This code appears to be a disassembled or decompiled output...

February 4, 2025 at 06:27 PM

/* WARNING: Function: _guard_dispatch_icall replaced with injection: guard_dispatch_icall */
/* Library Function - Single Match
    int __cdecl __scrt_common_main_seh(void)
   
   Library: Visual Studio 2019 Release */

int __cdecl __scrt_common_main_seh(void)

{
  bool bVar1;
  int iVar2;
  undefined8 uVar3;
  undefined8 uVar4;
  code **ppcVar5;
  ulonglong uVar6;
  ulonglong *puVar7;
  undefined8 unaff_RBX;
  undefined8 in_R9;
  undefined uVar8;
  
  iVar2 = (int)unaff_RBX;
  uVar3 = __scrt_initialize_crt(1);
  if ((char)uVar3 == '\0') {
    __scrt_fastfail(7);
  }
  else {
    bVar1 = false;
    uVar8 = 0;
    uVar3 = __scrt_acquire_startup_lock();
    iVar2 = (int)CONCAT71((int7)((ulonglong)unaff_RBX >> 8),(char)uVar3);
    if (DAT_140164f60 != 1) {
      if (DAT_140164f60 == 0) {
        DAT_140164f60 = 1;
        uVar4 = _initterm_e((undefined **)&DAT_1400e43e0,(undefined **)&DAT_1400e4418);
        if ((int)uVar4 != 0) {
          return 0xff;
        }
        _initterm((undefined **)&DAT_1400e43c0,(undefined **)&DAT_1400e43d8);
        DAT_140164f60 = 2;
      }
      else {
        bVar1 = true;
        uVar8 = 1;
      }
      __scrt_release_startup_lock((char)uVar3);
      ppcVar5 = (code **)FUN_1400c4cc0();
      if ((*ppcVar5 != (code *)0x0) &&
         (uVar6 = __scrt_is_nonwritable_in_current_image((longlong)ppcVar5), (char)uVar6 != '\0')) {
        (**ppcVar5)(0,2,0,in_R9,uVar8);
      }
      puVar7 = (ulonglong *)FUN_1400c4cc8();
      if ((*puVar7 != 0) &&
         (uVar6 = __scrt_is_nonwritable_in_current_image((longlong)puVar7), (char)uVar6 != '\0')) {
        _register_thread_local_exe_atexit_callback(*puVar7);
      }
      _get_initial_narrow_environment();
      FUN_1400d4c94();
      FUN_1400d4c8c();
      iVar2 = FUN_14001c770();
      uVar6 = __scrt_is_managed_app();
      if ((char)uVar6 != '\0') {
        if (!bVar1) {
          _cexit();
        }
        __scrt_uninitialize_crt(true,'\0');
        return iVar2;
      }
      goto LAB_1400c43a4;
    }
  }
  __scrt_fastfail(7);
LAB_1400c43a4:
  FUN_1400cfd5c(iVar2);
  FUN_1400cfd14(iVar2);
  __security_init_cookie();
  iVar2 = __scrt_common_main_seh();
  return iVar2;
}

This code appears to be a disassembled or decompiled output of the __scrt_common_main_seh function from Microsoft's C Runtime Library (CRT) that manages the application's main entry point. Here’s a breakdown of what this code does at a high level:

Initialization of CRT (__scrt_initialize_crt): This is an internal CRT function that initializes the CRT. If initialization fails, the program exits with a failure (__scrt_fastfail(7)).
Acquire Startup Lock (__scrt_acquire_startup_lock): A startup lock is acquired to synchronize CRT initialization steps when multiple threads could attempt initialization.
Check and Update CRT Status: The function checks the state of a global variable DAT_140164f60 which represents the initialization status of the CRT. If it's uninitialized (0), it initializes the CRT using _initterm_e and _initterm, which process the CRT's startup constructors. If initialization fails, the program terminates early. Otherwise, CRT initialization is completed successfully.
Call Specific Callbacks: The code executes certain callbacks (retrieved via FUN_1400c4cc0 and FUN_1400c4cc8) if they are defined and located in writable or managed memory.
Set Up Environment: It sets up the initial runtime environment (_get_initial_narrow_environment), handling module-specific initialization.
Application-Specific Initialization: There are calls to application-specific initialization functions such as FUN_1400d4c94, FUN_1400d4c8c, and FUN_14001c770.
Check if the Application is Managed (__scrt_is_managed_app): This function determines if the application is a managed (e.g., .NET) application. If so, it handles the shutdown differently using _cexit and __scrt_uninitialize_crt.
Error Handling and Reloop: If something goes wrong during initialization, the code ensures proper cleanup and error handling (__scrt_fastfail(7)).
Repeated Entry: The function calls itself recursively at the end (__scrt_common_main_seh), which suggests that this is a placeholder or intermediate step in a larger CRT process.
Security Setup: Calls to __security_init_cookie are responsible for initializing security mechanisms such as stack cookies to prevent certain kinds of exploits (e.g., buffer overflows).

Summary

This is a low-level function that performs the critical startup tasks for a program built on Microsoft's CRT. It initializes the runtime environment, sets up the application's context, and ensures proper error handling and cleanup. It also manages cases where the application might be part of a managed runtime like .NET. Most of the function deals with the sequence of initialization, ensuring consistency and correctness.

The function is not intended to be directly used by developers but rather forms the foundational entry point for programs compiled in Visual Studio, during startup routines, or as part of the native runtime initialization for C/C++ applications.

Generate your own explanations

Download our vscode extension

Read other generated explanations

Built by @thebuilderjr