def CreateThread()

in functions/kernel32.py [0:0]

• 29 lines of code
• 6 McCabe index (conditional complexity)

    def CreateThread(self, is_return = False):
        if is_return:
            lpThreadId = funcutils.get_func_args(5, self.is_64bit)
            if lpThreadId != 0:
                thread_id = idc.get_wide_dword(lpThreadId)
                return f"{hex(funcutils.get_result(self.is_64bit))} -> HANDLE, tid = {hex(thread_id)}"
            return f"{hex(funcutils.get_result(self.is_64bit))} -> HANDLE"

        lpThreadAttributes = funcutils.get_func_args(1, self.is_64bit)
        dwStackSize = funcutils.get_func_args(2, self.is_64bit)
        lpStartAddress = funcutils.get_func_args(3, self.is_64bit)
        lpParameter = funcutils.get_func_args(4, self.is_64bit)
        dwCreationFlags = funcutils.get_func_args(5, self.is_64bit)
        lpThreadId = funcutils.get_func_args(6, self.is_64bit)

        creation_flags_descr = []
        if dwCreationFlags & 0x00000004:  # CREATE_SUSPENDED
            creation_flags_descr.append("CREATE_SUSPENDED")
        if dwCreationFlags & 0x00010000:  # STACK_SIZE_PARAM_IS_A_RESERVATION
            creation_flags_descr.append("STACK_SIZE_PARAM_IS_A_RESERVATION")

        if creation_flags_descr:
            creation_flags_descr = '|'.join(creation_flags_descr)
        else:
            creation_flags_descr = '0'

        _debug_info = f"lpThreadAttributes={hex(lpThreadAttributes)}, "
        _debug_info += f"dwStackSize={dwStackSize}, "
        _debug_info += f"lpStartAddress={hex(lpStartAddress)}, "
        _debug_info += f"lpParameter={hex(lpParameter)}, "
        _debug_info += f"dwCreationFlags={creation_flags_descr}, "
        _debug_info += f"lpThreadId={hex(lpThreadId)}) = "
        return _debug_info