Auscitte/ServerDllInitialization_r2dec.c

## ServerDllInitialization_r2dec.c
/* r2dec pseudo code output */
/* /home/ubuntu/basesrv.dll @ 0x180001680 */
#include <stdint.h>

int64_t ServerDllInitialization (int64_t arg_10h, int64_t arg_18h, int64_t arg_20h, int64_t arg1, int64_t arg2, int64_t arg4) {
    int64_t var_ee8h;
    int64_t var_ee0h;
    int64_t var_ea8h;
    int64_t var_ea0h;
    int64_t var_e98h;
    int64_t var_e90h;
    rdi = arg1;
    rsi = arg2;
    rcx = arg4;
    rbp = rsp - 0xde0;
    rax = *(pdb.__security_cookie);
    rax ^= rsp;
    *((rbp + 0xdd0)) = rax;
    eax = 0;
    *((rbp + 0x68)) = 4;
    *((rbp - 0x30)) = rax;
    r12d = 0;
    *((rbp - 0x28)) = rax;
    rbx = rcx;
    rax = *(gs:0x60);
    esi = 0xc0;
    *((rbp + 0x6c)) = 0x100002;
    r15d = r12d;
    *((rbp + 0x70)) = 8;
    *((rbp + 0x74)) = 0x100004;
    ecx = *((rax + 0x2c0));
    *(pdb.SessionId) = ecx;
    *((rbp + 8)) = r12;
    *((rbp - 0x38)) = r12;
    eax = uint64_t (*RtlGetCurrentServiceSessionId)(void, void, void, void) (r15, r12, rsi, rbx);
    ecx = 0xd0;
    *(pdb.ServiceSessionId) = eax;
    r9 = pdb____C__1CC_HBLFFKMG___AAT__AAM__AAP__AA__AA__AAV__AAD__AAM__AA__AA__AAS__AAX__AAS__AA__AA__AAA__AAP__AAP__AA__AA__AA__AA;
    rax = *(gs:0x60);
    r8 = "BASESRV!";
    if (*(pdb.SessionId) == eax) {
        esi = ecx;
    }
    edx = 0;
    rcx = *((rax + 0x30));
    *(pdb.BaseSrvHeap) = rcx;
    eax = uint64_t (*RtlCreateTagHeap)() ();
    rcx = *((rbx + 0x60));
    r9 = "INIT";
    r8 = "BASESHR!";
    *(pdb.BaseSrvSharedHeap) = rcx;
    edx = 0;
    *(pdb.BaseSrvTag) = eax;
    eax = uint64_t (*RtlCreateTagHeap)() ();
    rcx = pdb_BaseSrvDosDeviceCritSec;
    *((rbx + 0x20)) = r12d;
    *(pdb.BaseSrvSharedTag) = eax;
    rax = pdb_BaseServerApiDispatchTable;
    *((rbx + 0x28)) = rax;
    rax = pdb_BaseServerApiServerValidTable;
    *((rbx + 0x30)) = rax;
    rax = pdb_BaseClientConnectRoutine;
    *((rbx + 0x48)) = rax;
    rax = pdb_BaseClientDisconnectRoutine;
    *((rbx + 0x50)) = rax;
    *((rbx + 0x24)) = 0x1d;
    *((rbx + 0x40)) = 8;
    eax = uint64_t (*RtlInitializeCriticalSection)() ();
    if (eax < 0) {
        goto label_18;
    }
    arg_10h = rdi;
    rax = rbp + 0x80;
    arg_18h = r13;
    r8 = rbp + 0x20;
    *((rsp + 0xf28)) = r14;
    rdx = pdb_UnexpandedSystemRootString;
    r9d = 0;
    *((rbp + 0x28)) = rax;
    ecx = 0;
    *((rbp + 0x20)) = 0x3200000;
    r14d = 0x320;
    uint64_t (*RtlExpandEnvironmentStrings_U)() ();
    eax = *((rbp + 0x20));
    if (ax >= r14w) {
        goto label_19;
    }
    eax = (int32_t) ax;
    rax &= 0xfffffffffffffffe;
    if (rax >= r14) {
        goto label_20;
    }
    rdx = rbp + 0x80;
    *((rbp + rax + 0x80)) = r12w;
    rcx = pdb_BaseSrvWindowsDirectory;
    al = uint64_t (*RtlCreateUnicodeString)() ();
    if (al == 0) {
        goto label_19;
    }
    r8 = "\\system32";
    edx = 0x190;
    rcx = rbp + 0x80;
    uint64_t (*wcscat_s)() ();
    rdx = rbp + 0x80;
    rcx = pdb_BaseSrvWindowsSystemDirectory;
    al = uint64_t (*RtlCreateUnicodeString)() ();
    if (al == 0) {
        goto label_19;
    }
    eax = *(pdb.SessionId);
    rcx = rbp + 0x3a0;
    edx = 0x100;
    if (eax == *(pdb.ServiceSessionId)) {
        goto label_21;
    }
    r9 = "\\Sessions";
    r8 = "%ws\\%ld\\BaseNamedObjects";
    swprintf_s (eax);
    do {
        eax = *(pdb.SessionId);
        r9 = "\\Sessions";
        r8 = "%ws\\%ld\\AppContainerNamedObjects";
        edx = 0x100;
        rcx = rbp + 0x7a0;
        swprintf_s (eax);
        eax = *(pdb.SessionId);
        var_ee8h = eax;
        pdb_RtlStringCchPrintfW (rdi, rsi, 0x100, rbp + 0x5a0, "%ws\\%ld\\BaseNamedObjects", "\\Sessions");
        rdx = rbp + 0x3a0;
        rcx = rbp - 0x68;
        uint64_t (*RtlInitUnicodeString)() ();
        rdx = rbp + 0x5a0;
        rcx = rbp - 0x30;
        uint64_t (*RtlInitUnicodeString)() ();
        rdx = rbp + 0x7a0;
        rcx = rbp - 0x20;
        uint64_t (*RtlInitUnicodeString)() ();
        edx = *(pdb.BaseSrvSharedTag);
        r8d = 0xb68;
        rcx = *(pdb.BaseSrvSharedHeap);
        rax = uint64_t (*RtlAllocateHeap)() ();
        *(pdb.BaseSrvpStaticServerData) = rax;
        if (rax == 0) {
            goto label_19;
        }
        *((rbx + 0x60)) = rax;
        rdx = rax + 0x140;
        r9d = 0;
        *((rax + 0xb50)) = rax;
        *((rax + 0xb30)) = 0xffffffff;
        *((rax + 0xb38)) = r12d;
        ecx = r9 + 3;
        r8d = r9 + 0x30;
        eax = uint64_t (*NtQuerySystemInformation)() ();
        ebx = eax;
        if (eax < 0) {
            goto label_22;
        }
        rax = *(pdb.BaseSrvpStaticServerData);
        __asm ("movups xmm0, xmmword [pdb.BaseSrvWindowsDirectory]");
        edx = *(pdb.BaseSrvSharedTag);
        rcx = *(pdb.BaseSrvSharedHeap);
        __asm ("movups xmmword [rax], xmm0");
        r8d = *(0x180010932);
        rax = uint64_t (*RtlAllocateHeap)() ();
        rdi = rax;
        if (rax == 0) {
            goto label_19;
        }
        rbx = *(pdb.BaseSrvpStaticServerData);
        rcx = rax;
        r8d = *(0x180010932);
        rdx = *((rbx + 8));
        pdb_memcpy ();
        edx = *(pdb.BaseSrvSharedTag);
        rcx = *(pdb.BaseSrvSharedHeap);
        *((rbx + 8)) = rdi;
        __asm ("movups xmm0, xmmword [pdb.BaseSrvWindowsSystemDirectory]");
        __asm ("movups xmmword [rbx + 0x10], xmm0");
        r8d = *(0x180010942);
        rax = uint64_t (*RtlAllocateHeap)() ();
        rdi = rax;
        if (rax == 0) {
            goto label_19;
        }
        rbx = *(pdb.BaseSrvpStaticServerData);
        rcx = rax;
        r8d = *(0x180010942);
        rdx = *((rbx + 0x18));
        pdb_memcpy ();
        edx = *(pdb.BaseSrvSharedTag);
        rcx = *(pdb.BaseSrvSharedHeap);
        *((rbx + 0x18)) = rdi;
        *((rbx + 0x968)) = r12;
        *((rbx + 0x960)) = r12d;
        __asm ("movups xmm0, xmmword [rbp - 0x68]");
        __asm ("movups xmmword [rbx + 0x20], xmm0");
        eax = *((rbp - 0x68));
        ax += 2;
        *((rbx + 0x22)) = ax;
        r8d = *((rbp - 0x68));
        r8 += 2;
        rax = uint64_t (*RtlAllocateHeap)() ();
        rdi = rax;
        if (rax == 0) {
            goto label_19;
        }
        rbx = *(pdb.BaseSrvpStaticServerData);
        rcx = rax;
        r8d = *((rbx + 0x22));
        rdx = *((rbx + 0x28));
        pdb_memcpy ();
        edx = *(pdb.BaseSrvSharedTag);
        rcx = *(pdb.BaseSrvSharedHeap);
        *((rbx + 0x28)) = rdi;
        __asm ("movups xmm0, xmmword [rbp - 0x20]");
        __asm ("movups xmmword [rbx + 0xb40], xmm0");
        eax = *((rbp - 0x20));
        ax += 2;
        *((rbx + 0xb42)) = ax;
        r8d = *((rbp - 0x20));
        r8 += 2;
        rax = uint64_t (*RtlAllocateHeap)() ();
        rdi = rax;
        if (rax == 0) {
            goto label_19;
        }
        rbx = *(pdb.BaseSrvpStaticServerData);
        rcx = rax;
        r8d = *((rbx + 0xb42));
        rdx = *((rbx + 0xb48));
        pdb_memcpy ();
        edx = *(pdb.BaseSrvSharedTag);
        rcx = *(pdb.BaseSrvSharedHeap);
        *((rbx + 0xb48)) = rdi;
        __asm ("movups xmm0, xmmword [rbp - 0x30]");
        __asm ("movups xmmword [rbx + 0xb58], xmm0");
        eax = *((rbp - 0x30));
        ax += 2;
        *((rbx + 0xb5a)) = ax;
        r8d = *((rbp - 0x30));
        r8 += 2;
        rax = uint64_t (*RtlAllocateHeap)() ();
        rdi = rax;
        if (rax == 0) {
            goto label_19;
        }
        rbx = *(pdb.BaseSrvpStaticServerData);
        rcx = rax;
        r8d = *((rbx + 0xb5a));
        rdx = *((rbx + 0xb60));
        pdb_memcpy ();
        *((rbx + 0xb60)) = rdi;
        rax = rbp + 0x2d8;
        *((rbx + 0x970)) = r12b;
        r8 = pdb_BaseServerRegistryConfigurationTable1;
        r9d = 0;
        *(0x180010968) = rax;
        rdx = pdb____C__11LOCGONAA___AA__AA;
        *(pdb.BaseSrvCSDString) = 0xc80000;
        ecx = r9 + 3;
        eax = uint64_t (*RtlQueryRegistryValuesEx)(void) (r12);
        if (eax < 0) {
            goto label_23;
        }
        eax = *(pdb.BaseSrvCSDNumber);
        rcx = *(pdb.BaseSrvpStaticServerData);
        *((rcx + 0x36)) = ax;
        eax = *(0x180010972);
        *((rcx + 0x38)) = ax;
label_5:
        r9d = 0;
        r8 = pdb_BaseServerRegistryConfigurationTable;
        rdx = pdb____C__11LOCGONAA___AA__AA;
        ecx = r9 + 3;
        eax = uint64_t (*RtlQueryRegistryValuesEx)(void) (r12);
        if (eax < 0) {
            goto label_24;
        }
        r9d = *(pdb.BaseSrvCSDString);
        edx = 0x80;
        rcx = *(pdb.BaseSrvpStaticServerData);
        r8 = *(0x180010968);
        rcx += 0x3a;
        r9 >>= 1;
        uint64_t (*wcsncpy_s)() ();
label_6:
        edx = 0;
        rcx = pdb_BaseSrvCSDString;
        eax = uint64_t (*RtlInitUnicodeStringEx)() ();
        ebx = eax;
        if (eax < 0) {
            goto label_22;
        }
        r9d = 0;
        rdx = pdb_SysInfo;
        ecx = 0;
        r8d = r9 + 0x40;
        eax = uint64_t (*NtQuerySystemInformation)() ();
        ebx = eax;
        if (eax < 0) {
            goto label_22;
        }
        eax = pdb_BaseSrvInitializeIniFileMappings (rdi, rsi, rdx, rcx, r8);
        ebx = eax;
        if (eax < 0) {
            goto label_22;
        }
        rax = *(pdb.BaseSrvpStaticServerData);
        r8 = &var_ea8h;
        __asm ("xorps xmm0, xmm0");
        rcx = rbp - 0x10;
        edx = 0x20019;
        *((rax + 0x958)) = r12b;
        rax = 0x18000c0e8;
        __asm ("movdqu xmmword [rbp - 0x80], xmm0");
        eax = uint64_t (*NtOpenKey)(void, void, void, void) (rax, 0x30, r12, 0x40);
        if (eax >= 0) {
            goto label_25;
        }
label_7:
        rax = *(pdb.BaseSrvpStaticServerData);
        r8 = pdb_BnoRegistryConfigurationTable;
        r9d = 0;
        rdx = "Session Manager\\NamespaceSeparation";
        *((rax + 0x959)) = r12b;
        ecx = r9 + 2;
        uint64_t (*RtlQueryRegistryValuesEx)(void) (r12);
        edx = *(pdb.BaseSrvTag);
        r8d = 0x400;
        rcx = *(pdb.BaseSrvHeap);
        rax = uint64_t (*RtlAllocateHeap)() ();
        rdi = rax;
        if (rax == 0) {
            goto label_19;
        }
        edx = 1;
        rcx = rax;
        eax = uint64_t (*RtlCreateSecurityDescriptor)() ();
        ebx = eax;
        if (eax < 0) {
            goto label_22;
        }
        edx = *(pdb.BaseSrvTag);
        r8d = 0x28;
        rcx = *(pdb.BaseSrvHeap);
        rax = uint64_t (*RtlAllocateHeap)() ();
        r14 = rax;
        if (rax == 0) {
            goto label_19;
        }
        edx = 1;
        rcx = rax;
        eax = uint64_t (*RtlCreateSecurityDescriptor)() ();
        ebx = eax;
        if (eax < 0) {
            goto label_22;
        }
        if (*(pdb.InteractiveUserNameSpaceSeparation) != r12d) {
            goto label_26;
        }
label_8:
        var_ee8h = r12;
label_9:
        eax = pdb_CreateBaseAcls (rdi, rsi, rbp, rbp - 0x40, rbp - 8, rbp - 0x48);
        ebx = eax;
        if (eax < 0) {
            goto label_22;
        }
        r8 = *((rbp - 0x40));
        r9d = 0;
        dl = 1;
        rcx = rdi;
        eax = uint64_t (*RtlSetDaclSecurityDescriptor)() ();
        ebx = eax;
        if (eax < 0) {
            goto label_22;
        }
        r13 = *((rbp - 0x48));
        r9d = 0;
        r8 = r13;
        dl = 1;
        rcx = rdi;
        eax = uint64_t (*RtlSetSaclSecurityDescriptor)() ();
        ebx = eax;
        if (eax < 0) {
            goto label_22;
        }
        r12 = *((rbp - 8));
        r9d = 0;
        r8 = r12;
        dl = 1;
        rcx = r14;
        eax = uint64_t (*RtlSetDaclSecurityDescriptor)() ();
        ebx = eax;
        if (eax < 0) {
            goto label_22;
        }
        if (*(pdb.InteractiveUserNameSpaceSeparation) != 0) {
            goto label_27;
        }
label_10:
        ecx = 0;
        rax = rbp - 0x68;
        *((rbp - 0x78)) = rcx;
        r8 = &var_ea8h;
        rcx = pdb_BaseSrvNamedObjectDirectory;
        edx = 0xf000f;
        *((rbp - 0x80)) = rdi;
        eax = uint64_t (*NtCreateDirectoryObject)(void, void, void, void) (0x30, rcx, esi, rax);
        ebx = eax;
        if (eax < 0) {
            goto label_22;
        }
        ecx = 0;
        rax = rbp - 0x20;
        *((rbp - 0x78)) = rcx;
        r8 = &var_ea8h;
        rcx = pdb_BaseSrvLowBoxObjectDirectory;
        edx = 0xf000f;
        *((rbp - 0x80)) = r14;
        eax = uint64_t (*NtCreateDirectoryObject)(void, void, void, void) (0x30, rcx, esi, rax);
        ebx = eax;
        if (eax < 0) {
            goto label_22;
        }
        eax = *(pdb.SessionId);
        if (eax == *(pdb.ServiceSessionId)) {
            goto label_28;
        }
label_0:
        ebx = 0;
label_12:
        if (*(pdb.InteractiveUserNameSpaceSeparation) != 0) {
            goto label_29;
        }
label_13:
        r15d = 0;
label_14:
        r9d = 4;
        r8 = rbp - 0x58;
        rcx |= 0xffffffffffffffff;
        edx = r9 + 0x18;
        eax = uint64_t (*NtQueryInformationProcess)(void) (r15);
        if (eax < 0) {
            goto label_30;
        }
        if (*((rbp - 0x58)) == 0) {
            goto label_31;
        }
        cl = 1;
label_15:
        rax = *(pdb.BaseSrvpStaticServerData);
        *((rax + 0xb34)) = cl;
label_16:
        if (cl == 1) {
            edx = 0x80000000;
            rcx = pdb_BaseSrvDDDBSMCritSec;
            eax = uint64_t (*RtlInitializeCriticalSectionAndSpinCount)() ();
            ebx = eax;
            if (eax < 0) {
                goto label_22;
            }
        }
        rax = *(pdb.BaseSrvNamedObjectDirectory);
        r9 = 0x18000c020;
        r8 = &var_ea8h;
        rax = 0x18000c030;
        edx = 0xf0001;
        rcx = rbp - 0x70;
        *((rbp - 0x80)) = rdi;
        *((rbp - 0x78)) = r15;
        eax = uint64_t (*NtCreateSymbolicLinkObject)(void, void, void, void) (rax, 0x30, rax, esi);
        ebx = eax;
        if (eax < 0) {
            goto label_22;
        }
        eax = *(pdb.ServiceSessionId);
        if (*(pdb.SessionId) == eax) {
            goto label_32;
        }
label_1:
        rdx = rbp + 0x3a0;
        rcx = rbp + 0x38;
        uint64_t (*RtlInitUnicodeString)() ();
        rax = *(pdb.BaseSrvNamedObjectDirectory);
        r9 = rbp + 0x38;
        r8 = &var_ea8h;
        rax = 0x18000c010;
        edx = 0xf0001;
        rcx = rbp - 0x70;
        *((rbp - 0x80)) = rdi;
        *((rbp - 0x78)) = r15;
        eax = uint64_t (*NtCreateSymbolicLinkObject)(void, void, void, void) (rax, 0x30, rax, esi);
        ebx = eax;
        if (eax < 0) {
            goto label_22;
        }
        eax = *(pdb.ServiceSessionId);
        if (*(pdb.SessionId) == eax) {
            goto label_33;
        }
label_2:
        rax = *(pdb.BaseSrvNamedObjectDirectory);
        r9 = rbp - 0x20;
        r8 = &var_ea8h;
        rax = section__rdata;
        edx = 0xf0001;
        rcx = rbp - 0x70;
        *((rbp - 0x80)) = rdi;
        *((rbp - 0x78)) = r15;
        eax = uint64_t (*NtCreateSymbolicLinkObject)(void, void, void, void) (rax, 0x30, rax, esi);
        ebx = eax;
        if (eax < 0) {
            goto label_22;
        }
        eax = *(pdb.ServiceSessionId);
        if (*(pdb.SessionId) == eax) {
            goto label_34;
        }
label_3:
        rdx = "Session";
        rcx = rbp - 0x68;
        uint64_t (*RtlInitUnicodeString)() ();
        rdx = "\\Sessions\\BNOLINKS";
        rcx = rbp + 0x38;
        uint64_t (*RtlInitUnicodeString)() ();
        rax = *(pdb.BaseSrvNamedObjectDirectory);
        r9 = rbp + 0x38;
        r8 = &var_ea8h;
        rax = rbp - 0x68;
        edx = 0xf0001;
        rcx = rbp - 0x70;
        *((rbp - 0x80)) = rdi;
        *((rbp - 0x78)) = r15;
        eax = uint64_t (*NtCreateSymbolicLinkObject)(void, void, void, void) (rax, 0x30, rax, esi);
        ebx = eax;
        if (eax < 0) {
            goto label_22;
        }
        eax = *(pdb.ServiceSessionId);
        if (*(pdb.SessionId) == eax) {
            goto label_35;
        }
label_4:
        rdx = "Restricted";
        rcx = rbp - 0x68;
        uint64_t (*RtlInitUnicodeString)() ();
        r15 = *(rbp);
        r9d = 0;
        r8 = r15;
        dl = 1;
        rcx = rdi;
        eax = uint64_t (*RtlSetDaclSecurityDescriptor)() ();
        ebx = eax;
        if (eax < 0) {
            goto label_22;
        }
        rax = *(pdb.BaseSrvNamedObjectDirectory);
        r8 = &var_ea8h;
        rcx = pdb_BaseSrvRestrictedObjectDirectory;
        rax = rbp - 0x68;
        edx = 0xf000f;
        eax = 0;
        *((rbp - 0x78)) = rax;
        *((rbp - 0x80)) = rdi;
        eax = uint64_t (*NtCreateDirectoryObject)(void, void, void, void) (rax, 0x30, rax, esi);
        ebx = eax;
        if (eax < 0) {
            goto label_22;
        }
label_17:
        eax = ebx;
label_11:
        r13 = arg_18h;
        r14 = *((rsp + 0xf28));
label_18:
        rcx = *((rbp + 0xdd0));
        rcx ^= rsp;
        pdb_security_check_cookie (arg_10h, rsi, rdx);
        return rax;
label_21:
        r8 = "\\BaseNamedObjects";
        uint64_t (*wcscpy_s)() ();
    } while (1);
label_28:
    rcx = *(pdb.BaseSrvNamedObjectDirectory);
    r9d = 0;
    r8d = 0;
    edx = r9 + 5;
    eax = uint64_t (*NtSetInformationObject)() ();
    ebx = eax;
    if (eax < 0) {
        goto label_22;
    }
    eax = *(pdb.SessionId);
    if (eax == 0) {
        goto label_0;
    }
    goto label_36;
label_32:
    rcx = *((rbp - 0x70));
    uint64_t (*NtClose)() ();
    goto label_1;
label_33:
    rcx = *((rbp - 0x70));
    uint64_t (*NtClose)() ();
    goto label_2;
label_34:
    rcx = *((rbp - 0x70));
    uint64_t (*NtClose)() ();
    goto label_3;
label_35:
    rcx = *((rbp - 0x70));
    uint64_t (*NtClose)() ();
    goto label_4;
label_20:
    pdb_report_rangecheckfailure ();
    __asm ("int3");
label_23:
    rax = *(pdb.BaseSrvpStaticServerData);
    *((rax + 0x36)) = r12d;
    goto label_5;
label_24:
    rax = *(pdb.BaseSrvpStaticServerData);
    *((rax + 0x3a)) = r12w;
    goto label_6;
label_25:
    rcx = *((rbp - 0x10));
    rax = rbp + 0x30;
    r9 = rbp + 0x80;
    r8d = 2;
    rdx = 0x18000c968;
    eax = uint64_t (*NtQueryValueKey)(void, void) (rax, r14d);
    if (eax >= 0) {
        rax = *((rbp + 0x84));
        if (eax == 4) {
            rax = *(pdb.BaseSrvpStaticServerData);
            cl = (*((rbp + 0x8c)) != r12d) ? 1 : 0;
            *((rax + 0x958)) = cl;
        } else {
            if (eax != 1) {
                goto label_37;
            }
            rdx = pdb____C__17IHBDLLG___AAy__AAe__AAs__AA__AA;
            rcx = rbp + 0x8c;
            eax = uint64_t (*_wcsicmp)() ();
            if (eax != 0) {
                rdx = pdb____C__13JGCMLPCH___AA1__AA__AA;
                rcx = rbp + 0x8c;
                eax = uint64_t (*_wcsicmp)() ();
                if (eax != 0) {
                    goto label_37;
                }
            }
            rax = *(pdb.BaseSrvpStaticServerData);
            *((rax + 0x958)) = 1;
        }
    }
label_37:
    rcx = *((rbp - 0x10));
    uint64_t (*NtClose)() ();
    goto label_7;
label_26:
    edx = *(pdb.BaseSrvTag);
    r8d = 0x28;
    rcx = *(pdb.BaseSrvHeap);
    rax = uint64_t (*RtlAllocateHeap)() ();
    *((rbp + 8)) = rax;
    r15 = rax;
    if (rax == 0) {
        goto label_19;
    }
    edx = 1;
    rcx = rax;
    eax = uint64_t (*RtlCreateSecurityDescriptor)() ();
    ebx = eax;
    if (eax < 0) {
        goto label_22;
    }
    if (*(pdb.InteractiveUserNameSpaceSeparation) == r12d) {
        goto label_8;
    }
    rax = rbp - 0x38;
    var_ee8h = rax;
    goto label_9;
label_27:
    r8 = *((rbp - 0x38));
    r9d = 0;
    dl = 1;
    rcx = r15;
    eax = uint64_t (*RtlSetDaclSecurityDescriptor)() ();
    ebx = eax;
    if (eax < 0) {
        goto label_22;
    }
    goto label_10;
label_36:
    r9 = "\\Sessions";
    r8 = "%ws\\%ld\\BaseNamedObjects";
    edx = 0x100;
    rcx = rbp + 0x9a0;
    swprintf_s (eax);
    rdx = rbp + 0x9a0;
    rcx = rbp + 0x48;
    uint64_t (*RtlInitUnicodeString)() ();
    rax = rbp + 0x48;
    ebx = 0;
    r9 = 0x18000c020;
    r8 = &var_ea8h;
    edx = 0xf0001;
    *((rbp - 0x80)) = rdi;
    rcx = rbp - 0x70;
    *((rbp - 0x78)) = rbx;
    eax = uint64_t (*NtCreateSymbolicLinkObject)(void, void, void, void) (0x30, rax, rbx, esi);
    if (eax < 0) {
        goto label_11;
    }
    rcx = *((rbp - 0x70));
    uint64_t (*NtClose)() ();
    eax = *(pdb.SessionId);
    goto label_12;
label_29:
    if (eax != 0) {
        goto label_13;
    }
    *((rbp - 0x80)) = r15;
    rax = rbp - 0x30;
    r15d = 0;
    r8 = &var_ea8h;
    *((rbp - 0x78)) = r15;
    edx = 0xf000f;
    rcx = pdb_BaseSrvUserObjectDirectory;
    eax = uint64_t (*NtCreateDirectoryObject)(void, void, void, void) (0x30, rbx, esi, rax);
    ebx = eax;
    if (eax >= 0) {
        goto label_14;
label_31:
        cl = 0;
        goto label_15;
label_30:
        rax = *(pdb.BaseSrvpStaticServerData);
        cl = 0;
        *((rax + 0xb34)) = 0;
        goto label_16;
label_19:
        ebx = 0xc0000017;
    }
label_22:
    rcx = pdb_BaseSrvDosDeviceCritSec;
    uint64_t (*RtlDeleteCriticalSection)() ();
    goto label_17;
}
	/* r2dec pseudo code output */
	/* /home/ubuntu/basesrv.dll @ 0x180001680 */
	#include <stdint.h>

	int64_t ServerDllInitialization (int64_t arg_10h, int64_t arg_18h, int64_t arg_20h, int64_t arg1, int64_t arg2, int64_t arg4) {
	int64_t var_ee8h;
	int64_t var_ee0h;
	int64_t var_ea8h;
	int64_t var_ea0h;
	int64_t var_e98h;
	int64_t var_e90h;
	rdi = arg1;
	rsi = arg2;
	rcx = arg4;
	rbp = rsp - 0xde0;
	rax = *(pdb.__security_cookie);
	rax ^= rsp;
	*((rbp + 0xdd0)) = rax;
	eax = 0;
	*((rbp + 0x68)) = 4;
	*((rbp - 0x30)) = rax;
	r12d = 0;
	*((rbp - 0x28)) = rax;
	rbx = rcx;
	rax = *(gs:0x60);
	esi = 0xc0;
	*((rbp + 0x6c)) = 0x100002;
	r15d = r12d;
	*((rbp + 0x70)) = 8;
	*((rbp + 0x74)) = 0x100004;
	ecx = *((rax + 0x2c0));
	*(pdb.SessionId) = ecx;
	*((rbp + 8)) = r12;
	*((rbp - 0x38)) = r12;
	eax = uint64_t (*RtlGetCurrentServiceSessionId)(void, void, void, void) (r15, r12, rsi, rbx);
	ecx = 0xd0;
	*(pdb.ServiceSessionId) = eax;
	r9 = pdb____C__1CC_HBLFFKMG___AAT__AAM__AAP__AA__AA__AAV__AAD__AAM__AA__AA__AAS__AAX__AAS__AA__AA__AAA__AAP__AAP__AA__AA__AA__AA;
	rax = *(gs:0x60);
	r8 = "BASESRV!";
	if (*(pdb.SessionId) == eax) {
	esi = ecx;
	}
	edx = 0;
	rcx = *((rax + 0x30));
	*(pdb.BaseSrvHeap) = rcx;
	eax = uint64_t (*RtlCreateTagHeap)() ();
	rcx = *((rbx + 0x60));
	r9 = "INIT";
	r8 = "BASESHR!";
	*(pdb.BaseSrvSharedHeap) = rcx;
	edx = 0;
	*(pdb.BaseSrvTag) = eax;
	eax = uint64_t (*RtlCreateTagHeap)() ();
	rcx = pdb_BaseSrvDosDeviceCritSec;
	*((rbx + 0x20)) = r12d;
	*(pdb.BaseSrvSharedTag) = eax;
	rax = pdb_BaseServerApiDispatchTable;
	*((rbx + 0x28)) = rax;
	rax = pdb_BaseServerApiServerValidTable;
	*((rbx + 0x30)) = rax;
	rax = pdb_BaseClientConnectRoutine;
	*((rbx + 0x48)) = rax;
	rax = pdb_BaseClientDisconnectRoutine;
	*((rbx + 0x50)) = rax;
	*((rbx + 0x24)) = 0x1d;
	*((rbx + 0x40)) = 8;
	eax = uint64_t (*RtlInitializeCriticalSection)() ();
	if (eax < 0) {
	goto label_18;
	}
	arg_10h = rdi;
	rax = rbp + 0x80;
	arg_18h = r13;
	r8 = rbp + 0x20;
	*((rsp + 0xf28)) = r14;
	rdx = pdb_UnexpandedSystemRootString;
	r9d = 0;
	*((rbp + 0x28)) = rax;
	ecx = 0;
	*((rbp + 0x20)) = 0x3200000;
	r14d = 0x320;
	uint64_t (*RtlExpandEnvironmentStrings_U)() ();
	eax = *((rbp + 0x20));
	if (ax >= r14w) {
	goto label_19;
	}
	eax = (int32_t) ax;
	rax &= 0xfffffffffffffffe;
	if (rax >= r14) {
	goto label_20;
	}
	rdx = rbp + 0x80;
	*((rbp + rax + 0x80)) = r12w;
	rcx = pdb_BaseSrvWindowsDirectory;
	al = uint64_t (*RtlCreateUnicodeString)() ();
	if (al == 0) {
	goto label_19;
	}
	r8 = "\\system32";
	edx = 0x190;
	rcx = rbp + 0x80;
	uint64_t (*wcscat_s)() ();
	rdx = rbp + 0x80;
	rcx = pdb_BaseSrvWindowsSystemDirectory;
	al = uint64_t (*RtlCreateUnicodeString)() ();
	if (al == 0) {
	goto label_19;
	}
	eax = *(pdb.SessionId);
	rcx = rbp + 0x3a0;
	edx = 0x100;
	if (eax == *(pdb.ServiceSessionId)) {
	goto label_21;
	}
	r9 = "\\Sessions";
	r8 = "%ws\\%ld\\BaseNamedObjects";
	swprintf_s (eax);
	do {
	eax = *(pdb.SessionId);
	r9 = "\\Sessions";
	r8 = "%ws\\%ld\\AppContainerNamedObjects";
	edx = 0x100;
	rcx = rbp + 0x7a0;
	swprintf_s (eax);
	eax = *(pdb.SessionId);
	var_ee8h = eax;
	pdb_RtlStringCchPrintfW (rdi, rsi, 0x100, rbp + 0x5a0, "%ws\\%ld\\BaseNamedObjects", "\\Sessions");
	rdx = rbp + 0x3a0;
	rcx = rbp - 0x68;
	uint64_t (*RtlInitUnicodeString)() ();
	rdx = rbp + 0x5a0;
	rcx = rbp - 0x30;
	uint64_t (*RtlInitUnicodeString)() ();
	rdx = rbp + 0x7a0;
	rcx = rbp - 0x20;
	uint64_t (*RtlInitUnicodeString)() ();
	edx = *(pdb.BaseSrvSharedTag);
	r8d = 0xb68;
	rcx = *(pdb.BaseSrvSharedHeap);
	rax = uint64_t (*RtlAllocateHeap)() ();
	*(pdb.BaseSrvpStaticServerData) = rax;
	if (rax == 0) {
	goto label_19;
	}
	*((rbx + 0x60)) = rax;
	rdx = rax + 0x140;
	r9d = 0;
	*((rax + 0xb50)) = rax;
	*((rax + 0xb30)) = 0xffffffff;
	*((rax + 0xb38)) = r12d;
	ecx = r9 + 3;
	r8d = r9 + 0x30;
	eax = uint64_t (*NtQuerySystemInformation)() ();
	ebx = eax;
	if (eax < 0) {
	goto label_22;
	}
	rax = *(pdb.BaseSrvpStaticServerData);
	__asm ("movups xmm0, xmmword [pdb.BaseSrvWindowsDirectory]");
	edx = *(pdb.BaseSrvSharedTag);
	rcx = *(pdb.BaseSrvSharedHeap);
	__asm ("movups xmmword [rax], xmm0");
	r8d = *(0x180010932);
	rax = uint64_t (*RtlAllocateHeap)() ();
	rdi = rax;
	if (rax == 0) {
	goto label_19;
	}
	rbx = *(pdb.BaseSrvpStaticServerData);
	rcx = rax;
	r8d = *(0x180010932);
	rdx = *((rbx + 8));
	pdb_memcpy ();
	edx = *(pdb.BaseSrvSharedTag);
	rcx = *(pdb.BaseSrvSharedHeap);
	*((rbx + 8)) = rdi;
	__asm ("movups xmm0, xmmword [pdb.BaseSrvWindowsSystemDirectory]");
	__asm ("movups xmmword [rbx + 0x10], xmm0");
	r8d = *(0x180010942);
	rax = uint64_t (*RtlAllocateHeap)() ();
	rdi = rax;
	if (rax == 0) {
	goto label_19;
	}
	rbx = *(pdb.BaseSrvpStaticServerData);
	rcx = rax;
	r8d = *(0x180010942);
	rdx = *((rbx + 0x18));
	pdb_memcpy ();
	edx = *(pdb.BaseSrvSharedTag);
	rcx = *(pdb.BaseSrvSharedHeap);
	*((rbx + 0x18)) = rdi;
	*((rbx + 0x968)) = r12;
	*((rbx + 0x960)) = r12d;
	__asm ("movups xmm0, xmmword [rbp - 0x68]");
	__asm ("movups xmmword [rbx + 0x20], xmm0");
	eax = *((rbp - 0x68));
	ax += 2;
	*((rbx + 0x22)) = ax;
	r8d = *((rbp - 0x68));
	r8 += 2;
	rax = uint64_t (*RtlAllocateHeap)() ();
	rdi = rax;
	if (rax == 0) {
	goto label_19;
	}
	rbx = *(pdb.BaseSrvpStaticServerData);
	rcx = rax;
	r8d = *((rbx + 0x22));
	rdx = *((rbx + 0x28));
	pdb_memcpy ();
	edx = *(pdb.BaseSrvSharedTag);
	rcx = *(pdb.BaseSrvSharedHeap);
	*((rbx + 0x28)) = rdi;
	__asm ("movups xmm0, xmmword [rbp - 0x20]");
	__asm ("movups xmmword [rbx + 0xb40], xmm0");
	eax = *((rbp - 0x20));
	ax += 2;
	*((rbx + 0xb42)) = ax;
	r8d = *((rbp - 0x20));
	r8 += 2;
	rax = uint64_t (*RtlAllocateHeap)() ();
	rdi = rax;
	if (rax == 0) {
	goto label_19;
	}
	rbx = *(pdb.BaseSrvpStaticServerData);
	rcx = rax;
	r8d = *((rbx + 0xb42));
	rdx = *((rbx + 0xb48));
	pdb_memcpy ();
	edx = *(pdb.BaseSrvSharedTag);
	rcx = *(pdb.BaseSrvSharedHeap);
	*((rbx + 0xb48)) = rdi;
	__asm ("movups xmm0, xmmword [rbp - 0x30]");
	__asm ("movups xmmword [rbx + 0xb58], xmm0");
	eax = *((rbp - 0x30));
	ax += 2;
	*((rbx + 0xb5a)) = ax;
	r8d = *((rbp - 0x30));
	r8 += 2;
	rax = uint64_t (*RtlAllocateHeap)() ();
	rdi = rax;
	if (rax == 0) {
	goto label_19;
	}
	rbx = *(pdb.BaseSrvpStaticServerData);
	rcx = rax;
	r8d = *((rbx + 0xb5a));
	rdx = *((rbx + 0xb60));
	pdb_memcpy ();
	*((rbx + 0xb60)) = rdi;
	rax = rbp + 0x2d8;
	*((rbx + 0x970)) = r12b;
	r8 = pdb_BaseServerRegistryConfigurationTable1;
	r9d = 0;
	*(0x180010968) = rax;
	rdx = pdb____C__11LOCGONAA___AA__AA;
	*(pdb.BaseSrvCSDString) = 0xc80000;
	ecx = r9 + 3;
	eax = uint64_t (*RtlQueryRegistryValuesEx)(void) (r12);
	if (eax < 0) {
	goto label_23;
	}
	eax = *(pdb.BaseSrvCSDNumber);
	rcx = *(pdb.BaseSrvpStaticServerData);
	*((rcx + 0x36)) = ax;
	eax = *(0x180010972);
	*((rcx + 0x38)) = ax;
	label_5:
	r9d = 0;
	r8 = pdb_BaseServerRegistryConfigurationTable;
	rdx = pdb____C__11LOCGONAA___AA__AA;
	ecx = r9 + 3;
	eax = uint64_t (*RtlQueryRegistryValuesEx)(void) (r12);
	if (eax < 0) {
	goto label_24;
	}
	r9d = *(pdb.BaseSrvCSDString);
	edx = 0x80;
	rcx = *(pdb.BaseSrvpStaticServerData);
	r8 = *(0x180010968);
	rcx += 0x3a;
	r9 >>= 1;
	uint64_t (*wcsncpy_s)() ();
	label_6:
	edx = 0;
	rcx = pdb_BaseSrvCSDString;
	eax = uint64_t (*RtlInitUnicodeStringEx)() ();
	ebx = eax;
	if (eax < 0) {
	goto label_22;
	}
	r9d = 0;
	rdx = pdb_SysInfo;
	ecx = 0;
	r8d = r9 + 0x40;
	eax = uint64_t (*NtQuerySystemInformation)() ();
	ebx = eax;
	if (eax < 0) {
	goto label_22;
	}
	eax = pdb_BaseSrvInitializeIniFileMappings (rdi, rsi, rdx, rcx, r8);
	ebx = eax;
	if (eax < 0) {
	goto label_22;
	}
	rax = *(pdb.BaseSrvpStaticServerData);
	r8 = &var_ea8h;
	__asm ("xorps xmm0, xmm0");
	rcx = rbp - 0x10;
	edx = 0x20019;
	*((rax + 0x958)) = r12b;
	rax = 0x18000c0e8;
	__asm ("movdqu xmmword [rbp - 0x80], xmm0");
	eax = uint64_t (*NtOpenKey)(void, void, void, void) (rax, 0x30, r12, 0x40);
	if (eax >= 0) {
	goto label_25;
	}
	label_7:
	rax = *(pdb.BaseSrvpStaticServerData);
	r8 = pdb_BnoRegistryConfigurationTable;
	r9d = 0;
	rdx = "Session Manager\\NamespaceSeparation";
	*((rax + 0x959)) = r12b;
	ecx = r9 + 2;
	uint64_t (*RtlQueryRegistryValuesEx)(void) (r12);
	edx = *(pdb.BaseSrvTag);
	r8d = 0x400;
	rcx = *(pdb.BaseSrvHeap);
	rax = uint64_t (*RtlAllocateHeap)() ();
	rdi = rax;
	if (rax == 0) {
	goto label_19;
	}
	edx = 1;
	rcx = rax;
	eax = uint64_t (*RtlCreateSecurityDescriptor)() ();
	ebx = eax;
	if (eax < 0) {
	goto label_22;
	}
	edx = *(pdb.BaseSrvTag);
	r8d = 0x28;
	rcx = *(pdb.BaseSrvHeap);
	rax = uint64_t (*RtlAllocateHeap)() ();
	r14 = rax;
	if (rax == 0) {
	goto label_19;
	}
	edx = 1;
	rcx = rax;
	eax = uint64_t (*RtlCreateSecurityDescriptor)() ();
	ebx = eax;
	if (eax < 0) {
	goto label_22;
	}
	if (*(pdb.InteractiveUserNameSpaceSeparation) != r12d) {
	goto label_26;
	}
	label_8:
	var_ee8h = r12;
	label_9:
	eax = pdb_CreateBaseAcls (rdi, rsi, rbp, rbp - 0x40, rbp - 8, rbp - 0x48);
	ebx = eax;
	if (eax < 0) {
	goto label_22;
	}
	r8 = *((rbp - 0x40));
	r9d = 0;
	dl = 1;
	rcx = rdi;
	eax = uint64_t (*RtlSetDaclSecurityDescriptor)() ();
	ebx = eax;
	if (eax < 0) {
	goto label_22;
	}
	r13 = *((rbp - 0x48));
	r9d = 0;
	r8 = r13;
	dl = 1;
	rcx = rdi;
	eax = uint64_t (*RtlSetSaclSecurityDescriptor)() ();
	ebx = eax;
	if (eax < 0) {
	goto label_22;
	}
	r12 = *((rbp - 8));
	r9d = 0;
	r8 = r12;
	dl = 1;
	rcx = r14;
	eax = uint64_t (*RtlSetDaclSecurityDescriptor)() ();
	ebx = eax;
	if (eax < 0) {
	goto label_22;
	}
	if (*(pdb.InteractiveUserNameSpaceSeparation) != 0) {
	goto label_27;
	}
	label_10:
	ecx = 0;
	rax = rbp - 0x68;
	*((rbp - 0x78)) = rcx;
	r8 = &var_ea8h;
	rcx = pdb_BaseSrvNamedObjectDirectory;
	edx = 0xf000f;
	*((rbp - 0x80)) = rdi;
	eax = uint64_t (*NtCreateDirectoryObject)(void, void, void, void) (0x30, rcx, esi, rax);
	ebx = eax;
	if (eax < 0) {
	goto label_22;
	}
	ecx = 0;
	rax = rbp - 0x20;
	*((rbp - 0x78)) = rcx;
	r8 = &var_ea8h;
	rcx = pdb_BaseSrvLowBoxObjectDirectory;
	edx = 0xf000f;
	*((rbp - 0x80)) = r14;
	eax = uint64_t (*NtCreateDirectoryObject)(void, void, void, void) (0x30, rcx, esi, rax);
	ebx = eax;
	if (eax < 0) {
	goto label_22;
	}
	eax = *(pdb.SessionId);
	if (eax == *(pdb.ServiceSessionId)) {
	goto label_28;
	}
	label_0:
	ebx = 0;
	label_12:
	if (*(pdb.InteractiveUserNameSpaceSeparation) != 0) {
	goto label_29;
	}
	label_13:
	r15d = 0;
	label_14:
	r9d = 4;
	r8 = rbp - 0x58;
	rcx \|= 0xffffffffffffffff;
	edx = r9 + 0x18;
	eax = uint64_t (*NtQueryInformationProcess)(void) (r15);
	if (eax < 0) {
	goto label_30;
	}
	if (*((rbp - 0x58)) == 0) {
	goto label_31;
	}
	cl = 1;
	label_15:
	rax = *(pdb.BaseSrvpStaticServerData);
	*((rax + 0xb34)) = cl;
	label_16:
	if (cl == 1) {
	edx = 0x80000000;
	rcx = pdb_BaseSrvDDDBSMCritSec;
	eax = uint64_t (*RtlInitializeCriticalSectionAndSpinCount)() ();
	ebx = eax;
	if (eax < 0) {
	goto label_22;
	}
	}
	rax = *(pdb.BaseSrvNamedObjectDirectory);
	r9 = 0x18000c020;
	r8 = &var_ea8h;
	rax = 0x18000c030;
	edx = 0xf0001;
	rcx = rbp - 0x70;
	*((rbp - 0x80)) = rdi;
	*((rbp - 0x78)) = r15;
	eax = uint64_t (*NtCreateSymbolicLinkObject)(void, void, void, void) (rax, 0x30, rax, esi);
	ebx = eax;
	if (eax < 0) {
	goto label_22;
	}
	eax = *(pdb.ServiceSessionId);
	if (*(pdb.SessionId) == eax) {
	goto label_32;
	}
	label_1:
	rdx = rbp + 0x3a0;
	rcx = rbp + 0x38;
	uint64_t (*RtlInitUnicodeString)() ();
	rax = *(pdb.BaseSrvNamedObjectDirectory);
	r9 = rbp + 0x38;
	r8 = &var_ea8h;
	rax = 0x18000c010;
	edx = 0xf0001;
	rcx = rbp - 0x70;
	*((rbp - 0x80)) = rdi;
	*((rbp - 0x78)) = r15;
	eax = uint64_t (*NtCreateSymbolicLinkObject)(void, void, void, void) (rax, 0x30, rax, esi);
	ebx = eax;
	if (eax < 0) {
	goto label_22;
	}
	eax = *(pdb.ServiceSessionId);
	if (*(pdb.SessionId) == eax) {
	goto label_33;
	}
	label_2:
	rax = *(pdb.BaseSrvNamedObjectDirectory);
	r9 = rbp - 0x20;
	r8 = &var_ea8h;
	rax = section__rdata;
	edx = 0xf0001;
	rcx = rbp - 0x70;
	*((rbp - 0x80)) = rdi;
	*((rbp - 0x78)) = r15;
	eax = uint64_t (*NtCreateSymbolicLinkObject)(void, void, void, void) (rax, 0x30, rax, esi);
	ebx = eax;
	if (eax < 0) {
	goto label_22;
	}
	eax = *(pdb.ServiceSessionId);
	if (*(pdb.SessionId) == eax) {
	goto label_34;
	}
	label_3:
	rdx = "Session";
	rcx = rbp - 0x68;
	uint64_t (*RtlInitUnicodeString)() ();
	rdx = "\\Sessions\\BNOLINKS";
	rcx = rbp + 0x38;
	uint64_t (*RtlInitUnicodeString)() ();
	rax = *(pdb.BaseSrvNamedObjectDirectory);
	r9 = rbp + 0x38;
	r8 = &var_ea8h;
	rax = rbp - 0x68;
	edx = 0xf0001;
	rcx = rbp - 0x70;
	*((rbp - 0x80)) = rdi;
	*((rbp - 0x78)) = r15;
	eax = uint64_t (*NtCreateSymbolicLinkObject)(void, void, void, void) (rax, 0x30, rax, esi);
	ebx = eax;
	if (eax < 0) {
	goto label_22;
	}
	eax = *(pdb.ServiceSessionId);
	if (*(pdb.SessionId) == eax) {
	goto label_35;
	}
	label_4:
	rdx = "Restricted";
	rcx = rbp - 0x68;
	uint64_t (*RtlInitUnicodeString)() ();
	r15 = *(rbp);
	r9d = 0;
	r8 = r15;
	dl = 1;
	rcx = rdi;
	eax = uint64_t (*RtlSetDaclSecurityDescriptor)() ();
	ebx = eax;
	if (eax < 0) {
	goto label_22;
	}
	rax = *(pdb.BaseSrvNamedObjectDirectory);
	r8 = &var_ea8h;
	rcx = pdb_BaseSrvRestrictedObjectDirectory;
	rax = rbp - 0x68;
	edx = 0xf000f;
	eax = 0;
	*((rbp - 0x78)) = rax;
	*((rbp - 0x80)) = rdi;
	eax = uint64_t (*NtCreateDirectoryObject)(void, void, void, void) (rax, 0x30, rax, esi);
	ebx = eax;
	if (eax < 0) {
	goto label_22;
	}
	label_17:
	eax = ebx;
	label_11:
	r13 = arg_18h;
	r14 = *((rsp + 0xf28));
	label_18:
	rcx = *((rbp + 0xdd0));
	rcx ^= rsp;
	pdb_security_check_cookie (arg_10h, rsi, rdx);
	return rax;
	label_21:
	r8 = "\\BaseNamedObjects";
	uint64_t (*wcscpy_s)() ();
	} while (1);
	label_28:
	rcx = *(pdb.BaseSrvNamedObjectDirectory);
	r9d = 0;
	r8d = 0;
	edx = r9 + 5;
	eax = uint64_t (*NtSetInformationObject)() ();
	ebx = eax;
	if (eax < 0) {
	goto label_22;
	}
	eax = *(pdb.SessionId);
	if (eax == 0) {
	goto label_0;
	}
	goto label_36;
	label_32:
	rcx = *((rbp - 0x70));
	uint64_t (*NtClose)() ();
	goto label_1;
	label_33:
	rcx = *((rbp - 0x70));
	uint64_t (*NtClose)() ();
	goto label_2;
	label_34:
	rcx = *((rbp - 0x70));
	uint64_t (*NtClose)() ();
	goto label_3;
	label_35:
	rcx = *((rbp - 0x70));
	uint64_t (*NtClose)() ();
	goto label_4;
	label_20:
	pdb_report_rangecheckfailure ();
	__asm ("int3");
	label_23:
	rax = *(pdb.BaseSrvpStaticServerData);
	*((rax + 0x36)) = r12d;
	goto label_5;
	label_24:
	rax = *(pdb.BaseSrvpStaticServerData);
	*((rax + 0x3a)) = r12w;
	goto label_6;
	label_25:
	rcx = *((rbp - 0x10));
	rax = rbp + 0x30;
	r9 = rbp + 0x80;
	r8d = 2;
	rdx = 0x18000c968;
	eax = uint64_t (*NtQueryValueKey)(void, void) (rax, r14d);
	if (eax >= 0) {
	rax = *((rbp + 0x84));
	if (eax == 4) {
	rax = *(pdb.BaseSrvpStaticServerData);
	cl = (*((rbp + 0x8c)) != r12d) ? 1 : 0;
	*((rax + 0x958)) = cl;
	} else {
	if (eax != 1) {
	goto label_37;
	}
	rdx = pdb____C__17IHBDLLG___AAy__AAe__AAs__AA__AA;
	rcx = rbp + 0x8c;
	eax = uint64_t (*_wcsicmp)() ();
	if (eax != 0) {
	rdx = pdb____C__13JGCMLPCH___AA1__AA__AA;
	rcx = rbp + 0x8c;
	eax = uint64_t (*_wcsicmp)() ();
	if (eax != 0) {
	goto label_37;
	}
	}
	rax = *(pdb.BaseSrvpStaticServerData);
	*((rax + 0x958)) = 1;
	}
	}
	label_37:
	rcx = *((rbp - 0x10));
	uint64_t (*NtClose)() ();
	goto label_7;
	label_26:
	edx = *(pdb.BaseSrvTag);
	r8d = 0x28;
	rcx = *(pdb.BaseSrvHeap);
	rax = uint64_t (*RtlAllocateHeap)() ();
	*((rbp + 8)) = rax;
	r15 = rax;
	if (rax == 0) {
	goto label_19;
	}
	edx = 1;
	rcx = rax;
	eax = uint64_t (*RtlCreateSecurityDescriptor)() ();
	ebx = eax;
	if (eax < 0) {
	goto label_22;
	}
	if (*(pdb.InteractiveUserNameSpaceSeparation) == r12d) {
	goto label_8;
	}
	rax = rbp - 0x38;
	var_ee8h = rax;
	goto label_9;
	label_27:
	r8 = *((rbp - 0x38));
	r9d = 0;
	dl = 1;
	rcx = r15;
	eax = uint64_t (*RtlSetDaclSecurityDescriptor)() ();
	ebx = eax;
	if (eax < 0) {
	goto label_22;
	}
	goto label_10;
	label_36:
	r9 = "\\Sessions";
	r8 = "%ws\\%ld\\BaseNamedObjects";
	edx = 0x100;
	rcx = rbp + 0x9a0;
	swprintf_s (eax);
	rdx = rbp + 0x9a0;
	rcx = rbp + 0x48;
	uint64_t (*RtlInitUnicodeString)() ();
	rax = rbp + 0x48;
	ebx = 0;
	r9 = 0x18000c020;
	r8 = &var_ea8h;
	edx = 0xf0001;
	*((rbp - 0x80)) = rdi;
	rcx = rbp - 0x70;
	*((rbp - 0x78)) = rbx;
	eax = uint64_t (*NtCreateSymbolicLinkObject)(void, void, void, void) (0x30, rax, rbx, esi);
	if (eax < 0) {
	goto label_11;
	}
	rcx = *((rbp - 0x70));
	uint64_t (*NtClose)() ();
	eax = *(pdb.SessionId);
	goto label_12;
	label_29:
	if (eax != 0) {
	goto label_13;
	}
	*((rbp - 0x80)) = r15;
	rax = rbp - 0x30;
	r15d = 0;
	r8 = &var_ea8h;
	*((rbp - 0x78)) = r15;
	edx = 0xf000f;
	rcx = pdb_BaseSrvUserObjectDirectory;
	eax = uint64_t (*NtCreateDirectoryObject)(void, void, void, void) (0x30, rbx, esi, rax);
	ebx = eax;
	if (eax >= 0) {
	goto label_14;
	label_31:
	cl = 0;
	goto label_15;
	label_30:
	rax = *(pdb.BaseSrvpStaticServerData);
	cl = 0;
	*((rax + 0xb34)) = 0;
	goto label_16;
	label_19:
	ebx = 0xc0000017;
	}
	label_22:
	rcx = pdb_BaseSrvDosDeviceCritSec;
	uint64_t (*RtlDeleteCriticalSection)() ();
	goto label_17;
	}