Function Graph 0Basic Block 0Opcode: 55sub_804b32a:Opcode: 55push    ebpOpcode: 53push    ebxOpcode: 57push    ediOpcode: 56push    esiOpcode: 83 ec 1csub     esp0x1cOpcode: 8b 5c 24 34mov     ebxdword [esp+0x34 {arg_8}]Opcode: 85 dbtest    ebxebxOpcode: 0f 84 c5 02 00 00je      0x804b602Basic Block 1Opcode: 83 c4 1cadd     esp0x1c {var_10}Opcode: 5epop     esiOpcode: 5fpop     ediOpcode: 5bpop     ebxOpcode: 5dpop     ebpOpcode: e9 fd ca ff ffjmp     0x804810bBasic Block 2Opcode: 8b 54 24 30mov     edxdword [esp+0x30 {arg_4}]Opcode: 89 d8mov     eaxebxOpcode: c1 e8 14shr     eax0x14Opcode: 8a 84 02 0c 02 00 00mov     albyte [edx+eax+0x20c]Opcode: 3c 02cmp     al0x2Opcode: 0f 84 52 12 00 00je      0x804c5a7Basic Block 3Opcode: 81 24 24 ff ff ff 7fand     dword [esp]0x7fffffffOpcode: 8b 0c 24mov     ecxdword [esp]Opcode: 80 39 90cmp     byte [ecx]0x90Opcode: 0f 85 26 45 00 00jne     0x804c644Basic Block 4Opcode: f6 c3 07test    bl0x7Opcode: 0f 85 d9 f0 ff ffjne     0x804b689Basic Block 5Opcode: 3c 01cmp     al0x1Opcode: 0f 85 cb 02 00 00jne     0x804b628Basic Block 6Opcode: 59pop     ecxOpcode: 80 79 ff f4cmp     byte [ecx-0x1]0xf4Opcode: 75 08jne     0x804c653Basic Block 7Opcode: c3retn    Basic Block 8Opcode: 89 5c 24 04mov     dword [esp+data_4 {var_28}]ebxOpcode: c7 04 24 20 04 05 08mov     dword [esp {var_2c}]data_8050420  {"BAD SMALL FREE: address is not a…"}Opcode: e8 14 fc ff ffcall    sub_804b2adOpcode: e8 14 fc ff ff{ Does not return }Basic Block 9Opcode: 8d 4b f8lea     ecx[ebx-0x8]Opcode: 8b 41 04mov     eaxdword [ecx+data_4]Opcode: a8 01test    al0x1Opcode: 0f 85 dc f0 ff ffjne     0x804b69aBasic Block 10Opcode: 84 c0test    alalOpcode: 75 d6jne     0x804b602Basic Block 11Opcode: 89 d8mov     eaxebxOpcode: 25 00 f0 ff ffand     eax0xfffff000Opcode: 0f b7 00movzx   eaxword [eax]Opcode: 83 f8 0fcmp     eax0xfOpcode: 0f 87 3b 0f 00 00ja      0x804c2abBasic Block 12Opcode: 81 f9 c1 ea 04 08cmp     ecx0x804eac1Opcode: 0f 84 ac 01 00 00je      0x804c80bBasic Block 13Opcode: 81 e1 ff ff ff 7fand     ecx0x7fffffffOpcode: ff e1jmp     ecxBasic Block 14Opcode: 89 5c 24 04mov     dword [esp+data_4 {var_28}]ebxOpcode: c7 04 24 51 04 05 08mov     dword [esp {var_2c}]data_8050451  {"BAD SMALL FREE: double free ptr=…"}Opcode: e8 03 fc ff ffcall    sub_804b2adOpcode: e8 03 fc ff ff{ Does not return }Basic Block 15Opcode: 8d 50 f0lea     edx[eax-0x10]Opcode: 81 fa f1 ff 01 00cmp     edx0x1fff1Opcode: 0f 83 de f0 ff ffjae     0x804b6abBasic Block 16Opcode: 89 d8mov     eaxebxOpcode: 25 ff 0f 00 00and     eax0xfffOpcode: 83 f8 08cmp     eaxdata_8Opcode: 0f 85 80 00 00 00jne     0x804b6bcBasic Block 17Opcode: 66 3d 00 02cmp     ax0x200Opcode: 0f 87 4b ff ff ffja      0x804c200Basic Block 18Opcode: c1 e8 02shr     eax0x2Opcode: 48dec     eaxOpcode: e9 af 0c 00 00jmp     0x804c028Basic Block 19Opcode: 01 ceadd     esiecxOpcode: 89 f0mov     eaxesiOpcode: e9 30 01 00 00jmp     0x804c944Basic Block 20Opcode: 81 f9 a0 80 04 08cmp     ecx0x80480a0Opcode: 0f 84 79 da ff ffje      0x804a0e4Basic Block 21Opcode: 89 5c 24 04mov     dword [esp+data_4 {var_28}]ebxOpcode: c7 04 24 77 04 05 08mov     dword [esp {var_2c}]data_8050477  {"BAD SMALL FREE: corrupted size p…"}Opcode: e8 f2 fb ff ffcall    sub_804b2adOpcode: e8 f2 fb ff ff{ Does not return }Basic Block 22Opcode: 8b 39mov     edidword [ecx]Opcode: 8d 2c 08lea     ebp[eax+ecx]Opcode: 31 d2xor     edxedx  {data_0}Opcode: 85 fftest    ediediOpcode: 0f 84 01 fa ff ffje      0x804bfddBasic Block 23Opcode: 89 5c 24 04mov     dword [esp+data_4 {var_28}]ebxOpcode: c7 04 24 68 05 05 08mov     dword [esp {var_2c}]data_8050568  {"BAD FREE: large address is not a…"}Opcode: e8 e1 fb ff ffcall    sub_804b2adOpcode: e8 e1 fb ff ff{ Does not return }Basic Block 24Opcode: 8b 43 f8mov     eaxdword [ebx-0x8]Opcode: 39 d0cmp     eaxedxOpcode: 0f 85 86 00 00 00jne     0x804b6cdBasic Block 25Opcode: 66 3d 00 12cmp     ax0x1200Opcode: 77 b7ja      0x804c1bdBasic Block 26Opcode: c1 e8 04shr     eax0x4Opcode: 83 c0 02add     eaxdata_2Opcode: e9 68 fd ff ffjmp     0x804c028Basic Block 27Opcode: 8b 0c 82mov     ecxdword [edx+eax*4]Opcode: 89 0bmov     dword [ebx]ecxOpcode: 89 1c 82mov     dword [edx+eax*4]ebxOpcode: e9 cd f5 ff ffjmp     0x804b602Basic Block 28Opcode: 5epop     esiOpcode: 5fpop     ediOpcode: e9 c0 b7 ff ffjmp     0x804810bBasic Block 29Opcode: 56push    esiOpcode: 83 ec 18sub     esp0x18Opcode: c7 04 24 14 00 00 00mov     dword [esp]data_14Opcode: e8 0b 01 00 00call    sub_804a1ffOpcode: 90nop     Opcode: 89 c6mov     esieaxOpcode: 89 34 24mov     dword [esp]esiOpcode: c7 44 24 0c 02 00 00 00mov     dword [esp+data_c]data_2Opcode: c7 44 24 08 1c 02 05 08mov     dword [esp+data_8]data_805021cOpcode: c7 44 24 04 08 00 00 00mov     dword [esp+data_4]data_8Opcode: e8 cf fe ff ffcall    sub_8049fe6Opcode: 90nop     Opcode: 89 35 98 64 06 08mov     dword [data_8066498]esiOpcode: c7 04 24 14 00 00 00mov     dword [esp]data_14Opcode: e8 d5 00 00 00call    sub_804a1ffOpcode: 90nop     Opcode: 89 c6mov     esieaxOpcode: 89 34 24mov     dword [esp]esiOpcode: c7 44 24 0c 02 00 00 00mov     dword [esp+data_c]data_2Opcode: c7 44 24 08 1e 02 05 08mov     dword [esp+data_8]data_805021eOpcode: c7 44 24 04 09 00 00 00mov     dword [esp+data_4]data_9Opcode: e8 99 fe ff ffcall    sub_8049fe6Opcode: 90nop     Opcode: 89 35 9c 64 06 08mov     dword [data_806649c]esiOpcode: c7 04 24 14 00 00 00mov     dword [esp]data_14Opcode: e8 9f 00 00 00call    sub_804a1ffOpcode: 90nop     Opcode: 89 c6mov     esieaxOpcode: 89 34 24mov     dword [esp]esiOpcode: c7 44 24 0c 02 00 00 00mov     dword [esp+data_c]data_2Opcode: c7 44 24 08 20 02 05 08mov     dword [esp+data_8]data_8050220Opcode: c7 44 24 04 40 00 00 00mov     dword [esp+data_4]data_40Opcode: e8 63 fe ff ffcall    sub_8049fe6Opcode: 90nop     Opcode: 89 35 a0 64 06 08mov     dword [data_80664a0]esiOpcode: c7 04 24 14 00 00 00mov     dword [esp]data_14Opcode: e8 69 00 00 00call    sub_804a1ffOpcode: 90nop     Opcode: 89 c6mov     esieaxOpcode: 89 34 24mov     dword [esp]esiOpcode: c7 44 24 0c 02 00 00 00mov     dword [esp+data_c]data_2Opcode: c7 44 24 08 22 02 05 08mov     dword [esp+data_8]data_8050222Opcode: c7 44 24 04 41 00 00 00mov     dword [esp+data_4]data_41Opcode: e8 2d fe ff ffcall    sub_8049fe6Opcode: 90nop     Opcode: 89 35 a4 64 06 08mov     dword [data_80664a4]esiOpcode: c7 04 24 14 00 00 00mov     dword [esp]data_14Opcode: e8 33 00 00 00call    sub_804a1ffOpcode: 90nop     Opcode: 89 c6mov     esieaxOpcode: 89 34 24mov     dword [esp]esiOpcode: c7 44 24 0c 02 00 00 00mov     dword [esp+data_c]data_2Opcode: c7 44 24 08 24 02 05 08mov     dword [esp+data_8]data_8050224Opcode: c7 44 24 04 01 00 00 00mov     dword [esp+data_4]data_1Opcode: e8 f7 fd ff ffcall    sub_8049fe6Opcode: 90nop     Opcode: 89 35 a8 64 06 08mov     dword [data_80664a8]esiOpcode: 83 c4 18add     esp0x18Opcode: 5epop     esiOpcode: e9 0c df ff ffjmp     0x804810bBasic Block 30Opcode: b8 01 00 00 00mov     eaxdata_1Opcode: cd 80int     0x80Opcode: cd 80{ Does not return }Basic Block 31Opcode: 31 f6xor     esiesi  {data_0}Opcode: e9 fc fb ff ffjmp     0x804bbe0Basic Block 32Opcode: 89 cemov     esiecxOpcode: 29 fesub     esiediOpcode: 0f 85 cc f6 ff ffjne     0x804bcb2Basic Block 33Opcode: 89 54 24 0cmov     dword [esp+data_c {var_20}]edxOpcode: 89 44 24 08mov     dword [esp+data_8 {var_24}]eaxOpcode: 89 5c 24 04mov     dword [esp+data_4 {var_28}]ebxOpcode: c7 04 24 99 05 05 08mov     dword [esp {var_2c}]data_8050599  {"BAD FREE: wrong heap address ptr…"}Opcode: e8 c8 fb ff ffcall    sub_804b2adOpcode: e8 c8 fb ff ff{ Does not return }Basic Block 34Opcode: 8b 43 fcmov     eaxdword [ebx-0x4]Opcode: 8d 88 00 00 fe fflea     ecx[eax-0x20000]Opcode: 81 f9 ff 0f fe 7fcmp     ecx0x7ffe0fffOpcode: 77 1cja      0x804b674Basic Block 35Opcode: 05 00 ee ff ffadd     eax0xffffee00Opcode: c1 e8 0bshr     eax0xbOpcode: 83 c0 42add     eax0x42Opcode: e9 5b fe ff ffjmp     0x804c028Basic Block 36Opcode: 05 00 fe ff ffadd     eax0xfffffe00Opcode: c1 e8 07shr     eax0x7Opcode: 83 c0 22add     eax0x22Opcode: e9 12 fe ff ffjmp     0x804c028Basic Block 37Opcode: 39 45 00cmp     dword [ebp]eaxOpcode: 0f 85 12 fb ff ffjne     0x804b6fbBasic Block 38Opcode: 8b 56 04mov     edxdword [esi+data_4]Opcode: 83 e2 feand     edx0xfffffffeOpcode: 39 facmp     edxediOpcode: 0f 85 26 fa ff ffjne     0x804b6e6Basic Block 39Opcode: 31 f6xor     esiesi  {data_0}Opcode: e9 f3 f5 ff ffjmp     0x804bbe0Basic Block 40Opcode: 89 44 24 08mov     dword [esp+data_8 {var_24}]eaxOpcode: 89 5c 24 04mov     dword [esp+data_4 {var_28}]ebxOpcode: c7 04 24 cf 05 05 08mov     dword [esp {var_2c}]data_80505cf  {"BAD FREE: wrong block size ptr=%…"}Opcode: e8 25 fc ff ffcall    sub_804b2adOpcode: e8 25 fc ff ff{ Does not return }Basic Block 41Opcode: 89 c1mov     ecxeaxOpcode: 81 e1 ff 0f 00 00and     ecx0xfffOpcode: 75 12jne     0x804b674Basic Block 42Opcode: 89 5c 24 08mov     dword [esp+data_8 {var_24}]ebxOpcode: 89 6c 24 04mov     dword [esp+data_4 {var_28}]ebpOpcode: c7 04 24 d4 04 05 08mov     dword [esp {var_2c}]data_80504d4  {"BAD SMALL FREE: heap corruption …"}Opcode: e8 9e fb ff ffcall    sub_804b2adOpcode: e8 9e fb ff ff{ Does not return }Basic Block 43Opcode: 84 d2test    dldlOpcode: 8b 7c 24 30mov     edidword [esp+0x30 {arg_4}]Opcode: 74 ccje      0x804bbbdBasic Block 44Opcode: 89 5c 24 08mov     dword [esp+data_8 {var_24}]ebxOpcode: 89 74 24 04mov     dword [esp+data_4 {var_28}]esiOpcode: c7 04 24 a0 04 05 08mov     dword [esp {var_2c}]data_80504a0  {"BAD SMALL FREE: heap corruption …"}Opcode: e8 b3 fb ff ffcall    sub_804b2adOpcode: e8 b3 fb ff ff{ Does not return }Basic Block 45Opcode: b2 01mov     dl0x1Opcode: e9 19 ff ff ffjmp     0x804bbe0Basic Block 46Opcode: 83 c3 f8add     ebx0xfffffff8Opcode: 89 44 24 04mov     dword [esp+data_4 {var_28}]eaxOpcode: 89 1c 24mov     dword [esp {var_2c}]ebxOpcode: e8 55 ff ff ffcall    sub_804b5c6Opcode: 90nop     Opcode: eb 8ejmp     0x804b602Basic Block 47Opcode: 8b 5d 04mov     ebxdword [ebp+data_4]Opcode: f6 c3 01test    bl0x1Opcode: 0f 84 c1 fe ff ffje      0x804ba8aBasic Block 48Opcode: 8b 5e 04mov     ebxdword [esi+data_4]Opcode: f6 c3 01test    bl0x1Opcode: 74 c4je      0x804bbbdBasic Block 49Opcode: 8d 41 04lea     eax[ecx+data_4]Opcode: e9 89 fe ff ffjmp     0x804b91bBasic Block 50Opcode: 89 demov     esiebxOpcode: 83 e6 feand     esi0xfffffffeOpcode: 83 fe 0fcmp     esi0xfOpcode: 0f 87 cb fd ff ffja      0x804b9a2Basic Block 51Opcode: 89 dfmov     ediebxOpcode: 83 e7 feand     edi0xfffffffeOpcode: 83 ff 0fcmp     edi0xfOpcode: 0f 87 7f 01 00 00ja      0x804bd86Basic Block 52Opcode: 8b 00mov     eaxdword [eax]Opcode: 83 f8 0fcmp     eax0xfOpcode: 77 abja      0x804b8cdBasic Block 53Opcode: 81 fe 00 02 00 00cmp     esidata_200Opcode: 77 e2ja      0x804b98cBasic Block 54Opcode: c1 eb 02shr     ebx0x2Opcode: 4bdec     ebxOpcode: e9 7f fd ff ffjmp     0x804b95fBasic Block 55Opcode: 81 ff 00 02 00 00cmp     edidata_200Opcode: 77 6fja      0x804bdfdBasic Block 56Opcode: c1 eb 02shr     ebx0x2Opcode: 4bdec     ebxOpcode: e9 86 01 00 00jmp     0x804bd96Basic Block 57Opcode: 3d 00 02 00 00cmp     eaxdata_200Opcode: 77 a9ja      0x804b87dBasic Block 58Opcode: 89 c2mov     edxeaxOpcode: c1 ea 02shr     edx0x2Opcode: 4adec     edxOpcode: e9 ad fc ff ffjmp     0x804b5daBasic Block 59Opcode: 81 fe 00 12 00 00cmp     esi0x1200Opcode: 77 ddja      0x804b971Basic Block 60Opcode: c1 eb 04shr     ebx0x4Opcode: 83 c3 02add     ebxdata_2Opcode: eb adjmp     0x804b95fBasic Block 61Opcode: 89 75 04mov     dword [ebp+data_4]esiOpcode: 8b 45 08mov     eaxdword [ebp+data_8]Opcode: 85 c0test    eaxeaxOpcode: 74 eaje      0x804b953Basic Block 62Opcode: 81 ff 00 12 00 00cmp     edi0x1200Opcode: 77 ddja      0x804bde2Basic Block 63Opcode: c1 eb 04shr     ebx0x4Opcode: 83 c3 02add     ebxdata_2Opcode: eb 00jmp     0x804bd96Basic Block 64Opcode: 89 7e 04mov     dword [esi+data_4]ediOpcode: 8b 46 08mov     eaxdword [esi+data_8]Opcode: 85 c0test    eaxeaxOpcode: 74 06je      0x804bda6Basic Block 65Opcode: 3d 00 12 00 00cmp     eax0x1200Opcode: 0f 87 86 fd ff ffja      0x804b60eBasic Block 66Opcode: 89 c2mov     edxeaxOpcode: c1 ea 04shr     edx0x4Opcode: 83 c2 02add     edxdata_2Opcode: e9 f9 fc ff ffjmp     0x804b5daBasic Block 67Opcode: a8 01test    al0x1Opcode: 0f 85 bc f9 ff ffjne     0x804af9eBasic Block 68Opcode: bb 82 00 00 00mov     ebxdata_82Opcode: 81 fe 00 00 02 00cmp     esi0x20000Opcode: 77 e1ja      0x804b95fBasic Block 69Opcode: 8d 9e 00 fe ff fflea     ebx[esi-0x200]Opcode: c1 eb 07shr     ebx0x7Opcode: 83 c3 22add     ebx0x22Opcode: eb bdjmp     0x804b95fBasic Block 70Opcode: 8b 55 0cmov     edxdword [ebp+data_c]Opcode: 85 d2test    edxedxOpcode: 74 efje      0x804b949Basic Block 71Opcode: 8b 55 0cmov     edxdword [ebp+data_c]Opcode: 89 50 0cmov     dword [eax+data_c]edxOpcode: eb e2jmp     0x804b953Basic Block 72Opcode: bb 82 00 00 00mov     ebxdata_82Opcode: 81 ff 00 00 02 00cmp     edi0x20000Opcode: 77 a7ja      0x804bd96Basic Block 73Opcode: 8d 9f 00 fe ff fflea     ebx[edi-0x200]Opcode: c1 eb 07shr     ebx0x7Opcode: 83 c3 22add     ebx0x22Opcode: eb 83jmp     0x804bd96Basic Block 74Opcode: 8b 56 0cmov     edxdword [esi+data_c]Opcode: 85 d2test    edxedxOpcode: 74 03je      0x804bdb0Basic Block 75Opcode: 8b 56 0cmov     edxdword [esi+data_c]Opcode: 89 50 0cmov     dword [eax+data_c]edxBasic Block 76Opcode: ba 82 00 00 00mov     edxdata_82Opcode: 3d 00 00 02 00cmp     eax0x20000Opcode: 77 c0ja      0x804b5daBasic Block 77Opcode: 8d 90 00 fe ff fflea     edx[eax-0x200]Opcode: c1 ea 07shr     edx0x7Opcode: 83 c2 22add     edx0x22Opcode: e9 41 fd ff ffjmp     0x804b5daBasic Block 78Opcode: 89 4c 24 04mov     dword [esp+data_4 {var_28}]ecxOpcode: c7 04 24 08 05 05 08mov     dword [esp {var_2c}]data_8050508  {"BAD SMALL UNLINK: block is alrea…"}Opcode: e8 ff 02 00 00call    sub_804b2adOpcode: e8 ff 02 00 00{ Does not return }Basic Block 79Opcode: 83 c8 01or      eaxdata_1Opcode: 89 41 04mov     dword [ecx+data_4]eaxOpcode: c7 41 08 00 00 00 00mov     dword [ecx+data_8]data_0Opcode: 8b 04 97mov     eaxdword [edi+edx*4]Opcode: 89 41 0cmov     dword [ecx+data_c]eaxOpcode: 89 0c 97mov     dword [edi+edx*4]ecxOpcode: 8b 41 0cmov     eaxdword [ecx+data_c]Opcode: 85 c0test    eaxeaxOpcode: 74 03je      0x804b602Basic Block 80Opcode: 8d 9e 00 ee ff fflea     ebx[esi-0x1200]Opcode: c1 eb 0bshr     ebx0xbOpcode: 83 c3 42add     ebx0x42Opcode: eb d3jmp     0x804b95fBasic Block 81Opcode: 39 2c 9fcmp     dword [edi+ebx*4]ebpOpcode: 75 dfjne     0x804b92dBasic Block 82Opcode: 89 42 08mov     dword [edx+data_8]eaxOpcode: eb eajmp     0x804b949Basic Block 83Opcode: 8d 9f 00 ee ff fflea     ebx[edi-0x1200]Opcode: c1 eb 0bshr     ebx0xbOpcode: 83 c3 42add     ebx0x42Opcode: eb 99jmp     0x804bd96Basic Block 84Opcode: 8b 44 24 30mov     eaxdword [esp+0x30 {arg_4}]Opcode: 39 34 98cmp     dword [eax+ebx*4]esiOpcode: 75 07jne     0x804bdc0Basic Block 85Opcode: 89 42 08mov     dword [edx+data_8]eaxBasic Block 86Opcode: 8d 90 00 ee ff fflea     edx[eax-0x1200]Opcode: c1 ea 0bshr     edx0xbOpcode: 83 c2 42add     edx0x42Opcode: eb b2jmp     0x804b5daBasic Block 87Opcode: 89 48 08mov     dword [eax+data_8]ecxBasic Block 88Opcode: c7 45 08 00 00 00 00mov     dword [ebp+data_8]data_0Opcode: c7 45 0c 00 00 00 00mov     dword [ebp+data_c]data_0Opcode: 8d 41 04lea     eax[ecx+data_4]Opcode: 03 71 04add     esidword [ecx+data_4]Opcode: 89 71 04mov     dword [ecx+data_4]esiOpcode: 89 34 31mov     dword [ecx+esi]esiOpcode: eb d2jmp     0x804b91bBasic Block 89Opcode: 89 14 9fmov     dword [edi+ebx*4]edxOpcode: eb dajmp     0x804b92dBasic Block 90Opcode: c7 46 08 00 00 00 00mov     dword [esi+data_8]data_0Opcode: c7 46 0c 00 00 00 00mov     dword [esi+data_c]data_0Opcode: 03 79 04add     edidword [ecx+data_4]Opcode: 89 7e 04mov     dword [esi+data_4]ediOpcode: 89 7d 00mov     dword [ebp]ediOpcode: 89 f1mov     ecxesiOpcode: 8b 7c 24 30mov     edidword [esp+0x30 {arg_4}]Opcode: e9 db fd ff ffjmp     0x804bbbdBasic Block 91Opcode: 8b 44 24 30mov     eaxdword [esp+0x30 {arg_4}]Opcode: 89 14 98mov     dword [eax+ebx*4]edx