What's going on here: v5 = *(_Byte *)(this + 4)?
I am looking at a code dump from IDA pro. There is a function which as this layout:
garbled_name(int this...
unsigned int v5 ;
v5 = *(_Byte *)(this + 4);
...
What I am really cu开发者_运维知识库rious about is what exactly the '+ 4' is doing? Is this an addition or something else?
Thanks
The code takes the integer 'this', adds 4 to it, casts it to a pointer to a byte, and then sets 'v5' to the value of the byte at that address.
It's just a member function of a C++ class, this being pointer to the object. This signature of the object is probably:
class some_class {
int i; // int, void*, short, anything with sizeof() <= 4, and it's not char.
// It also can be absent if it's a virtual class (AFAIK it's compiler dependend)
unsigned char c; // or c[N]
...
};
The code in question is:
some_class::some_fn(...){
unsigned int v5 = c; // or c[0]
...
};
It is a reference to the fifth byte from the beginning of the object. Depending on what compiler generated that code, it is most likely the item in class order which is at the fifth byte in the object instance.
EDIT: Sigh, I missed the "IDA Pro" part. I'll just leave this here for entertainment value, in case someone is wondering what "this+4" does in normal C++ code.
"this+4" takes your current this pointer, moves forward four times its size. Then it casts that to a byte pointer and reads it.
Consider this:
struct A {
void foo();
int x;
int y;
};
sizeof(A), on a 32-bit system, is most likely 8 bytes.
A myArray[8];
A *pA = myArray;
Now pA points to &myArray[0].
pA++;
Now pA points to &myArray[1], i.e. it moved 8 bytes forward.
void A::foo() {
A *pA = this + 4;
}
If you call this on &myArray[0], it will point to &myArray[4], i.e. 32 bytes further down the road.
加载中,请稍侯......
精彩评论