[MPlayer-dev-eng] sorenson dumping succes

Arpi arpi at thot.banki.hu
Mon Dec 31 19:14:16 CET 2001


Hi,

I spent a hour by modifying wine's dll loader to catch, redirect and
control the sorenson dispatcher (gateway) function.

Something to note: qt sdk says all calls are 'pascal', so different stack
control than C calls. it is false. it won't sowrk with __stdacl, but will work
with normal gcc C functions.

I catched teh point where teh qt player calls GetProcAddress to get sorenson
decoder's entry point, and returned a fake function, which will dump stuff
and then call the real one.

I ran it on a sorenson mov, and here are teh results (cutted, only relevant
stuff:)

GetProcAddress(62800000,SorensonYUV9Dispatcher)
Sorenson dispatcher catched -> 0x629cf650
Fake sorenson dispatcher called! 0x405B51D8  0x0
sorenson CParam: flags=0x0  size=4  what=-1 (0xFFFFFFFF) kComponentOpenSelect
sorenson param[0] = 0x820024
GetProcAddress(62800000,ScalingCodecDispatcher)
Fake sorenson dispatcher called! 0x405B5038  0x44B400CC
sorenson CParam: flags=0x0  size=8  what=1024 (0x400) ???
sorenson param[0] = 0x44B41768
sorenson param[1] = 0x44B4176C
sorenson retcode=0
sorenson retcode=0

Fake sorenson dispatcher called! 0x405B5328  0x44B400CC
sorenson CParam: flags=0x0  size=4  what=0 (0x0) kImageCodecGetCodecInfoSelect
sorenson param[0] = 0x405B53F8
sorenson retcode=0

Fake sorenson dispatcher called! 0x405B5270  0x44B400CC
sorenson CParam: flags=0x0  size=4  what=-2 (0xFFFFFFFE) kComponentCloseSelect
sorenson param[0] = 0x820024
sorenson retcode=0




GetProcAddress(62800000,SorensonYUV9Dispatcher)
Sorenson dispatcher catched -> 0x629cf650
Fake sorenson dispatcher called! 0x405B4F18  0x0
sorenson CParam: flags=0x0  size=4  what=-1 (0xFFFFFFFF) kComponentOpenSelect
sorenson param[0] = 0x830024
GetProcAddress(62800000,ScalingCodecDispatcher)
Fake sorenson dispatcher called! 0x405B4D78  0x44B40134
sorenson CParam: flags=0x0  size=8  what=1024 (0x400) ???
sorenson param[0] = 0x44B417D0
sorenson param[1] = 0x44B417D4
sorenson retcode=0
sorenson retcode=0

Fake sorenson dispatcher called! 0x405B47D4  0x44B40134
sorenson CParam: flags=0x0  size=4  what=-2 (0xFFFFFFFE) kComponentCloseSelect
sorenson param[0] = 0x830024
sorenson retcode=0




GetProcAddress(62800000,SorensonYUV9Dispatcher)
Sorenson dispatcher catched -> 0x629cf650
Fake sorenson dispatcher called! 0x405B4798  0x0
sorenson CParam: flags=0x0  size=4  what=-1 (0xFFFFFFFF) kComponentOpenSelect
sorenson param[0] = 0x840024
GetProcAddress(62800000,ScalingCodecDispatcher)
Fake sorenson dispatcher called! 0x405B45F8  0x44B41994
sorenson CParam: flags=0x0  size=8  what=1024 (0x400) ???
sorenson param[0] = 0x44B4173C
sorenson param[1] = 0x44B41740
sorenson retcode=0
sorenson retcode=0

Fake sorenson dispatcher called! 0x405B49D4  0x44B41994
sorenson CParam: flags=0x0  size=4  what=5 (0x5) kImageCodecPreDecompressSelect
sorenson param[0] = 0x405B4B74
sorenson retcode=0

GetProcAddress(62800000,YUVSGI_CDComponentDispatch)
GetProcAddress(62800000,DD_CDComponentDispatch)
GetProcAddress(62800000,DD_CDComponentDispatch)
GetProcAddress(62800000,YUVS_CDComponentDispatch)
GetProcAddress(62800000,DD_CDComponentDispatch)
GetProcAddress(62800000,DD_CDComponentDispatch)
GetProcAddress(62800000,YUVU_CDComponentDispatch)
GetProcAddress(62800000,FakeRGBDispatcher)
GetProcAddress(62800000,RAW_CDComponentDispatch)
GetProcAddress(62800000,DD_CDComponentDispatch)
GetProcAddress(62800000,DD_CDComponentDispatch)
GetProcAddress(62800000,DD_CDComponentDispatch)
GetProcAddress(62800000,DD_CDComponentDispatch)
GetProcAddress(62800000,DD_CDComponentDispatch)
GetProcAddress(62800000,DD_CDComponentDispatch)
GetProcAddress(62800000,DD_CDComponentDispatch)
GetProcAddress(62800000,DD_CDComponentDispatch)
GetProcAddress(62800000,FakeRGBDispatcher)
GetProcAddress(62800000,FakeRGBDispatcher)
GetProcAddress(62800000,RAW_CDComponentDispatch)
GetProcAddress(62800000,RAW_CDComponentDispatch)

Fake sorenson dispatcher called! 0x405B51FC  0x44B41994
sorenson CParam: flags=0x0  size=4  what=-3 (0xFFFFFFFD) kComponentCanDoSelect
sorenson param[0] = 0x14
sorenson retcode=1

Fake sorenson dispatcher called! 0x405B51F4  0x44B41994
sorenson CParam: flags=0x0  size=4  what=-3 (0xFFFFFFFD) kComponentCanDoSelect
sorenson param[0] = 0x21
sorenson retcode=0

Fake sorenson dispatcher called! 0x405B51E4  0x44B41994
sorenson CParam: flags=0x0  size=16  what=20 (0x14) kImageCodecNewImageBufferMemorySelect
sorenson param[0] = 0x405B526C
sorenson param[1] = 0x0
sorenson param[2] = 0x62A949F0
sorenson param[3] = 0x4330A75A
sorenson retcode=0

Fake sorenson dispatcher called! 0x405B51FC  0x44B41994
sorenson CParam: flags=0x0  size=4  what=-3 (0xFFFFFFFD) kComponentCanDoSelect
sorenson param[0] = 0x26
sorenson retcode=0

Fake sorenson dispatcher called! 0x405B55D8  0x44B41994
sorenson CParam: flags=0x0  size=4  what=-3 (0xFFFFFFFD) kComponentCanDoSelect
sorenson param[0] = 0x29
sorenson retcode=0

Fake sorenson dispatcher called! 0x405B55D8  0x44B41994
sorenson CParam: flags=0x0  size=4  what=-3 (0xFFFFFFFD) kComponentCanDoSelect
sorenson param[0] = 0x28
sorenson retcode=1

Fake sorenson dispatcher called! 0x405B55C8  0x44B41994
sorenson CParam: flags=0x0  size=12  what=40 (0x28) kImageCodecRequestGammaLevelSelect
sorenson param[0] = 0x28000
sorenson param[1] = 0x28000
sorenson param[2] = 0x405B55FC
sorenson retcode=0

Fake sorenson dispatcher called! 0x405B52D0  0x44B41994
sorenson CParam: flags=0x0  size=8  what=16 (0x10) kImageCodecIsImageDescriptionEquivalentSelect
sorenson param[0] = 0x4330A434
sorenson param[1] = 0x405B5310
sorenson retcode=-2147450878

Fake sorenson dispatcher called! 0x405B53FC  0x44B41994
sorenson CParam: flags=0x0  size=4  what=42 (0x2A) ???
sorenson param[0] = 0x44C50040
sorenson retcode=0

Fake sorenson dispatcher called! 0x405B51E4  0x44B41994
sorenson CParam: flags=0x0  size=4  what=5 (0x5) kImageCodecPreDecompressSelect
sorenson param[0] = 0x405B5384
sorenson retcode=0

GetProcAddress(62800000,DD_CDComponentDispatch)
GetProcAddress(62800000,DD_CDComponentDispatch)
GetProcAddress(62800000,DD_CDComponentDispatch)
GetProcAddress(62800000,DD_CDComponentDispatch)
GetProcAddress(62800000,DD_CDComponentDispatch)
GetProcAddress(62800000,DD_CDComponentDispatch)
GetProcAddress(62800000,DD_CDComponentDispatch)
GetProcAddress(62800000,DD_CDComponentDispatch)
GetProcAddress(62800000,FakeRGBDispatcher)
GetProcAddress(62800000,FakeRGBDispatcher)
GetProcAddress(62800000,RAW_CDComponentDispatch)
GetProcAddress(62800000,RAW_CDComponentDispatch)

Fake sorenson dispatcher called! 0x405B51C4  0x44B41994
sorenson CParam: flags=0x0  size=4  what=-3 (0xFFFFFFFD) kComponentCanDoSelect
sorenson param[0] = 0x29
sorenson retcode=0

Fake sorenson dispatcher called! 0x405B51C4  0x44B41994
sorenson CParam: flags=0x0  size=4  what=-3 (0xFFFFFFFD) kComponentCanDoSelect
sorenson param[0] = 0x28
sorenson retcode=1

Fake sorenson dispatcher called! 0x405B51B4  0x44B41994
sorenson CParam: flags=0x0  size=12  what=40 (0x28) kImageCodecRequestGammaLevelSelect
sorenson param[0] = 0x28000
sorenson param[1] = 0x28000
sorenson param[2] = 0x405B51E8
sorenson retcode=0

Fake sorenson dispatcher called! 0x405B51E4  0x44B41994
sorenson CParam: flags=0x0  size=4  what=5 (0x5) kImageCodecPreDecompressSelect
sorenson param[0] = 0x405B5384
sorenson retcode=0

Fake sorenson dispatcher called! 0x405B51E4  0x44B41994
sorenson CParam: flags=0x0  size=4  what=6 (0x6) kImageCodecBandDecompressSelect
sorenson param[0] = 0x405B5384
Fake sorenson dispatcher called! 0x405B4E24  0x44B41994
sorenson CParam: flags=0x0  size=12  what=1025 (0x401) ???
sorenson param[0] = 0x405B4E94
sorenson param[1] = 0x4C353635
sorenson param[2] = 0x405B4E88
sorenson retcode=0
sorenson retcode=0

GetProcAddress(62800000,RAW_CDComponentDispatch)
GetProcAddress(62800000,RAW_CDComponentDispatch)
GetProcAddress(62800000,RAW_CDComponentDispatch)
GetProcAddress(62800000,RAW_CDComponentDispatch)

Fake sorenson dispatcher called! 0x405B564C  0x44B41994
sorenson CParam: flags=0x0  size=4  what=6 (0x6) kImageCodecBandDecompressSelect
sorenson param[0] = 0x405B57EC
sorenson retcode=0

GetProcAddress(62800000,RAW_CDComponentDispatch)
GetProcAddress(62800000,RAW_CDComponentDispatch)
GetProcAddress(62800000,RAW_CDComponentDispatch)
GetProcAddress(62800000,RAW_CDComponentDispatch)

GetProcAddress(62800000,QDM2Decompressor)
GetProcAddress(62800000,QDM2Decompressor)

Fake sorenson dispatcher called! 0x405B5D0C  0x44B41994
sorenson CParam: flags=0x0  size=8  what=16 (0x10) kImageCodecIsImageDescriptionEquivalentSelect
sorenson param[0] = 0x4330A434
sorenson param[1] = 0x405B5D4C
sorenson retcode=-2147450878

Fake sorenson dispatcher called! 0x405B5E38  0x44B41994
sorenson CParam: flags=0x0  size=4  what=42 (0x2A) ???
sorenson param[0] = 0x44C7AAE0
sorenson retcode=0

Fake sorenson dispatcher called! 0x405B5C20  0x44B41994
sorenson CParam: flags=0x0  size=4  what=6 (0x6) kImageCodecBandDecompressSelect
sorenson param[0] = 0x405B5DC0
sorenson retcode=0

GetProcAddress(62800000,CodecClockComponentDispatch)
Fake sorenson dispatcher called! 0x405B5BD8  0x44B41994
sorenson CParam: flags=0x0  size=4  what=-3 (0xFFFFFFFD) kComponentCanDoSelect
sorenson param[0] = 0x19
sorenson retcode=1

Fake sorenson dispatcher called! 0x405B5E38  0x44B41994
sorenson CParam: flags=0x0  size=4  what=42 (0x2A) ???
sorenson param[0] = 0x44C50040
sorenson retcode=0

Fake sorenson dispatcher called! 0x405B5C20  0x44B41994
sorenson CParam: flags=0x0  size=4  what=6 (0x6) kImageCodecBandDecompressSelect
sorenson param[0] = 0x405B5DC0
sorenson retcode=0

Fake sorenson dispatcher called! 0x405B5E38  0x44B41994
sorenson CParam: flags=0x0  size=4  what=42 (0x2A) ???
sorenson param[0] = 0x44C7AAE0
sorenson retcode=0

Fake sorenson dispatcher called! 0x405B5E38  0x44B41994
sorenson CParam: flags=0x0  size=4  what=42 (0x2A) ???
sorenson param[0] = 0x44C50040
sorenson retcode=0

Fake sorenson dispatcher called! 0x405B5C20  0x44B41994
sorenson CParam: flags=0x0  size=4  what=6 (0x6) kImageCodecBandDecompressSelect
sorenson param[0] = 0x405B5DC0
sorenson retcode=0

Fake sorenson dispatcher called! 0x405B5E38  0x44B41994
sorenson CParam: flags=0x0  size=4  what=42 (0x2A) ???
sorenson param[0] = 0x44C7AAE0
sorenson retcode=0

Fake sorenson dispatcher called! 0x405B5C20  0x44B41994
sorenson CParam: flags=0x0  size=4  what=6 (0x6) kImageCodecBandDecompressSelect
sorenson param[0] = 0x405B5DC0
sorenson retcode=0

Fake sorenson dispatcher called! 0x405B5E38  0x44B41994
sorenson CParam: flags=0x0  size=4  what=42 (0x2A) ???
sorenson param[0] = 0x44C50040
sorenson retcode=0

< 0x2A, 0x6 calls repeated for each frame decoding >

Fake sorenson dispatcher called! 0x405B66CC  0x44B41994
sorenson CParam: flags=0x0  size=4  what=18 (0x12) kImageCodecDisposeMemorySelect
sorenson param[0] = 0x4331C540
sorenson retcode=0

Fake sorenson dispatcher called! 0x405B6624  0x44B41994
sorenson CParam: flags=0x0  size=4  what=-2 (0xFFFFFFFE) kComponentCloseSelect
sorenson param[0] = 0x840024
sorenson retcode=0

GetProcAddress(62800000,PCExchangeComponentDispatch)

conclusions:
component management calls (what<0) use strange number (handle?) instead of
pointer to struct as i thought before:
sorenson param[0] = 0x820024

maybe we have to implement (or use the original) the component management
code, as the codec seems to calls it to get the handle resolved.


A'rpi / Astral & ESP-team

--
mailto:arpi at thot.banki.hu
http://esp-team.scene.hu



More information about the MPlayer-dev-eng mailing list