void __usercall sub_101A7850@<eax>(int a1@<edx>, int a2@<ecx>, int a3, int a4, int a5, int a6)
My first attempt (crashes):
__declspec(naked) void __stdcall callit(const int& a1, const int& a2, unsigned int a3, const int *a4, int a5, int *a6)
{
// void __usercall sub_101A7850@<eax>(int a1@<edx>, int a2@<ecx>, int a3, int a4, int a5, int a6)
__asm
{
mov ecx, [esp + 4] // a1
mov edx, [esp + 8] // a2
push [esp + 12] // a3
push [esp + 16] // a4
push [esp + 20] // a5
push [esp + 24] // a6
call funcaddr
retn 24
}
}
I have verified funcaddr is valid. Pretty sure its a __fastcall
You have exchanged ecx and edx: your func signature says a1<edx> but you put a1 into ecx and a2 to edx.
Moreover: After pushing a3 the esp relative offset for a4 becomes 4 bytes farther. After pushing a4 the esp relative offset for a5 becomes 8 bytes farther, and so on... (so the correct offsets are: a4: [esp+20], a5: [esp+28], a6: [esp+36])