From 1dfb4a841626a44f1ef819111934b5e3470c3a6e Mon Sep 17 00:00:00 2001
From: Changhua <lichanghua0821@gmail.com>
Date: Fri, 23 Jun 2023 09:08:25 +0800
Subject: [PATCH] Impl Functions_FUNC_ADD_ROOM_MEMBERS

---
 spy/chatroom_mgmt.cpp | 39 ++++++++++++++++++++++-----------------
 spy/load_calls.cpp    |  2 +-
 spy/rpc_server.cpp    |  2 +-
 3 files changed, 24 insertions(+), 19 deletions(-)

diff --git a/spy/chatroom_mgmt.cpp b/spy/chatroom_mgmt.cpp
index 0600431..a9c68d6 100644
--- a/spy/chatroom_mgmt.cpp
+++ b/spy/chatroom_mgmt.cpp
@@ -23,6 +23,7 @@ int AddChatroomMember(string roomid, string wxids)
     DWORD addRoomMemberCall2 = g_WeChatWinDllAddr + g_WxCalls.arm.call2;
     DWORD addRoomMemberCall3 = g_WeChatWinDllAddr + g_WxCalls.arm.call3;
 
+    DWORD temp           = 0;
     WxString_t txtRoomid = { 0 };
     wstring wsRoomid     = String2Wstring(roomid);
     txtRoomid.text       = (wchar_t *)wsRoomid.c_str();
@@ -45,23 +46,27 @@ int AddChatroomMember(string roomid, string wxids)
 
     LOG_DEBUG("Adding {} members[{}] to {}", vTxtMembers.size(), wxids.c_str(), roomid.c_str());
     __asm {
-		pushad;
-		pushfd;
-		call addRoomMemberCall1;
-		sub esp, 0x14;
-		mov esi, eax;
-		mov ecx, esp;
-		lea eax, txtRoomid;
-		push eax;
-		call addRoomMemberCall2;
-        lea edi, vTxtMembers
-		push edi;
-		mov ecx, esi;
-		call addRoomMemberCall3;
-		mov rv, eax;
-		popfd;
-		popad;
+        pushad;
+        pushfd;
+        call addRoomMemberCall1;
+        sub esp, 0x8;
+        mov temp, eax;
+        mov ecx, esp;
+        mov dword ptr[ecx], 0x0;
+        mov dword ptr[ecx + 4], 0x0;
+        test esi, esi;
+        sub esp, 0x14;
+        mov ecx, esp;
+        lea eax, txtRoomid;
+        push eax;
+        call addRoomMemberCall2;
+        mov ecx, temp;
+        lea eax, vTxtMembers;
+        push eax;
+        call addRoomMemberCall3;
+        mov rv, eax;
+        popfd;
+        popad;
     }
-
     return rv;
 }
diff --git a/spy/load_calls.cpp b/spy/load_calls.cpp
index b25c339..fab2a89 100644
--- a/spy/load_calls.cpp
+++ b/spy/load_calls.cpp
@@ -22,7 +22,7 @@ WxCalls_t wxCalls = {
           Exec,     base,   start,   end,   slot, name*/
     { 0x141BDF0, 0x2366934, 0x1428, 0x142C, 0x3C, 0x50 },
     { 0xA17D50, 0xF59E40, 0xA18BD0, 0xA17E70 }, // Accept New Friend application
-    { 0xE29F0, 0x771980, 0x43D8D0 },            // Add chatroom members
+    { 0x78CF20, 0xF59E40, 0xBD1DC0 },           // Add chatroom members
     { 0x771980, 0xCD2A90 }                      // Receive transfer
 };
 
diff --git a/spy/rpc_server.cpp b/spy/rpc_server.cpp
index 266f046..f1898d1 100644
--- a/spy/rpc_server.cpp
+++ b/spy/rpc_server.cpp
@@ -625,12 +625,12 @@ static bool dispatcher(uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len
             ret = func_accept_friend(req.msg.v.v3, req.msg.v.v4, req.msg.v.scene, out, out_len);
             break;
         }
-#if 0
         case Functions_FUNC_ADD_ROOM_MEMBERS: {
             LOG_DEBUG("[Functions_FUNC_ADD_ROOM_MEMBERS]");
             ret = func_add_room_members(req.msg.m.roomid, req.msg.m.wxids, out, out_len);
             break;
         }
+#if 0
         case Functions_FUNC_RECV_TRANSFER: {
             LOG_DEBUG("[Functions_FUNC_RECV_TRANSFER]");
             ret = func_receive_transfer(req.msg.tf.wxid, req.msg.tf.tid, out, out_len);