C++

Forum

 
std::vector Question

sasho648 (22)
So I'm decompiling an function using global vector as some structure type. Here Is the source I get:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
 
struct SYS_SEARCH_PATH
{
	char m_Driver[261];
} ; //size of 261

extern std::vector<SYS_SEARCH_PATH> g_sysSearchPaths_All;
extern std::vector<SYS_SEARCH_PATH> g_sysSearchPaths_CDROM;

int __cdecl sysInitialize_Paths()
{
	SYS_SEARCH_PATH Struct;
	strncpy(Struct.m_Driver, ".\\", 260);
	
	for(unsigned long i(((unsigned long*)&g_sysSearchPaths_All)[1]); i!=*((unsigned long*)&g_sysSearchPaths_All); i+=sizeof(SYS_SEARCH_PATH));

	*((unsigned long*)&g_sysSearchPaths_All)=((unsigned long*)&g_sysSearchPaths_All)[1];
	
	for(unsigned long i(((unsigned long*)&g_sysSearchPaths_CDROM)[1]); i!=*((unsigned long*)&g_sysSearchPaths_CDROM); i+=sizeof(SYS_SEARCH_PATH));

	*((unsigned long*)&g_sysSearchPaths_CDROM)=((unsigned long*)&g_sysSearchPaths_CDROM)[1];
	
	g_sysSearchPaths_All.insert(((unsigned long*)&g_sysSearchPaths_CDROM)[1], 1, Struct);
	
	/*
	...
	*/
	return 0;
}


Can you tell me what is the equivalent of this source in std::vector functions.

NOTE: The g_sysSearchPaths_All is an hidden paramter in the function std::vector<SYS_SEARCH_PATH,std::allocator<SYS_SEARCH_PATH>>::insert(SYS_SEARCH_PATH *,uint,SYS_SEARCH_PATH const &) passed by the EAX register.
Last edited on
pogrady (677)
I can tell you that it looks like its searching for the CD ROM and inserting it into the global list of search paths. Because the vector class returns iterators, they need to be dereferenced.

This line i don't understand:
 
 
*((unsigned long*)&g_sysSearchPaths_All)=((unsigned long*)&g_sysSearchPaths_All)[1];


it seems to be just assigning the value to itself.
Cubbi (4774)
g_sysSearchPaths_All is a vector, which is typically a class holding three pointers: the begin pointer, the end pointer, and the end of capacity pointer.

&g_sysSearchPaths_All is the address of the class and therefore the address of its first member (one of the pointers)

(unsigned long*)&g_sysSearchPaths_All is that address reinterpret-cast to pointer to uintptr_t (which appears to be unsigned long on your platform).

((unsigned long*)&g_sysSearchPaths_All)[1] is the next element of the vector object, that is the second member pointer[/code]

Based on the loop structure (start with the second pointer, increment by the size of the element until the first pointer), it's easy to conclude that the first pointer is the end pointer, and the second pointer is the begin pointer.

So the line

*((unsigned long*)&g_sysSearchPaths_All)=((unsigned long*)&g_sysSearchPaths_All)[1];

is exactly g_sysSearchPaths_All.clear(); : it copies the end pointer into the begin pointer, making the vector empty: there are no destructors to be called for this vector's elements.
Last edited on
sasho648 (22)
Thanks you very much. That was what I wanted to know. But can you tell me the insert line code:

g_sysSearchPaths_All.insert(((unsigned long*)&g_sysSearchPaths_CDROM)[1], 1, Struct);

The first parameter need to be std::iterator. What is the equivalent here.
Topic archived. No new replies allowed.