How this char copy works: *(*((char**)p))++ = ch; in c [closed] - c

Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I have a problem with this code I am using in embedded C. It works perfect if I pass p as a parameter of some function but not works in case of "p" is local. Please help to understand in details how this code works.

The pointer p is cast to char** and dereferenced twice, ch is copied to that location, and *p is then incremented (points to the next character.
I imagine (because without code that is all I can do) that not working "in case of p is local" has little to do with p being local and everything to do with the value of p and the contextual semantics of the code in question. Whether the code works or not depends solely on p holding a valid value such that the double de-reference resolves to the intended location.
To be honest however, you should avoid writing such code, it's too "clever", and as Brian Kernighan said:
Everyone knows that debugging is twice as hard as writing a program in the first place. So if you're as clever as you can be when you write it, how will you ever debug it?

P is pointer to char pointer.Initially it is typecast to char** and dereferencing two times.After dereferencing 2times,at this place ch is copied.After that it is incremented by1.Here, to understand about incrementing such a pointer, try to understand follows.*p++is equal to *p and p++,NOT an equal to *p and (*p)++. Like this, your pointer is also incremented. There is chance to get segmentation fault in your copy statement.

Related

How to access .text section using a function pointer in C? [closed]

Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 5 years ago.
Improve this question
I am trying to inject executable code in memory using C. The executable should be able to read it's own code and copy it to some other location referenced by a pointer. The general template code is as follows
int
main(){
int (*main_ptr)();
main_ptr=main; // make the pointer point to start of main
/*
* rest of the code.
*
*/
/*Now I am trying to print the first 10 bytes of the main function.
* just to see if it is possible to access main's code.
*/
for(int i=0;i<10;i++)
printf("%x ",*main_ptr++);
return 0;
}
but the output is the value of the pointer (i.e. address of main function), not the value to which it points (the code of the main function). I had read somewhere that C does not dereference function pointers. But I do not know why. Is there a way to get around this?
Or, is there another way for a program to access its own code section?
P.S. I understand that many may think this is a stupid question and does not contribute significantly to research and all that. But I'am trying to understand how malware is written and given the absence of material on the web, it has been frustrating, so I decided to try this myself. Any help would be great.
There are 2 issue with your code (even though as such it is UB to be strict).
But even from any implementations point of view there are the following issues
None of the implementations define the * operator for function pointer.
None of the implementations define the ++ operator on the function pointers because size of a function is not defined.
But most implementations do define casting a fptr to void* and then to other data pointers even though it is UB.
You can make use of that fact.
I tried the simple modification of your code -
for(i=0;i<10;i++)
printf("%x ",*((int*)main_ptr++));
And it produced the "expected" behavior with gcc (MinGW64), compared the output against objdump.
Finally this goes with the warning that none of the approaches are portable. Perhaps there is no portable way to achieve what you are doing.
If you just have to get the same code as main, one way could be to read the actual binary (pointed by arg[0]). Parse the headers to find main and then read the bytes from there. Since reading the file would give you a data pointer there is no UB there.

Application of null pointer [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I was giving interview in a company and they asked me "What are applications of null pointers in C"? I told them what null pointer is and how it leads to segmentation fault. However, they were not happy with the answer. I have never heard anything like this before. If anyone has any idea, please share.
Thank you
they were asking when you need to use NULL pointers, not when they lead to problems.
The classic answer is that they are used when there is nothing to point to. For example the next pointer in a list when its the end of a list -> there is no next item.
and so in your code you go
if(nextItem != NULL)
{
// do stuff with nextItem
}
else
{
// the end
}
As mooseboy points out this is a sentinel value i.e, a special value that your code recognizes as having a deciding value.
NULL is the perfect pointer sentinel since NULL is assumed to never be a valid value for a pointer (for example you could not use 0x000042 since 42 might be a real address)
This question is kind of vague, but one thing they might have been unhappy about is that from a pure language perspective, dereferencing NULL is not guranteed to cause a segfault. It causes unspecified behavior, i.e. the language doesn't say what will happen. On most platforms, yes, null reference causes a segfault, but an implementation of C could do something else and still conform to the standard.

Loop thorough **variable in C [closed]

Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I have a pointer of pointers, and I want a loop to go thorough them and store its value into something else. Is there any way to do that?
e.g:
char **variable;
Now I want to read that into another variable:
char **variable2
i thought of doing something like this:
for(i = 0;i <LENGTH_OF_VARIABLE-1;i++){
variable2[i] = variable[i+1]
}
But that is not possible in c, right?
Now you might ask why not variable2 = variable? well variable2 should store only parts of the variable, not all of them.
EDIT: Variable's size is not known, and its dynamic(read from the command line). AND no it doesn't contain '\0' at the end. Cause its processed to remove such a character and then passed to a function that I am implementing.
If you already putting anything to your **variable, does that mean that you have allocated memory correctly?
I think it will better for you to revise and understand how simple one dimensional array works, after understanding that, move to double arrays. Then take a look how pointers work and learn how to allocate memory. After understanding this steps i have mentioned above, take a look at double pointers and allocation of memory in case of double pointers.
here you go.

why we use function returning pointer in c and application of function returning pointer [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 9 years ago.
Improve this question
What is the main reason to use function returning pointer? Basically its return the pointer value but there are we can also return the value through pointer.
So why we need function returning pointer?? Is it reduce the size of code or any else?
Is there any application where we use function returning pointer?
Not sure what you are asking but yes? you could copy a 2Gb variable or an address to that variable that is orders of magnitude smaller. You tell me which is quicker/more efficient ;)
Here is a tutorial that explains their usage:
C pointers
Right off the bat it explains how it is easy to use numbers to lookup a safety deposit box so you can go access it.
without the ability to return pointers there would be no point to even having pointers at all. i.e. when you allocated memory for data, a function returns the pointer to its location. So without that you would never know were the memory you allocated is.
So I guess the functionality of returning pointers is arguably to allow the presence of pointers themselves?
One example, you can return a pointer to a value. Anyone who has that pointer can then change the value.

Is printf("%d",*(++(*a))); Undefined [closed]

Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 9 years ago.
Improve this question
is printf("%d",*(++(*a))); Undefined? Here a is pointer to a pointer to integer.
I do not have anymore code other than this.It is an extension of This question which had created lots of confusions.Just want to know what is happening in this print.Does it depend on Architechture(32 Vs 64) or compiler versions.
Hoping answers will be descriptive and clear.
If you break it down, it does this:
Take the value of what a is pointing at: *a
Increment by one ++(*a)
Dereference that *(++(*a))
So, if the value+1 of what is stored at a is a valid pointer, this will work. Otherwise, the result is undefined and will most likely result in a runtime error.
Yes, your code is correct and even if cryptic can make some (little) sense as in:
void print_next(int **a) {
printf("%d\n",*(++(*a)));
}
int arr[] = {1,5,6,3,5,6};
int *p = arr;
while (p<arr+6)
print_next(&p);
If your question is specifically about *(++(*a)) expression, then there's nothing undefined here (assuming all pointers involved are valid). There are no attempts to perform multiple modifications of the same object. There are no independent reads of any of the modified objects. End of story.
Basically, there's nothing to explain here, since the code is perfectly fine in a rather straightforward manner. There's really no room for anything more "descriptive and clear" than that.
If this is not sufficiently clear, you have to explain what exactly looks suspicious to you in this expression.

Resources