Function Graph 0Basic Block 0Opcode: 55sub_804c94b:Opcode: 55push    ebpOpcode: 89 e5mov     ebpespOpcode: 53push    ebxOpcode: 57push    ediOpcode: 56push    esiOpcode: 83 e4 f0and     esp0xfffffff0 {var_10}Opcode: 83 ec 20sub     esp0x20 {var_30}Opcode: 8b 5d 0cmov     ebxdword [ebp+0xc {arg_8}]Opcode: 85 dbtest    ebxebxOpcode: 0f 84 ff 02 00 00je      0x804cc61Basic Block 1Opcode: 8d 65 f4lea     esp[ebp-0xc] {var_10}Opcode: 5epop     esiOpcode: 5fpop     ediOpcode: 5bpop     ebxOpcode: 5dpop     ebpOpcode: e9 3f b4 ff ffjmp     0x80480acBasic Block 2Opcode: 8b 55 08mov     edxdword [ebp+0x8 {arg_4}]Opcode: 89 d8mov     eaxebxOpcode: c1 e8 14shr     eax0x14Opcode: 8a 84 02 0c 02 00 00mov     albyte [edx+eax+0x20c]Opcode: 3c 02cmp     al0x2Opcode: 74 20je      0x804c995Basic Block 3Opcode: a3 48 0c 05 08mov     dword [data_8050c48]eaxOpcode: 89 15 4c 0c 05 08mov     dword [data_8050c4c]edxOpcode: 8b 04 24mov     eaxdword [esp {__return_addr}]Opcode: 31 d2xor     edxedx  {0x0}Opcode: 89 c1mov     ecxeaxOpcode: f7 35 d0 f2 04 08div     dword [data_804f2d0]Opcode: b8 d4 f2 04 08mov     eaxdata_804f2d4Opcode: c1 e2 03shl     edx0x3Opcode: 8d 04 10lea     eax[eax+edx]Basic Block 4Opcode: f6 c3 07test    bl0x7Opcode: 0f 85 e3 02 00 00jne     0x804cc81Basic Block 5Opcode: 3c 01cmp     al0x1Opcode: 75 62jne     0x804c9dbBasic Block 6Opcode: 8b 15 4c 0c 05 08mov     edxdword [data_8050c4c]Opcode: a1 48 0c 05 08mov     eaxdword [data_8050c48]Opcode: c3retn    Basic Block 7Opcode: 8b 00mov     eaxdword [eax]Opcode: 83 f8 00cmp     eax0x0Opcode: 74 c3je      0x80480a0Basic Block 8Opcode: 89 5c 24 04mov     dword [esp+0x4 {var_2c}]ebxOpcode: c7 04 24 b0 f0 04 08mov     dword [esp {var_30}]data_804f0b0  {"BAD SMALL FREE: address is not a…"}Opcode: e8 98 01 00 00call    sub_804ce29Opcode: e8 98 01 00 00{ Does not return }Basic Block 9Opcode: 8d 4b f8lea     ecx[ebx-0x8]Opcode: 8b 41 04mov     eaxdword [ecx+0x4]Opcode: a8 01test    al0x1Opcode: 0f 85 e5 02 00 00jne     0x804cc91Basic Block 10Opcode: 84 c0test    alalOpcode: 0f 85 7e 02 00 00jne     0x804cc61Basic Block 11Opcode: 89 d8mov     eaxebxOpcode: 25 00 f0 ff ffand     eax0xfffff000Opcode: 0f b7 00movzx   eaxword [eax]Opcode: 83 f8 0fcmp     eax0xfOpcode: 0f 87 a9 00 00 00ja      0x804ca35Basic Block 12Opcode: b8 01 00 00 00mov     eax0x1Opcode: bb ad 00 00 00mov     ebx0xadOpcode: cd 80int     0x80Opcode: cd 80{ Does not return }Basic Block 13Opcode: eb f0jmp     0x80480cfBasic Block 14Opcode: 89 5c 24 04mov     dword [esp+0x4 {var_2c}]ebxOpcode: c7 04 24 e1 f0 04 08mov     dword [esp {var_30}]data_804f0e1  {"BAD SMALL FREE: double free ptr=…"}Opcode: e8 88 01 00 00call    sub_804ce29Opcode: e8 88 01 00 00{ Does not return }Basic Block 15Opcode: 8d 50 f0lea     edx[eax-0x10]Opcode: 81 fa f1 ff 01 00cmp     edx0x1fff1Opcode: 0f 83 e6 02 00 00jae     0x804cca1Basic Block 16Opcode: 89 d8mov     eaxebxOpcode: 25 ff 0f 00 00and     eax0xfffOpcode: 83 f8 08cmp     eax0x8Opcode: 0f 85 be 02 00 00jne     0x804ccb1Basic Block 17Opcode: 66 3d 00 02cmp     ax0x200Opcode: 77 5dja      0x804ca98Basic Block 18Opcode: c1 e8 02shr     eax0x2Opcode: 48dec     eaxOpcode: e9 35 01 00 00jmp     0x804cacaBasic Block 19Opcode: 3b 08cmp     ecxdword [eax]Opcode: 8d 40 04lea     eax[eax+0x4]Opcode: 74 09je      0x80480dfBasic Block 20Opcode: 89 5c 24 04mov     dword [esp+0x4 {var_2c}]ebxOpcode: c7 04 24 07 f1 04 08mov     dword [esp {var_30}]data_804f107  {"BAD SMALL FREE: corrupted size p…"}Opcode: e8 78 01 00 00call    sub_804ce29Opcode: e8 78 01 00 00{ Does not return }Basic Block 21Opcode: 8b 39mov     edidword [ecx]Opcode: 85 fftest    ediediOpcode: 0f 84 81 00 00 00je      0x804ca46Basic Block 22Opcode: 89 5c 24 04mov     dword [esp+0x4 {var_2c}]ebxOpcode: c7 04 24 f8 f1 04 08mov     dword [esp {var_30}]data_804f1f8  {"BAD FREE: large address is not a…"}Opcode: e8 68 01 00 00call    sub_804ce29Opcode: e8 68 01 00 00{ Does not return }Basic Block 23Opcode: 8b 43 f8mov     eaxdword [ebx-0x8]Opcode: 39 d0cmp     eaxedxOpcode: 0f 85 c3 02 00 00jne     0x804ccc1Basic Block 24Opcode: 66 3d 00 12cmp     ax0x1200Opcode: 77 21ja      0x804cabfBasic Block 25Opcode: c1 e8 04shr     eax0x4Opcode: 83 c0 02add     eax0x2Opcode: e9 84 00 00 00jmp     0x804cacaBasic Block 26Opcode: 8b 0c 82mov     ecxdword [edx+eax*4]Opcode: 89 0bmov     dword [ebx]ecxOpcode: 89 1c 82mov     dword [edx+eax*4]ebxOpcode: e9 8a 01 00 00jmp     0x804cc61Basic Block 27Opcode: 8d 3c 08lea     edi[eax+ecx]Opcode: 31 d2xor     edxedx  {0x0}Opcode: 31 f6xor     esiesi  {0x0}Opcode: eb 14jmp     0x804ca63Basic Block 28Opcode: 8d 14 08lea     edx[eax+ecx]Opcode: 89 54 24 18mov     dword [esp+0x18 {var_18}]edxOpcode: 31 d2xor     edxedx  {0x0}Opcode: 89 cemov     esiecxOpcode: 29 fesub     esiediOpcode: 75 7bjne     0x804ca4fBasic Block 29Opcode: 89 54 24 0cmov     dword [esp+0xc {var_24}]edxOpcode: 89 44 24 08mov     dword [esp+0x8 {var_28}]eaxOpcode: 89 5c 24 04mov     dword [esp+0x4 {var_2c}]ebxOpcode: c7 04 24 29 f2 04 08mov     dword [esp {var_30}]data_804f229  {"BAD FREE: wrong heap address ptr…"}Opcode: e8 50 01 00 00call    sub_804ce29Opcode: e8 50 01 00 00{ Does not return }Basic Block 30Opcode: 8b 43 fcmov     eaxdword [ebx-0x4]Opcode: 8d 88 00 00 fe fflea     ecx[eax-0x20000]Opcode: 81 f9 ff 0f fe 7fcmp     ecx0x7ffe0fffOpcode: 0f 87 5a 02 00 00ja      0x804cc6dBasic Block 31Opcode: 05 00 ee ff ffadd     eax0xffffee00Opcode: c1 e8 0bshr     eax0xbOpcode: 83 c0 42add     eax0x42Basic Block 32Opcode: 05 00 fe ff ffadd     eax0xfffffe00Opcode: c1 e8 07shr     eax0x7Opcode: 83 c0 22add     eax0x22Opcode: eb 1fjmp     0x804cacaBasic Block 33Opcode: 39 07cmp     dword [edi]eaxOpcode: 89 f8mov     eaxediOpcode: 0f 85 80 02 00 00jne     0x804ccedBasic Block 34Opcode: 8b 56 04mov     edxdword [esi+0x4]Opcode: 83 e2 feand     edx0xfffffffeOpcode: 39 facmp     edxediOpcode: 0f 85 7c 02 00 00jne     0x804ccd9Basic Block 35Opcode: 31 f6xor     esiesi  {0x0}Opcode: e9 84 00 00 00jmp     0x804ca5fBasic Block 36Opcode: 89 44 24 08mov     dword [esp+0x8 {var_28}]eaxOpcode: 89 5c 24 04mov     dword [esp+0x4 {var_2c}]ebxOpcode: c7 04 24 5f f2 04 08mov     dword [esp {var_30}]data_804f25f  {"BAD FREE: wrong block size ptr=%…"}Opcode: e8 a8 01 00 00call    sub_804ce29Opcode: e8 a8 01 00 00{ Does not return }Basic Block 37Opcode: 89 c1mov     ecxeaxOpcode: 81 e1 ff 0f 00 00and     ecx0xfffOpcode: 0f 85 4c 02 00 00jne     0x804cc6dBasic Block 38Opcode: 89 5c 24 08mov     dword [esp+0x8 {var_28}]ebxOpcode: 89 44 24 04mov     dword [esp+0x4 {var_2c}]eaxOpcode: c7 04 24 64 f1 04 08mov     dword [esp {var_30}]data_804f164  {"BAD SMALL FREE: heap corruption …"}Opcode: e8 28 01 00 00call    sub_804ce29Opcode: e8 28 01 00 00{ Does not return }Basic Block 39Opcode: 84 d2test    dldlOpcode: 8b 7d 08mov     edidword [ebp+0x8 {arg_4}]Opcode: 0f 84 d9 00 00 00je      0x804cb51Basic Block 40Opcode: 89 5c 24 08mov     dword [esp+0x8 {var_28}]ebxOpcode: 89 74 24 04mov     dword [esp+0x4 {var_2c}]esiOpcode: c7 04 24 30 f1 04 08mov     dword [esp {var_30}]data_804f130  {"BAD SMALL FREE: heap corruption …"}Opcode: e8 3c 01 00 00call    sub_804ce29Opcode: e8 3c 01 00 00{ Does not return }Basic Block 41Opcode: b2 01mov     dl0x1Basic Block 42Opcode: 8b 7c 24 18mov     edidword [esp+0x18 {var_18}]Basic Block 43Opcode: 83 c3 f8add     ebx0xfffffff8Opcode: 89 44 24 04mov     dword [esp+0x4 {var_2c}]eaxOpcode: 89 1c 24mov     dword [esp {var_30}]ebxOpcode: e8 b9 1b 00 00call    sub_804e5e9Opcode: e9 2c 02 00 00jmp     0x804cc61Basic Block 44Opcode: 8b 58 04mov     ebxdword [eax+0x4]Opcode: f6 c3 01test    bl0x1Opcode: 74 10je      0x804cb69Basic Block 45Opcode: 8b 5e 04mov     ebxdword [esi+0x4]Opcode: f6 c3 01test    bl0x1Opcode: 0f 84 cd 00 00 00je      0x804cb51Basic Block 46Opcode: 8d 41 04lea     eax[ecx+0x4]Opcode: eb 7ejmp     0x804cbecBasic Block 47Opcode: 89 demov     esiebxOpcode: 83 e6 feand     esi0xfffffffeOpcode: 83 fe 0fcmp     esi0xfOpcode: 77 0bja      0x804cb6eBasic Block 48Opcode: 89 dfmov     ediebxOpcode: 83 e7 feand     edi0xfffffffeOpcode: 83 ff 0fcmp     edi0xfOpcode: 77 1dja      0x804caabBasic Block 49Opcode: 8b 00mov     eaxdword [eax]Opcode: 83 f8 0fcmp     eax0xfOpcode: 77 08ja      0x804cbfbBasic Block 50Opcode: 81 fe 00 02 00 00cmp     esi0x200Opcode: 77 08ja      0x804cb7eBasic Block 51Opcode: c1 eb 02shr     ebx0x2Opcode: 4bdec     ebxOpcode: eb 44jmp     0x804cbadBasic Block 52Opcode: 81 ff 00 02 00 00cmp     edi0x200Opcode: 77 24ja      0x804cad7Basic Block 53Opcode: 89 44 24 18mov     dword [esp+0x18 {var_18}]eaxOpcode: c1 eb 02shr     ebx0x2Opcode: 4bdec     ebxOpcode: eb 72jmp     0x804cb0aBasic Block 54Opcode: 3d 00 02 00 00cmp     eax0x200Opcode: 77 0aja      0x804cc0cBasic Block 55Opcode: 89 c2mov     edxeaxOpcode: c1 ea 02shr     edx0x2Opcode: 4adec     edxOpcode: eb 3ejmp     0x804cc39Basic Block 56Opcode: 81 fe 00 12 00 00cmp     esi0x1200Opcode: 77 0eja      0x804cb94Basic Block 57Opcode: c1 eb 04shr     ebx0x4Opcode: 83 c3 02add     ebx0x2Opcode: eb 2fjmp     0x804cbadBasic Block 58Opcode: 89 70 04mov     dword [eax+0x4]esiOpcode: 8b 78 08mov     edidword [eax+0x8]Opcode: 85 fftest    ediediOpcode: 74 06je      0x804cbbdBasic Block 59Opcode: 89 44 24 18mov     dword [esp+0x18 {var_18}]eaxOpcode: 81 ff 00 12 00 00cmp     edi0x1200Opcode: 77 0eja      0x804caf1Basic Block 60Opcode: 89 44 24 18mov     dword [esp+0x18 {var_18}]eaxOpcode: c1 eb 04shr     ebx0x4Opcode: 83 c3 02add     ebx0x2Opcode: eb 4bjmp     0x804cb0aBasic Block 61Opcode: 89 7e 04mov     dword [esi+0x4]ediOpcode: 8b 46 08mov     eaxdword [esi+0x8]Opcode: 85 c0test    eaxeaxOpcode: 74 06je      0x804cb1aBasic Block 62Opcode: 3d 00 12 00 00cmp     eax0x1200Opcode: 77 0eja      0x804cc21Basic Block 63Opcode: 89 c2mov     edxeaxOpcode: c1 ea 04shr     edx0x4Opcode: 83 c2 02add     edx0x2Opcode: eb 2djmp     0x804cc39Basic Block 64Opcode: a8 01test    al0x1Opcode: 0f 85 c0 00 00 00jne     0x804cd01Basic Block 65Opcode: bb 82 00 00 00mov     ebx0x82Opcode: 81 fe 00 00 02 00cmp     esi0x20000Opcode: 77 0cja      0x804cbadBasic Block 66Opcode: 8d 9e 00 fe ff fflea     ebx[esi-0x200]Opcode: c1 eb 07shr     ebx0x7Opcode: 83 c3 22add     ebx0x22Opcode: eb 19jmp     0x804cbadBasic Block 67Opcode: 8b 50 0cmov     edxdword [eax+0xc]Opcode: 85 d2test    edxedxOpcode: 74 03je      0x804cbc7Basic Block 68Opcode: 8b 50 0cmov     edxdword [eax+0xc]Opcode: 89 57 0cmov     dword [edi+0xc]edxBasic Block 69Opcode: bb 82 00 00 00mov     ebx0x82Opcode: 81 ff 00 00 02 00cmp     edi0x20000Opcode: 77 0cja      0x804cb0aBasic Block 70Opcode: 8d 9f 00 fe ff fflea     ebx[edi-0x200]Opcode: c1 eb 07shr     ebx0x7Opcode: 83 c3 22add     ebx0x22Opcode: eb 19jmp     0x804cb0aBasic Block 71Opcode: 8b 56 0cmov     edxdword [esi+0xc]Opcode: 85 d2test    edxedxOpcode: 74 03je      0x804cb24Basic Block 72Opcode: 8b 56 0cmov     edxdword [esi+0xc]Opcode: 89 50 0cmov     dword [eax+0xc]edxBasic Block 73Opcode: ba 82 00 00 00mov     edx0x82Opcode: 3d 00 00 02 00cmp     eax0x20000Opcode: 77 0cja      0x804cc39Basic Block 74Opcode: 8d 90 00 fe ff fflea     edx[eax-0x200]Opcode: c1 ea 07shr     edx0x7Opcode: 83 c2 22add     edx0x22Opcode: eb 18jmp     0x804cc39Basic Block 75Opcode: 89 4c 24 04mov     dword [esp+0x4 {var_2c}]ecxOpcode: c7 04 24 98 f1 04 08mov     dword [esp {var_30}]data_804f198  {"BAD SMALL UNLINK: block is alrea…"}Opcode: e8 18 01 00 00call    sub_804ce29Opcode: e8 18 01 00 00{ Does not return }Basic Block 76Opcode: 83 c8 01or      eax0x1Opcode: 89 41 04mov     dword [ecx+0x4]eaxOpcode: c7 41 08 00 00 00 00mov     dword [ecx+0x8]0x0Opcode: 8b 04 97mov     eaxdword [edi+edx*4]Opcode: 89 41 0cmov     dword [ecx+0xc]eaxOpcode: 89 0c 97mov     dword [edi+edx*4]ecxOpcode: 8b 41 0cmov     eaxdword [ecx+0xc]Opcode: 85 c0test    eaxeaxOpcode: 74 03je      0x804cc61Basic Block 77Opcode: 8d 9e 00 ee ff fflea     ebx[esi-0x1200]Opcode: c1 eb 0bshr     ebx0xbOpcode: 83 c3 42add     ebx0x42Basic Block 78Opcode: 8b 7d 08mov     edidword [ebp+0x8 {arg_4}]Opcode: 39 04 9fcmp     dword [edi+ebx*4]eaxOpcode: 75 03jne     0x804cbd2Basic Block 79Opcode: 89 7a 08mov     dword [edx+0x8]ediBasic Block 80Opcode: 8d 9f 00 ee ff fflea     ebx[edi-0x1200]Opcode: c1 eb 0bshr     ebx0xbOpcode: 83 c3 42add     ebx0x42Basic Block 81Opcode: 8b 45 08mov     eaxdword [ebp+0x8 {arg_4}]Opcode: 39 34 98cmp     dword [eax+ebx*4]esiOpcode: 75 06jne     0x804cb32Basic Block 82Opcode: 89 42 08mov     dword [edx+0x8]eaxBasic Block 83Opcode: 8d 90 00 ee ff fflea     edx[eax-0x1200]Opcode: c1 ea 0bshr     edx0xbOpcode: 83 c2 42add     edx0x42Basic Block 84Opcode: 89 48 08mov     dword [eax+0x8]ecxBasic Block 85Opcode: c7 40 08 00 00 00 00mov     dword [eax+0x8]0x0Opcode: c7 40 0c 00 00 00 00mov     dword [eax+0xc]0x0Opcode: 8d 41 04lea     eax[ecx+0x4]Opcode: 03 71 04add     esidword [ecx+0x4]Opcode: 89 71 04mov     dword [ecx+0x4]esiOpcode: 89 34 31mov     dword [ecx+esi]esiBasic Block 86Opcode: 89 14 9fmov     dword [edi+ebx*4]edxBasic Block 87Opcode: c7 46 08 00 00 00 00mov     dword [esi+0x8]0x0Opcode: c7 46 0c 00 00 00 00mov     dword [esi+0xc]0x0Opcode: 03 79 04add     edidword [ecx+0x4]Opcode: 89 7e 04mov     dword [esi+0x4]ediOpcode: 8b 44 24 18mov     eaxdword [esp+0x18 {var_18}]Opcode: 89 38mov     dword [eax]ediOpcode: 89 f1mov     ecxesiOpcode: 8b 7d 08mov     edidword [ebp+0x8 {arg_4}]Basic Block 88Opcode: 8b 45 08mov     eaxdword [ebp+0x8 {arg_4}]Opcode: 89 14 98mov     dword [eax+ebx*4]edx