我有一个名为
target
的变量,其值为 0x52d000000938
。它的值是通过 ctx + offset
计算出来的。伪代码是
int offset = calculate_offset();
type_t *ctx = get_ctx();
printf("[+] ctx + offset %p\n", ctx + offset);
如果 ctx 为
0x52d000000410
且偏移量为 1320
,则输出我得到 0x52d000000938
[+] ctx + offset 0x52d000000938
现在,如果我在地址
gdb
签入 0x52d000000938
,我会得到以下输出
gdb> x/g 0x52d000000938
0x52d000000938: 0x00007ffff702f820
gdb>
现在我的问题是:假设
0x00007ffff702f820
指向 second_type_t
类型的对象,如何让 second_type_t
类型的指针精确指向 0x00007ffff702f820
只读取 0x52d000000938
处的值
它是实现和硬件定义的,但在低级编程中很常见。
typedef struct
{
int x,y,z;
float a,b,c;
} second_type_t;
#define SECOND_TYPE_PTR(atr) ((second_type_t *)(*(uintptr_t *)(addr)))
int main(void)
{
second_type_t str = {.x = 1, .y = 2, .z = 3, .a = 5.0, .b = 6.0, .c = 7.0};
uintptr_t str_addr = (uintptr_t)&str;
uintptr_t addr = (uintptr_t)&str_addr;
printf("x = %d\n", SECOND_TYPE_PTR(addr) -> x);
printf("y = %d\n", SECOND_TYPE_PTR(addr) -> y);
printf("z = %d\n", SECOND_TYPE_PTR(addr) -> z);
printf("a = %f\n", SECOND_TYPE_PTR(addr) -> a);
printf("b = %f\n", SECOND_TYPE_PTR(addr) -> b);
printf("c = %f\n", SECOND_TYPE_PTR(addr) -> c);
}