the following cods is generated by IDA pro. 

I don't understand where and what is assigned to off_40G030?

there is no reference in code section.

what does the following code mean?

what is the clean code of the following code?

Edited July 30, 20187 yr by James Taylor

Probably that at that particular offset is stored a DEVICE_OBJECT, either a pointer to the DEVICE_OBJECT structure, or the actual contents of the structure. https://msdn.microsoft.com/en-us/library/windows/hardware/ff543147(v=vs.85).aspx

9 minutes ago, fearless said:

Probably that at that particular offset is stored a DEVICE_OBJECT, either a pointer to the DEVICE_OBJECT structure, or the actual contents of the structure. https://msdn.microsoft.com/en-us/library/windows/hardware/ff543147(v=vs.85).aspx

what is the pseudo code for the following decompiled code?

Thanks 

Please show the assembly code, that first compare makes no sense to me. Did you patch the Assembly manually or meddle with the decompiler somehow?

32 minutes ago, deepzero said:

Please show the assembly code, that first compare makes no sense to me. Did you patch the Assembly manually or meddle with the decompiler somehow?

That's the source code. there is no more to be shown !!

.data

blah dd offset somethingelse

.code

mov eax, [blah]

cmp eax, offset blah

je someothercondition

.. continues

mov ebx,[eax.DEVICE_OBJECT.Characteristics]

and ebx, 2

jz someothercondition

.. continues

lea ebx, [eax.DEVICE_OBJECT.Flags]

cmp byte ptr [ebx], 4

jb someothercondition

.. continues

 

someothercondition:

------

something like that, might be wrong but it gives the general jist..

also "thats the source code" - nonsense, thats some hexrays c interpretation of the asm code, dont lie

 

 

 

Edited July 31, 20187 yr by evlncrn8