def RegCreateKeyW()

in functions/advapi32.py [0:0]

• 28 lines of code
• 9 McCabe index (conditional complexity)

    def RegCreateKeyW(self, is_return = False):
        if is_return == True:
            phkResult = funcutils.get_func_args(2, self.is_64bit)
            if phkResult != 0:
                result = 0
                if self.is_64bit == True:
                    result = idc.get_qword(phkResult)
                else:
                    result = idc.get_wide_dword(phkResult)
            return f"{hex(funcutils.get_result(self.is_64bit))} -> LSTATUS, hkResult = {hex(result)}"
        
        hKey = funcutils.get_func_args(1, self.is_64bit)
        lpSubKey = funcutils.get_func_args(2, self.is_64bit)
        phkResult = funcutils.get_func_args(3, self.is_64bit)
        if hKey == 0x80000000:
            _debug_info = f"hKey={hex(hKey)} -> HKEY_CLASSES_ROOT"
        elif hKey == 0x80000001:
            _debug_info = f"hKey={hex(hKey)} -> HKEY_CURRENT_USER"
        elif hKey == 0x80000002:
            _debug_info = f"hKey={hex(hKey)} -> HKEY_LOCAL_MACHINE"
        elif hKey == 0x80000003:
            _debug_info = f"hKey={hex(hKey)} -> HKEY_USERS"
        elif hKey == 0x80000004:
            _debug_info = f"hKey={hex(hKey)} -> HKEY_PERFORMANCE_DATA"
        else:
            _debug_info = f"hKey={hex(hKey)}"
        
        _debug_info += f", lpSubKey={idc.get_strlit_contents(ea = lpSubKey, strtype=idc.STRTYPE_C16).decode('utf-8')}, "
        _debug_info += f", phkResult={hex(phkResult)}) = "
        return _debug_info