190 lines
8.2 KiB
C
190 lines
8.2 KiB
C
|
uint64_t check(char* input, int64_t len)
|
||
|
{
|
||
|
int64_t i = 0x14;
|
||
|
char* cursor = input;
|
||
|
void* end = &cursor[len];
|
||
|
void* fsbase;
|
||
|
int64_t rax = *(int64_t*)((char*)fsbase + 0x28);
|
||
|
struct context context;
|
||
|
int64_t* context_ptr = &context;
|
||
|
for (; i != 0; i = (i - 1))
|
||
|
{
|
||
|
*(int64_t*)context_ptr = 0;
|
||
|
context_ptr = &context_ptr[1];
|
||
|
}
|
||
|
// bits = 0x00ffffff
|
||
|
// visited[0] = 1
|
||
|
context.bits_queue = 0x100ffffff;
|
||
|
*(int32_t*)context_ptr = 0;
|
||
|
uint64_t res;
|
||
|
if (cursor < end)
|
||
|
{
|
||
|
while (true)
|
||
|
{
|
||
|
char* next = &cursor[1];
|
||
|
if (*(int8_t*)cursor > 4)
|
||
|
{
|
||
|
res = ((uint64_t)(context.err | 1));
|
||
|
break;
|
||
|
}
|
||
|
int32_t i;
|
||
|
uint128_t zmm0;
|
||
|
int128_t arr3_5-9;
|
||
|
int128_t arr3_1-4;
|
||
|
switch (*(int8_t*)cursor)
|
||
|
{
|
||
|
case 0:
|
||
|
{
|
||
|
int128_t arr1_1-5 = context.visited[1];
|
||
|
arr3_1-4 = context.check_board[1];
|
||
|
int128_t arr1_5-9 = context.visited[5];
|
||
|
int128_t arr1_9-13 = context.visited[9];
|
||
|
arr3_5-9 = context.check_board[5];
|
||
|
int128_t arr2_1-5 = context.board[1];
|
||
|
int32_t r12 = context.visited[5];
|
||
|
int32_t rbp_1 = context.visited[9];
|
||
|
int128_t arr2_5-9 = context.board[5];
|
||
|
int128_t arr2_9-13 = context.board[9];
|
||
|
int32_t var_38_1 = context.move;
|
||
|
int32_t err1 = (pop_count(((uint64_t)*(int32_t*)((char*)context.j)[0xc])) + pop_count(((uint64_t)context.visited[1])));
|
||
|
int32_t err2 = ((err1 + pop_count(((uint64_t)*(int32_t*)((char*)arr1_1-5)[4]))) + pop_count(((uint64_t)*(int32_t*)((char*)arr1_1-5)[8])));
|
||
|
int32_t err3 = ((err2 + pop_count(((uint64_t)*(int32_t*)((char*)arr1_1-5)[0xc]))) + pop_count(((uint64_t)r12)));
|
||
|
int32_t err4 = ((err3 + pop_count(((uint64_t)*(int32_t*)((char*)arr1_5-9)[4]))) + pop_count(((uint64_t)*(int32_t*)((char*)arr1_5-9)[8])));
|
||
|
int32_t err5 = ((err4 + pop_count(((uint64_t)*(int32_t*)((char*)arr1_5-9)[0xc]))) + pop_count(((uint64_t)rbp_1)));
|
||
|
int32_t bits = context.bits_queue;
|
||
|
int32_t err6;
|
||
|
err6 = ((err5 + pop_count(((uint64_t)*(int32_t*)((char*)arr1_9-13)[4]))) + pop_count(((uint64_t)*(int32_t*)((char*)arr1_9-13)[8]))) != 0x90;
|
||
|
int32_t err = (err6 | context.err);
|
||
|
context.err = err;
|
||
|
int128_t var_48_1 = context.check_board[9];
|
||
|
zmm0 = ((arr2_9-13 & arr3_1-4) & arr3_5-9);
|
||
|
zmm0 = (zmm0 & _mm_bsrli_si128(zmm0, 8));
|
||
|
zmm0 = (zmm0 & _mm_bsrli_si128(zmm0, 4));
|
||
|
int32_t rax_23;
|
||
|
rax_23 = (zmm0 & 0xfff) != 0xfff;
|
||
|
int32_t err = (((uint32_t)rax_23) | err);
|
||
|
uint32_t flag = 1;
|
||
|
context.err = err;
|
||
|
if (bits == 0)
|
||
|
{
|
||
|
int128_t var_48_2 = context.check_board[9];
|
||
|
int32_t flag;
|
||
|
flag = *(int32_t*)((char*)arr2_9-13)[8] != ((((((((((*(int32_t*)((char*)arr1_9-13)[0xc] ^ arr2_1-5) ^ *(int32_t*)((char*)arr2_1-5)[4]) ^ *(int32_t*)((char*)arr2_1-5)[8]) ^ *(int32_t*)((char*)arr2_1-5)[0xc]) ^ arr2_5-9) ^ *(int32_t*)((char*)arr2_5-9)[4]) ^ *(int32_t*)((char*)arr2_5-9)[8]) ^ *(int32_t*)((char*)arr2_5-9)[0xc]) ^ arr2_9-13) ^ *(int32_t*)((char*)arr2_9-13)[4]);
|
||
|
flag = ((uint32_t)flag);
|
||
|
}
|
||
|
res = ((uint64_t)(err | flag));
|
||
|
break;
|
||
|
break;
|
||
|
}
|
||
|
case 1: // cycle through instructions
|
||
|
{
|
||
|
cursor = next;
|
||
|
context.move = ((context.move + 1) & 3);
|
||
|
break;
|
||
|
}
|
||
|
// change coordinates and set nth bit of ith element of arr
|
||
|
// error if bit is already set
|
||
|
case 2:
|
||
|
{
|
||
|
enum moves op = context.move;
|
||
|
int32_t j = context.j;
|
||
|
i = context.i;
|
||
|
if (op == 0)
|
||
|
{
|
||
|
j = (j + 1);
|
||
|
}
|
||
|
else if (op == 1)
|
||
|
{
|
||
|
i = (i - 1);
|
||
|
}
|
||
|
else if (op == 2)
|
||
|
{
|
||
|
j = (j - 1);
|
||
|
}
|
||
|
else
|
||
|
{
|
||
|
op = op == 3;
|
||
|
i = (i + ((uint32_t)op));
|
||
|
}
|
||
|
int32_t row; // get element
|
||
|
int64_t i_cpy;
|
||
|
if ((j <= 0xb && i <= 0xb))
|
||
|
{
|
||
|
i_cpy = ((int64_t)i);
|
||
|
row = context.visited[i_cpy];
|
||
|
}
|
||
|
if (((j > 0xb || (j <= 0xb && i > 0xb)) || ((j <= 0xb && i <= 0xb) && (TEST_BITD(row, j)))))
|
||
|
{
|
||
|
context.err = (context.err | 1);
|
||
|
cursor = next;
|
||
|
}
|
||
|
if (((j <= 0xb && i <= 0xb) && (!(TEST_BITD(row, j)))))
|
||
|
{
|
||
|
cursor = next;
|
||
|
context.j = _mm_unpacklo_epi32(j, i); // store new indexes
|
||
|
context.visited[i_cpy] = (row | ((int32_t)(1 << j))); // set bit
|
||
|
}
|
||
|
break;
|
||
|
}
|
||
|
// set the nth bit of the ith element of arr2 if lsb of bits is set
|
||
|
// error if bits is cleared or if bitwise_check(new_element) > 2
|
||
|
case 3:
|
||
|
{
|
||
|
int32_t bits_queue = context.bits_queue;
|
||
|
int64_t i = ((int64_t)context.i);
|
||
|
int32_t bits_cleared;
|
||
|
bits_cleared = bits_queue == 0;
|
||
|
int32_t new_flags = (bits_cleared | context.err);
|
||
|
uint64_t row = ((uint64_t)(((bits_queue & 1) << ((int8_t)context.j)) | context.board[i])); // set bit
|
||
|
context.bits_queue = (bits_queue >> 1); // rshift bits
|
||
|
context.board[i] = row; // save new element of arr2
|
||
|
int32_t sub_res;
|
||
|
sub_res = pop_count(row);
|
||
|
sub_res = sub_res > 2;
|
||
|
context.err = (new_flags | ((uint32_t)sub_res));
|
||
|
cursor = next;
|
||
|
break;
|
||
|
}
|
||
|
case 4:
|
||
|
{
|
||
|
int32_t j = ((int32_t)cursor[1]);
|
||
|
int64_t i = ((int64_t)cursor[2]);
|
||
|
int32_t bits_set;
|
||
|
bits_set = context.bits_queue != 0;
|
||
|
context.err = (context.err | bits_set);
|
||
|
cursor = &cursor[3];
|
||
|
int32_t var_198_1 = context.move;
|
||
|
int32_t rax_26;
|
||
|
uint128_t zmm1;
|
||
|
int128_t zmm3;
|
||
|
int128_t zmm4;
|
||
|
int128_t zmm5;
|
||
|
int128_t zmm6;
|
||
|
rax_26 = sub_1570(j, i, context.j, context.visited[1], context.visited[5], context.visited[9], context.board[1], context.board[5], context.board[9], context.check_board[1], context.check_board[5], context.check_board[9], i);
|
||
|
context.check_board[i] = (context.check_board[i] | (rax_26 << j));
|
||
|
break;
|
||
|
}
|
||
|
}
|
||
|
if ((((*(int8_t*)cursor == 3 || *(int8_t*)cursor == 1) || *(int8_t*)cursor == 4) || *(int8_t*)cursor == 2))
|
||
|
{
|
||
|
if (cursor >= end)
|
||
|
{
|
||
|
break;
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
if ((cursor >= end || (cursor < end && *(int8_t*)cursor <= 4)))
|
||
|
{
|
||
|
res = 1;
|
||
|
}
|
||
|
*(int64_t*)((char*)fsbase + 0x28);
|
||
|
if (rax != *(int64_t*)((char*)fsbase + 0x28))
|
||
|
{
|
||
|
__stack_chk_fail();
|
||
|
/* no return */
|
||
|
}
|
||
|
return res;
|
||
|
}
|
||
|
|