View Single Post
Old June 24, 2011, 14:06   #1
Join Date: May 2011
Posts: 85
Raggy is on a distinguished road
Bug: clicking on main window causes crash

Hi, I get this infrequently on Windows 7.

I debugged the issue a bit, and itsa Integer division by zero problem (see attachment)

I don't have the source code available, but I'll post the assembly code

004765C6 add esp,10h
004765C9 mov dword ptr [ebp-1C8h],64h
004765D3 jmp 00475FA2
004765D8 mov cl,byte ptr [ebp-1CAh]
004765DE xor edx,edx
004765E0 and ecx,0FFh
004765E6 mov dl,byte ptr [ebp-191h]
004765EC mov eax,ecx
004765EE mov dword ptr [ebp-16Ch],ecx
004765F4 add eax,esi
004765F6 cmp edx,eax
004765F8 je 00476607
004765FA xor ecx,ecx
004765FC mov cl,byte ptr [ebp-1C9h]
00476602 jmp 004764B1
00476607 xor ecx,ecx
00476609 xor edx,edx
0047660B mov cl,byte ptr [ebp-1C9h]
00476611 mov dl,byte ptr [ebp-192h]
00476617 lea eax,[ecx+ebx]
0047661A cmp edx,eax
0047661C jne 004764B1
00476622 jmp 00475DB4
00476627 mov esi,esi
00476629 lea edi,[edi]
00476630 push ebp
00476631 mov ecx,6
00476636 mov ebp,esp
00476638 push edi
00476639 cld
0047663A push esi
0047663B lea eax,[ebp-24h]
0047663E push ebx
0047663F mov edi,eax
00476641 sub esp,58h
00476644 mov esi,4B93B8h
00476649 rep movs dword ptr es:[edi],dword ptr [esi]
0047664B mov dword ptr [ebp-54h],eax
0047664E lea eax,[ebp-40h]
00476651 mov edi,eax
00476653 mov esi,4B939Ch
00476658 mov cl,7
0047665A mov dword ptr [ebp-58h],eax
0047665D rep movs dword ptr es:[edi],dword ptr [esi]
0047665F mov eax,dword ptr ds:[004D4EC0h]
00476664 mov ebx,dword ptr [eax+8]
00476667 and ebx,0FFFFh
0047666D shl ebx,2
00476670 push ebx
00476671 call 0048AAB0
00476676 add esp,0Ch
00476679 push ebx
0047667A push 0
0047667C push eax
0047667D call 004900B0
00476682 mov ecx,dword ptr ds:[4D4EC0h]
00476688 add esp,10h
0047668B mov ebx,eax
0047668D mov dword ptr [ebp-50h],0
00476694 cmp word ptr [ecx+8],0
00476699 je 004766E3
0047669B xor edx,edx
0047669D jmp 004766AD
0047669F nop
004766A0 mov eax,dword ptr [ecx+8]
004766A3 inc edx
004766A4 and eax,0FFFFh
004766A9 cmp eax,edx
004766AB jle 004766E3
004766AD mov eax,edx
004766AF mov esi,dword ptr ds:[4D3BC0h]
004766B5 shl eax,5
004766B8 add eax,esi
004766BA mov edi,dword ptr [eax]
004766BC test edi,edi
004766BE je 004766A0
004766C0 mov al,byte ptr [eax+0Ch]
004766C3 and eax,0FFh
004766C8 cmp eax,edx
004766CA jne 004766A0
004766CC mov eax,dword ptr [ebp-50h]
004766CF mov dword ptr [ebx+eax*4],edx
004766D2 inc eax
004766D3 mov dword ptr [ebp-50h],eax
004766D6 mov eax,dword ptr [ecx+8]
004766D9 inc edx
004766DA and eax,0FFFFh
004766DF cmp eax,edx
004766E1 jg 004766AD
004766E3 push esi
004766E4 push esi
004766E5 push 4B9127h
004766EA mov ecx,7
004766EF cld
004766F0 sub esp,1Ch
004766F3 mov esi,dword ptr [ebp-58h]
004766F6 mov edi,esp
004766F8 sub esp,18h
004766FB rep movs dword ptr es:[edi],dword ptr [esi]
004766FD mov edi,esp
004766FF mov esi,dword ptr [ebp-54h]
00476702 mov cl,6
00476704 mov edx,ebx
00476706 rep movs dword ptr es:[edi],dword ptr [esi]
00476708 mov eax,4B911Eh
0047670D mov ecx,dword ptr [ebp-50h]
00476710 call 00475420
00476715 mov dword ptr [ebp+8],ebx
00476718 add esp,40h
0047671B lea esp,[ebp-0Ch]
0047671E pop ebx
0047671F pop esi
00476720 pop edi
00476721 pop ebp
00476722 jmp 0048AA50
00476727 mov esi,esi
00476729 lea edi,[edi]
00476730 push ebp
00476731 mov ecx,6
00476736 mov ebp,esp
00476738 push edi
00476739 cld
0047673A push esi
0047673B lea eax,[ebp-24h]
0047673E push ebx
0047673F mov edi,eax
00476741 sub esp,68h
00476744 mov esi,4B9850h
00476749 rep movs dword ptr es:[edi],dword ptr [esi]
0047674B lea edx,[ebp-40h]
0047674E mov esi,4B9834h
00476753 mov edi,edx
00476755 mov cl,7
00476757 rep movs dword ptr es:[edi],dword ptr [esi]
00476759 mov dword ptr [ebp-58h],eax
0047675C mov eax,dword ptr ds:[004D4EC0h]
00476761 mov dword ptr [ebp-5Ch],edx
00476764 mov bx,word ptr [eax+0Ah]
00476768 and ebx,0FFFFh
0047676E shl ebx,2
00476771 push ebx
00476772 call 0048AAB0
00476777 add esp,0Ch
0047677A push ebx
0047677B push 0
0047677D push eax
0047677E call 004900B0
00476783 mov edx,dword ptr ds:[4D4EC0h]
00476789 add esp,10h
0047678C mov dword ptr [ebp-54h],eax
0047678F mov dword ptr [ebp-50h],0
00476796 cmp word ptr [edx+0Ah],0
0047679B je 00476854
004767A1 xor edi,edi
004767A3 xor esi,esi
004767A5 jmp 004767E9
004767A7 mov eax,dword ptr ds:[004D4900h]
004767AC xor edx,edx
004767AE mov dl,byte ptr [eax+esi+10h]
004767B2 mov eax,dword ptr ds:[004CF010h]
004767B7 mov eax,dword ptr [eax+edx*4]
004767BA test eax,eax
004767BC js 0047684C
004767C2 mov eax,dword ptr [ebp-50h]
004767C5 mov edx,dword ptr [ebp-54h]
004767C8 mov dword ptr [edx+eax*4],edi
004767CB inc eax
004767CC mov dword ptr [ebp-50h],eax
004767CF mov edx,dword ptr ds:[4D4EC0h]
004767D5 mov ax,word ptr [edx+0Ah]
004767D9 inc edi
004767DA and eax,0FFFFh
004767DF add esi,0B4h
004767E5 cmp eax,edi
004767E7 jle 00476854
004767E9 mov ebx,esi
004767EB mov eax,dword ptr ds:[004D4900h]
004767F0 add ebx,eax
004767F2 cmp byte ptr [ebx+0B1h],0
004767F9 jne 00476813
004767FB cmp word ptr [ebx+0A8h],0
00476803 jne 00476813
00476805 mov eax,dword ptr ds:[004960E4h]
0047680A cmp byte ptr [eax+0E3h],0
00476811 je 004767D5
00476813 sub esp,0Ch
00476816 lea eax,[ebx+60h]
00476819 push 4B8F1Fh
0047681E push 4B8F2Ch
00476823 push 59h
00476825 push 0Ch
00476827 push eax
00476828 call 00485E50
0047682D add esp,20h
00476830 test al,al
00476832 je 004767A7
00476838 mov eax,ebx
0047683A call 00474780
0047683F call 00474820
00476844 test al,al
00476846 je 004767A7
0047684C mov edx,dword ptr ds:[4D4EC0h]
00476852 jmp 004767D5
00476854 push edi
00476855 push edi
00476856 push 4B9150h
0047685B mov ecx,7
00476860 cld
00476861 sub esp,1Ch
00476864 mov esi,dword ptr [ebp-5Ch]
00476867 mov edi,esp
00476869 sub esp,18h
0047686C rep movs dword ptr es:[edi],dword ptr [esi]
0047686E mov edi,esp
00476870 mov esi,dword ptr [ebp-58h]
00476873 mov cl,6
00476875 mov eax,4B913Fh
0047687A rep movs dword ptr es:[edi],dword ptr [esi]
0047687C mov ecx,dword ptr [ebp-50h]
0047687F mov edx,dword ptr [ebp-54h]
00476882 call 00475420
00476887 mov eax,dword ptr [ebp-54h]
0047688A mov dword ptr [ebp+8],eax
0047688D add esp,40h
00476890 lea esp,[ebp-0Ch]
00476893 pop ebx
00476894 pop esi
00476895 pop edi
00476896 pop ebp
00476897 jmp 0048AA50
0047689C lea esi,[esi]
004768A0 push ebp
004768A1 mov ecx,6
004768A6 mov ebp,esp
004768A8 push edi
004768A9 cld
004768AA push esi
004768AB lea eax,[ebp-24h]
004768AE push ebx
004768AF mov edi,eax
004768B1 sub esp,78h
004768B4 mov esi,4B97E8h
004768B9 rep movs dword ptr es:[edi],dword ptr [esi]
004768BB lea edx,[ebp-40h]
004768BE mov esi,4B97CCh
004768C3 mov edi,edx
004768C5 mov cl,7
004768C7 rep movs dword ptr es:[edi],dword ptr [esi]
004768C9 mov dword ptr [ebp-64h],eax
004768CC mov eax,dword ptr ds:[004D4EC0h]
004768D1 mov dword ptr [ebp-68h],edx
004768D4 mov bx,word ptr [eax+0Eh]
004768D8 and ebx,0FFFFh
004768DE lea ebx,[ebx+ebx*2]
004768E1 shl ebx,2
004768E4 push ebx
004768E5 call 0048AAB0
004768EA add esp,0Ch
004768ED push ebx
004768EE push 0
004768F0 push eax
004768F1 call 004900B0
004768F6 mov dword ptr [ebp-58h],eax
004768F9 mov eax,dword ptr ds:[004D4EC0h]
004768FE mov bx,word ptr [eax+0Eh]
00476902 and ebx,0FFFFh
00476908 lea ebx,[ebx+ebx*2]
0047690B shl ebx,3
0047690E mov dword ptr [esp],ebx
00476911 call 0048AAB0
00476916 add esp,0Ch
00476919 push ebx
0047691A push 0
0047691C push eax
0047691D call 004900B0
00476922 mov ecx,dword ptr ds:[4D4EC0h]
00476928 add esp,10h
0047692B mov dword ptr [ebp-74h],eax
0047692E mov dword ptr ds:[004CF020h],eax
00476933 mov dword ptr [ebp-60h],ecx
00476936 mov dword ptr [ebp-50h],0
0047693D cmp word ptr [ecx+0Eh],0
00476942 je 004769E5
00476948 mov edi,dword ptr ds:[4CF010h]
0047694E mov eax,dword ptr ds:[004D5450h]
00476953 mov dword ptr [ebp-54h],edi
00476956 xor esi,esi
00476958 xor ebx,ebx
0047695A mov dword ptr [ebp-5Ch],eax
0047695D lea esi,[esi]
00476960 mov edx,dword ptr [ebp-5Ch]
00476963 cmp byte ptr [edx+ebx+71h],0
00476968 jne 00476978
0047696A mov eax,dword ptr ds:[004960E4h]
0047696F cmp byte ptr [eax+0E3h],0
00476976 je 004769CD
00476978 xor edx,edx
0047697A lea eax,[edx+ebx]
0047697D mov edi,dword ptr [ebp-5Ch]
00476980 mov al,byte ptr [eax+edi+23h]
00476984 test al,al
00476986 je 004769CD
00476988 and eax,0FFh
0047698D mov ecx,dword ptr [ebp-54h]
00476990 test edx,edx
00476992 mov eax,dword ptr [ecx+eax*4]
00476995 mov dword ptr [ebp-70h],eax
00476998 jne 00476A42
0047699E mov edi,dword ptr [ebp-50h]
004769A1 shl edi,3
004769A4 mov dword ptr [ebp-6Ch],edi
004769A7 mov eax,dword ptr [ebp-50h]
004769AA mov ecx,dword ptr [ebp-58h]
004769AD mov dword ptr [ecx+eax*4],eax
004769B0 mov ecx,dword ptr [ebp-6Ch]
004769B3 mov eax,dword ptr [ebp-74h]
004769B6 add eax,ecx
004769B8 mov ecx,dword ptr [ebp-70h]
004769BB mov dword ptr [eax],esi
004769BD mov dword ptr [eax+4],ecx
004769C0 mov eax,dword ptr [ebp-50h]
004769C3 inc eax
004769C4 mov dword ptr [ebp-50h],eax
004769C7 inc edx
004769C8 cmp edx,3
004769CB jne 0047697A
004769CD mov edx,dword ptr [ebp-60h]
004769D0 inc esi
004769D1 add ebx,74h
004769D4 mov ax,word ptr [edx+0Eh]
004769D8 and eax,0FFFFh
004769DD cmp eax,esi
004769DF jg 00476960
004769E5 push eax
004769E6 push eax
004769E7 push 0
004769E9 mov ecx,7
004769EE cld
004769EF sub esp,1Ch
004769F2 mov esi,dword ptr [ebp-68h]
004769F5 mov edi,esp
004769F7 sub esp,18h
004769FA rep movs dword ptr es:[edi],dword ptr [esi]
004769FC mov edi,esp
004769FE mov esi,dword ptr [ebp-64h]
00476A01 mov cl,6
00476A03 mov eax,4B9170h
00476A08 rep movs dword ptr es:[edi],dword ptr [esi]
00476A0A mov ecx,dword ptr [ebp-50h]
00476A0D mov edx,dword ptr [ebp-58h]
00476A10 call 00475420
00476A15 add esp,34h
00476A18 mov eax,dword ptr ds:[004CF020h]
00476A1D push eax
00476A1E call 0048AA50
00476A23 mov ecx,dword ptr [ebp-58h]
00476A26 mov dword ptr ds:[4CF020h],0
00476A30 add esp,10h
00476A33 mov dword ptr [ebp+8],ecx
00476A36 lea esp,[ebp-0Ch]
00476A39 pop ebx
00476A3A pop esi
00476A3B pop edi
00476A3C pop ebp
00476A3D jmp 0048AA50
00476A42 mov eax,dword ptr [ebp-50h]
00476A45 mov ecx,dword ptr [ebp-74h]
00476A48 shl eax,3
00476A4B mov edi,dword ptr [ebp-70h]
00476A4E mov dword ptr [ebp-6Ch],eax
00476A51 cmp dword ptr [eax+ecx-4],edi
00476A55 jne 004769A7
00476A5B jmp 004769C7
00476A60 push ebp
00476A61 mov ecx,6
00476A66 mov ebp,esp
00476A68 push edi
00476A69 cld
00476A6A push esi
00476A6B push ebx
00476A6C sub esp,58h
00476A6F lea edi,[ebp-24h]
00476A72 mov esi,4B981Ch
00476A77 mov eax,dword ptr ds:[004D4EC0h]
00476A7C rep movs dword ptr es:[edi],dword ptr [esi]
00476A7E lea edi,[ebp-40h]
00476A81 mov esi,4B9800h
00476A86 mov cl,7
00476A88 mov ebx,dword ptr [eax+0Ch]
00476A8B rep movs dword ptr es:[edi],dword ptr [esi]
00476A8D and ebx,0FFFFh
00476A93 shl ebx,2
00476A96 push ebx
00476A97 call 0048AAB0
00476A9C add esp,0Ch
00476A9F push ebx
00476AA0 push 0
00476AA2 push eax
00476AA3 call 004900B0
00476AA8 mov ebx,eax
00476AAA mov eax,dword ptr ds:[004D4EC0h]
00476AAF mov edx,dword ptr [eax+0Ch]
00476AB2 mov eax,ebx
00476AB4 and edx,0FFFFh
00476ABA call 00474880
00476ABF pop esi
00476AC0 pop edi
00476AC1 lea esi,[ebp-40h]
00476AC4 push 0
00476AC6 mov ecx,7
00476ACB cld
00476ACC sub esp,1Ch
00476ACF mov edx,ebx
00476AD1 mov edi,esp
00476AD3 sub esp,18h
00476AD6 rep movs dword ptr es:[edi],dword ptr [esi]
00476AD8 lea esi,[ebp-24h]
00476ADB mov edi,esp
00476ADD mov cl,6
00476ADF rep movs dword ptr es:[edi],dword ptr [esi]
00476AE1 mov ecx,eax
00476AE3 mov eax,4B917Ah
00476AE8 call 00475420
00476AED mov dword ptr [ebp+8],ebx
00476AF0 add esp,40h
00476AF3 lea esp,[ebp-0Ch]
00476AF6 pop ebx
00476AF7 pop esi
00476AF8 pop edi
00476AF9 pop ebp
00476AFA jmp 0048AA50
00476AFF nop
00476B00 push ebp
00476B01 mov ecx,6
00476B06 mov ebp,esp
00476B08 push edi
00476B09 cld
00476B0A push esi
00476B0B lea eax,[ebp-24h]
00476B0E push ebx
00476B0F mov esi,4B97B4h
00476B14 sub esp,6Ch
00476B17 mov edi,eax
00476B19 rep movs dword ptr es:[edi],dword ptr [esi]
00476B1B lea edx,[ebp-40h]
00476B1E mov esi,4B9798h
00476B23 mov edi,edx
00476B25 mov dword ptr [ebp-70h],edx
00476B28 mov edx,dword ptr ds:[4D4EC0h]
00476B2E mov cl,7
00476B30 mov dword ptr [ebp-6Ch],eax
00476B33 rep movs dword ptr es:[edi],dword ptr [esi]
00476B35 cmp word ptr [edx+10h],0
00476B3A je 00476D9A
00476B40 xor ebx,ebx
00476B42 mov dword ptr [ebp-60h],0
00476B49 mov dword ptr [ebp-54h],0
00476B50 mov eax,dword ptr ds:[004960E4h]
00476B55 mov ecx,dword ptr ds:[4D4620h]
00476B5B cmp byte ptr [eax+0E4h],0
00476B62 jne 00476B73
00476B64 mov eax,dword ptr ds:[004D3C30h]
00476B69 mov esi,dword ptr [ebp-54h]
00476B6C cmp word ptr [eax+esi],0
00476B71 je 00476BD5
00476B73 mov eax,dword ptr [ebp-54h]
00476B76 lea esi,[ecx+eax*2]
00476B79 mov ecx,dword ptr [esi+8]
00476B7C test ecx,ecx
00476B7E je 00476BD5
00476B80 sub esp,0Ch
00476B83 lea eax,[esi+22h]
00476B86 push 4B8E72h
00476B8B push 4B8F9Fh
00476B90 push 1
00476B92 push 0Ch
00476B94 push eax
00476B95 call 00485E50
00476B9A add esp,20h
00476B9D cmp al,1
00476B9F movsx edi,byte ptr [esi+4Dh]
00476BA3 sbb ebx,0FFFFFFFFh
00476BA6 mov esi,1
00476BAB nop
00476BAC lea esi,[esi]
00476BB0 push eax
00476BB1 push eax
00476BB2 mov eax,dword ptr [esi*8+4B9620h]
00476BB9 push edi
00476BBA push eax
00476BBB call 00490090
00476BC0 add esp,10h
00476BC3 cmp eax,1
00476BC6 sbb ebx,0FFFFFFFFh
00476BC9 inc esi
00476BCA cmp esi,2Eh
00476BCD jne 00476BB0
00476BCF mov edx,dword ptr ds:[4D4EC0h]
00476BD5 mov eax,dword ptr [ebp-60h]
00476BD8 inc eax
00476BD9 mov dword ptr [ebp-60h],eax
00476BDC mov eax,dword ptr [ebp-54h]
00476BDF add eax,2Ah
00476BE2 mov dword ptr [ebp-54h],eax
00476BE5 mov eax,dword ptr [edx+10h]
00476BE8 and eax,0FFFFh
00476BED cmp eax,dword ptr [ebp-60h]
00476BF0 jg 00476B50
00476BF6 lea esi,[ebx*8]
00476BFD shl ebx,2
00476C00 sub esp,0Ch
00476C03 push esi
00476C04 call 0048AAB0
00476C09 add esp,0Ch
00476C0C push esi
00476C0D push 0
00476C0F push eax
00476C10 call 004900B0
00476C15 mov dword ptr ds:[004CF020h],eax
00476C1A mov dword ptr [esp],ebx
00476C1D call 0048AAB0
00476C22 add esp,0Ch
00476C25 push ebx
00476C26 push 0
00476C28 push eax
00476C29 call 004900B0
00476C2E mov edx,dword ptr ds:[4D4EC0h]
00476C34 add esp,10h
00476C37 xor ebx,ebx
00476C39 mov dword ptr [ebp-64h],eax
00476C3C cmp word ptr [edx+10h],0
00476C41 je 00476D3B
00476C47 mov dword ptr [ebp-50h],0
00476C4E mov dword ptr [ebp-58h],0
00476C55 mov eax,dword ptr ds:[004960E4h]
00476C5A mov ecx,dword ptr ds:[4D4620h]
00476C60 cmp byte ptr [eax+0E4h],0
00476C67 jne 00476C7C
00476C69 mov eax,dword ptr ds:[004D3C30h]
00476C6E mov esi,dword ptr [ebp-58h]
00476C71 cmp word ptr [eax+esi],0
00476C76 je 00476D1A
00476C7C mov eax,dword ptr [ebp-58h]
00476C7F lea ecx,[ecx+eax*2]
00476C82 mov dword ptr [ebp-5Ch],ecx
00476C85 mov eax,dword ptr [ecx+8]
00476C88 test eax,eax
00476C8A je 00476D1A
00476C90 mov esi,1
00476C95 add ecx,22h
00476C98 mov edi,esi
00476C9A mov dword ptr [ebp-68h],ecx
00476C9D dec edi
00476C9E mov edx,dword ptr [esi*8+4B9618h]
00476CA5 jne 00476CF8
00476CA7 sub esp,0Ch
00476CAA push 4B8E72h
00476CAF push 4B8F9Fh
00476CB4 push 1
00476CB6 push 0Ch
00476CB8 mov eax,dword ptr [ebp-68h]
00476CBB push eax
00476CBC call 00485E50
00476CC1 add esp,20h
00476CC4 test al,al
00476CC6 je 00476CEB
00476CC8 mov eax,dword ptr [ebp-64h]
00476CCB mov edx,dword ptr ds:[4CF020h]
00476CD1 mov dword ptr [eax+ebx*4],ebx
00476CD4 lea eax,[ebx*8]
00476CDB add eax,edx
00476CDD mov edx,dword ptr [ebp-50h]
00476CE0 inc ebx
00476CE1 cmp esi,2Dh
00476CE4 mov dword ptr [eax],edx
00476CE6 mov dword ptr [eax+4],edi
00476CE9 ja 00476D14
00476CEB inc esi
00476CEC mov edi,esi
00476CEE dec edi
00476CEF mov edx,dword ptr [esi*8+4B9618h]
00476CF6 je 00476CA7
00476CF8 push ecx
00476CF9 push ecx
00476CFA mov ecx,dword ptr [ebp-5Ch]
00476CFD movsx eax,byte ptr [ecx+4Dh]
00476D01 push eax
00476D02 push edx
00476D03 call 00490090
00476D08 add esp,10h
00476D0B test eax,eax
00476D0D jne 00476CC8
00476D0F cmp esi,2Dh
00476D12 jbe 00476CEB
00476D14 mov edx,dword ptr ds:[4D4EC0h]
00476D1A mov eax,dword ptr [ebp-50h]
00476D1D inc eax
00476D1E mov dword ptr [ebp-50h],eax
00476D21 mov eax,dword ptr [ebp-58h]
00476D24 add eax,2Ah
00476D27 mov dword ptr [ebp-58h],eax
00476D2A mov eax,dword ptr [edx+10h]
00476D2D and eax,0FFFFh
00476D32 cmp eax,dword ptr [ebp-50h]
00476D35 jg 00476C55
00476D3B push eax
00476D3C push eax
00476D3D push 4B918Dh
00476D42 mov ecx,7
00476D47 cld
00476D48 sub esp,1Ch
00476D4B mov esi,dword ptr [ebp-70h]
00476D4E mov edi,esp
00476D50 sub esp,18h
00476D53 rep movs dword ptr es:[edi],dword ptr [esi]
00476D55 mov edi,esp
00476D57 mov esi,dword ptr [ebp-6Ch]
00476D5A mov cl,6
00476D5C mov eax,4B9184h
00476D61 rep movs dword ptr es:[edi],dword ptr [esi]
00476D63 mov ecx,ebx
00476D65 mov edx,dword ptr [ebp-64h]
00476D68 call 00475420
00476D6D add esp,34h
00476D70 mov eax,dword ptr ds:[004CF020h]
00476D75 push eax
00476D76 call 0048AA50
00476D7B mov ecx,dword ptr [ebp-64h]
00476D7E mov dword ptr ds:[4CF020h],0
00476D88 add esp,10h
00476D8B mov dword ptr [ebp+8],ecx
00476D8E lea esp,[ebp-0Ch]
00476D91 pop ebx
00476D92 pop esi
00476D93 pop edi
00476D94 pop ebp
00476D95 jmp 0048AA50
00476D9A xor esi,esi
00476D9C xor ebx,ebx
00476D9E jmp 00476C00
00476DA3 nop
00476DA4 nop
00476DA5 nop
00476DA6 nop
00476DA7 nop
00476DA8 nop
00476DA9 nop
00476DAA nop
00476DAB nop
00476DAC nop
00476DAD nop
00476DAE nop
00476DAF nop
00476DB0 push ebp
00476DB1 mov ebp,esp
00476DB3 mov eax,dword ptr [ebp+18h]
00476DB6 mov edx,dword ptr [ebp+8]
00476DB9 mov ecx,dword ptr [eax+4]
00476DBC mov eax,dword ptr [ebp+14h]
00476DBF sub edx,ecx
00476DC1 add edx,eax
00476DC3 cmp edx,dword ptr [ebp+10h]
00476DC6 jl 00476DCC
00476DC8 mov edx,dword ptr [ebp+10h]
00476DCB dec edx
00476DCC mov eax,edx
00476DCE pop ebp
00476DCF ret
00476DD0 push ebp
00476DD1 xor eax,eax
00476DD3 mov ebp,esp
00476DD5 push ebx
00476DD6 mov ebx,dword ptr [ebp+8]
00476DD9 mov edx,dword ptr [ebp+0Ch]
00476DDC mov ecx,dword ptr [ebx+0Ch]
00476DDF test ecx,ecx
00476DE1 je 00476DEC
00476DE3 mov eax,dword ptr [ebx+48h]
00476DE6 sub edx,eax
00476DE8 movsx eax,byte ptr [ecx+edx]
00476DEC pop ebx
00476DED pop ebp
00476DEE ret
00476DEF nop
00476DF0 push ebp
00476DF1 mov ebp,esp
00476DF3 mov eax,dword ptr [ebp+10h]
00476DF6 mov ecx,dword ptr [ebp+8]
00476DF9 mov dx,word ptr [eax+eax+4B6B92h]
00476E01 test dx,dx
00476E04 je 00476E20
00476E06 cmp word ptr [eax+eax+4B6BA6h],0
00476E0F jne 00476E53
00476E11 movsx eax,dx
00476E14 sar eax,1Fh
00476E17 and eax,0FFFFFFD0h
00476E1A add eax,40h
00476E1D jmp 00476E39
00476E1F nop
00476E20 mov ax,word ptr [eax+eax+4B6BA6h]
00476E28 test ax,ax
00476E2B je 00476E53
00476E2D mov edx,dword ptr [ebp+0Ch]
00476E30 cwde
00476E31 add dword ptr [edx+44h],eax
00476E34 mov eax,20h
00476E39 mov dword ptr [ecx],eax
00476E3B mov word ptr [ecx+8],0
00476E41 mov byte ptr [ecx+6],0
00476E45 mov byte ptr [ecx+5],0
00476E49 mov byte ptr [ecx+4],0
00476E4D mov eax,ecx
00476E4F pop ebp
00476E50 ret 4
00476E53 xor eax,eax
00476E55 jmp 00476E39
00476E57 mov esi,esi
00476E59 lea edi,[edi]
00476E60 push ebp
00476E61 mov ebp,esp
00476E63 push edi
00476E64 push esi
00476E65 push ebx
00476E66 mov eax,dword ptr [ebp+18h]
00476E69 mov esi,dword ptr [ebp+0Ch]
00476E6C mov edi,dword ptr [ebp+10h]
00476E6F mov edx,dword ptr [eax]
00476E71 mov ecx,dword ptr [eax+0Ch]
00476E74 sub esi,edx
00476E76 mov edx,dword ptr [eax+8]
00476E79 imul esi,ecx
00476E7C lea ebx,[ecx+edi-1]
00476E80 mov eax,edx
00476E82 sar edx,1Fh
00476E85 idiv eax,ebx
00476E87 mov edx,eax
00476E89 sar edx,1Fh
00476E8C idiv eax,ecx
00476E8E mov edx,esi
00476E90 mov ecx,eax
00476E92 sar edx,1Fh
00476E95 mov eax,esi
00476E97 idiv eax,ecx
Last line was the problem.

(doesnt seem like this forum supports the spoiler tag)
Attached Thumbnails
Click image for larger version

Name:	integer_div.JPG
Views:	163
Size:	22.0 KB
ID:	733  
Raggy is offline   Reply With Quote