[C] Reading Pointers

**Admin** Miér Mar 18, 2009 5:30 pm

by Manuel
This cool idea just randomly came to mind while on IRC.

Código:

#include

#define OFFSETS_END 0xDEADBEEF

__checkReturn BOOL _ReadPointer(__out PULONG_PTR pulValue, __in LPCVOID lpcvBase, ...)
{
ULONG_PTR ulTemp;
va_list pArguments;
BOOL bRET;
int iOffset;

__try {
ulTemp = (ULONG_PTR)lpcvBase;
va_start(pArguments, lpcvBase);
while ((iOffset = va_arg(pArguments, int)) != OFFSETS_END)
ulTemp = *(ULONG_PTR*)((*(ULONG_PTR*)ulTemp) + iOffset);
va_end(pArguments);
*pulValue = ulTemp == (ULONG_PTR)lpcvBase ? *(ULONG_PTR*)ulTemp : ulTemp;
bRET = TRUE;
}
__except(EXCEPTION_EXECUTE_HANDLER) {
bRET = FALSE;
}

return bRET;
}

#define ReadPointer(x, y, ...) _ReadPointer(x, y, __VA_ARGS__, OFFSETS_END)Example usage:
Código:

Código:
// Read a pointer: [0x600000]+0x69]
ReadPointer(&ulValue, (LPCVOID)0x600000, 0x69);
// Read a multi-level pointer: [[[[0x400000]+10]]+10]
ReadPointer(&ulValue, (LPCVOID)0x400000, 10, 0, 10);PROTIP: I'm being lazy and if you wanted it to be as safe as possible, instead of just catching exceptions I suggest you use VirtualQuery

by BanMe
the methodology is execellent and the code is easy to understand Great job Irwin .. here a very simple write to go along with it.. CREDITS to Irwin here to.. cause its just a simple mod of like 3 lines of code..

Código:

Código:

BOOL _WritePointer(__in ULONG ulValue, __in LPCVOID lpcvBase, ...)
{
ULONG_PTR ulTemp;
va_list pArguments;
BOOL bRET;
int iOffset;

__try {
ulTemp = (ULONG_PTR)lpcvBase;
va_start(pArguments, lpcvBase);
while ((iOffset = va_arg(pArguments, int)) != 0x7ffff000)
ulTemp = *(ULONG_PTR*)((*(ULONG_PTR*)ulTemp) + iOffset);
va_end(pArguments);
*ulTemp = ulValue;
bRET = TRUE;
}
__except(EXCEPTION_EXECUTE_HANDLER) {
bRET = FALSE;
}

return bRET;
}

HECHOS EN LOS MEJORES FOROS DE
MANUEL