsNotInitialised
.text:6C823D57
.text:6C823D57 loc_6C823D57:
... etc ...
.text:6C823F8C locIsNotInitialised:
... etc ...


IDA's Hex-Rays plugin produces this statement, however it seems quite wrong to me (mostly because the decompiler fails at locIsNotInitialised):

JUMPOUT(Structure.IsInitlialised, 0, *(unsigned int *)locIsNotInitialised);
if ( Object->State - 103) >= 5 ) {
if ( (Object->State - 123) >= 3 ) {
JUMPOUT(Structure.IsSomething, 0, *(unsigned int *)locIsNotInitialised);

if ( Object->State != 191 ) {
if ( Object->State != 121 )
JUMPOUT(Object->State - 126, 0u, *(unsigned int *)locIsNotInitialised);
}
}
}
// locIsNotInitialised ... etc ...


And here is my construct, which I believe is wrong:

if ((Structure.IsInitialised && Object.State < 108) || (Object.State < 126 && Structure.IsSomething)) {
// ... etc ...
}
// locIsNotInitialised ... etc ...


So would someone be able to help with this? It'd be much appreciated! :D
Posted on 2011-07-26 20:49:39 by Aerolite
This was solved with the gracious assistance of vulture, from the #asm IRC channel on Freenode.
I had suspicions that it was actually a range-check (several, actually), however I could never work out how to translate it. With vulture giving me an example, I was able to construct the complete if-statement from the above ASM code.

Here is the completed if statement (and its a monster) - I hope it might be a reference to help someone in the future:
if ((Structure.IsInitialised && ((Object.State >= 103 && Object.State < 108) || (Object.State >= 123 && Object.State < 126))) || (Structure.IsSomething && (Object.State == 119 || Object.State == 121 || Object.State == 126)))
{
// ... etc ...
}

// locIsNotInitialised
Posted on 2011-07-27 07:05:31 by Aerolite