 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
benlue
Moderator
![]() Reputation: 0
Joined: 09 Oct 2006
Posts: 2142
|
 Posted: Tue May 15, 2007 12:45 am Post subject: How pointers really work |
 |
|
With many people confused about pointers , this tutorial will give those who are confused general knowledge to know how pointers actually work .
Pointer- A pointer is simply a variable in C or C++ which has an asterisk before it .
Example:
A pointer is a point to a memory location . (simplest meaning)
No matter what , pointers are 4 bytes in size .
DOS
In DOS , when you deal with _far pointers , the first 2 bytes are the offset address .
Here is an example of a DOS function to return a pointer to the specified memory address:
| Code: | void _far *MakeFarPointer(unsigned short OFFSET, unsigned short SEGMENT)
{
union tagUNION
{
struct tagADDRESS
{
unsigned short OFFSET, SEGMENT;
} ADDRESS;
void _far *POINTER;
} UNION;
UNION.ADDRESS.OFFSET = OFFSET;
UNION.ADDRESS.SEGMENT = SEGMENT;
return POINTER;
} |
win32 on the other case , all 4 bytes together contain the address, since 32bit memory is linear with no offsets .
In Win32, with the 32bit memory, it is very simple to point to a location:
| Code: | | unsigned long *somepointer = (unsigned long *)0xA389B036; |
Now, you've got a pointer of type unsigned long. The best way to now treat this as a non-pointer, and place data in it, is to use the array brackets. Just do "somepointer[0] = number;", or otherwise anything you have it equal becomes its new address it points to .
A pointer is just a way to choose where a variable is stored.
Here is a code to look at:
| Code: | int variable = 10;
int *somepointer = &variable; |
This makes somepointer point to the address of variable. The & symbol means "address of". Now look at the following:
| Code: | | somepointer[0] = 25; |
This means variable will no longer be 10, but is now 25 .
I hope you get this , this may be a little outdated but i don't have much time to write full detailed versions .
|
|
| Back to top |
|
 |
Nigtronix
Cheater
![]() Reputation: 0
Joined: 18 May 2007
Posts: 45
|
| Posted: Fri May 18, 2007 10:34 pm Post subject: |
|
|
Nice tutorial, but:
"Pointers are 4 bytes no matter what"
No, Pointers are 4 bytes on 32bit x86 architectures
"Windows has no offset in linear memory"
Well, you have one segment that is automatically loaded, then yeah memory address is itself an offset. In protected mode you don't work with segments. The addresses go from real offsets to RVA offsets in paged virtual memory.
|
|
| Back to top |
|
|
TheSorc3r3r
I post too much
 Reputation: 0
Joined: 06 Sep 2006
Posts: 2404
|
| Posted: Sat May 19, 2007 6:00 am Post subject: |
|
|
Is the type of a pointer the type that it will point to? ex:
| Code: | double pi = 3.14;
double *ptrPi = π |
and a double isn't 4 bytes, which you said pointers are
and what's ptr[1]? the next place in memory?
_________________
Don't laugh, I'm still learning photoshop! |
|
| Back to top |
|
|
Nigtronix
Cheater
![]() Reputation: 0
Joined: 18 May 2007
Posts: 45
|
| Posted: Sat May 19, 2007 11:57 am Post subject: |
|
|
TheSorc3r3r, don't look at the pointer type. The pointer type in a pointer declaration is merely for the compiler to do the correct pointer arithmetic(I'll explain in a little bit).
| Code: | double someBigNumber = 2345678.32;
double *BnumPTR = &someBigNumber;
|
now it looks like our double pointer is using 8 bytes!, but you must remember that a pointer holds an address to what data the pointer is pointing to at the beginning!
On *all 32bit architectures, there are 2^32 memory locations or about (4294967296, roughly 4 billion/gigs). Each memory location in protected mode can fit in a single 32 bit register, EAX, EBX, EIP for example.
The first address(which normally isn't mapped in protected mode) is
0x00000000 which is a 32 bit address [each digit in hex is 4 bits(one nibble)]
So when you are working with pointers in protected 32 bit mode, the address of operator & "grabs" the 32bit address of the variable in a table of the compiler, which has variable names linked with real addresses.
For example: (NOT REAL)
If I declare a variable: char omg = 'P';
the compiler will make an entry for the variable omg in a global table which will actually be used to lookup a real address in memory and replace the variable name with that address: say for example the address is 0x45a32c32.
So using this example lets see what happens with these lines of code:
| Code: |
char omg = 'P';
char *chrPTR = &omg;
// chrPTR now contains the address of omg(0x45a32c32)
|
The value of a pointer specifcally stores the address of a variable, or a returned pointer from a function such as malloc().
Now, you were asking why you need to have the correct data type declared with a pointer? Well, the address that gets stored in the pointer, POINTS TO THE BEGINNING of the data in memory. So from the last example, we have a character(usually 8 bits or 1 byte) stored in memory, and we loaded the address of this variable into a pointer OF TYPE CHAR. So our compiler knows that the pointer now pointers to the beginning of 8 bits or one byte in memory.
The value of the pointer itself is the address which is always 4 bytes on a 32 bit machine.
SO what's the big deal about this? Well, lets see how arrays work:
Lets declare an array of characters 20 chars long.
Before I get into this, make sure you know what the dereference operator means:
Using the last example:
| Code: |
char omg = 'P';
char *chrPTR = &omg;
// chrPTR now contains the address of omg(0x45a32c32)
|
OK, so we have the address of omg in chrPTR. If we try to access chrPTR we will just be changing the value of the pointer itself which is the address stored. So, how do we work with the data the address is pointing to?
Meet the C dereference operator: *
Yes, it is an asterisk and it works similar to the usual assembler notation of MOV [EAX], EBX
As the brackets that is...
What the * dereference operator does is look up a pointer value(address) and operate on the data at the ADDRESS stored in the pointer, not the pointer value itself.
so to change omg to store 'T' through our pointer chrPTR we do this:
Ok back to arrays with the code:
What this does is declare 20 chars in memory ususally linear in memory.
What you must understand is that this is a pointer declaration in a cloak!
omgz is actually a CONSTANT pointer to the first element of this array.
and the array INDEX notation of [x] is actually *(omgz + x).
*Please don't confuse the INDEX notation in C as the [] notation in Assembler
Now this is starting to get tricky to explain, but if you don't understand read a good C book like K&R
What this is, is C pointer arithmetic!
This is why it is IMPORTANT to tell the compiler what type the pointer will be pointing to. Since the array name is itself a CONSTANT pointer to the first element of the array, how do we access the other elements if it is infact constant?
ALSO NOTE: We are not changing the constant pointer with *(pointer + blah)
The constant pointer, pointer is not being modified, the resultant of the address of the pointer adding with the constant is what is being deferenced. The constant pointer remains UNCHANGED else where! Since we are not actually using the assignment operator anywhere(=).
Before I go on let's fill our array up a bit with some values:
| Code: |
omgz[0] = 'P';
omgz[1] = 'W';
omgz[2] = 'N';
omgz[3] = '\0';
|
Now remember that we indeed declared our array with type char, and that an array starts counting at 0?
omgz actually points to omgz[0] or the first element which is actually
*(omgz + 0)
Since the compiler knows we are pointing to type char, the first pointer points to the beginning of 8 bits which has 'P' stored.
now what about omgz[1]
it is actually *(omgz + 1)
Wait, WTF it looks like it is adding 1 to the address of omgz and dereferencing it?!?!?!.
No, this is the true magic of C pointer arithmetic
When you told the compiler you declared a type char, or a pointer of type char, anytime it sees something like *(pointer_value + constant) it replaces constant with:
constant mulitplied by DATA TYPE value in bytes.
Which this is a bad example because it actually is adding one byte to the address of the pointer which would make it pointer to the next data element in memory.
Let's look at double test[2];
the name of the array actually does this behind the scenes:
test = &test[0];
so what happens with test[1]:
| Code: | | it is actually *(test + 1) |
Ah, now this is a better example of pointer arithmetic...
You are adding 1 byte again to test(the address) again right?
No! C knows that the array was declared as type double so when it see's
(pointer + coustant) it replaces constant with:
constant mulitiplied by data size in bytes which would be:
now if we dereference this with it indeed points to the second element of the array and refers to the data of test[1].
just like test[2] would be:
| Code: | | *(test + 16) which is resulted from *(test + 2) |
In closing, why is the () required? This has to do with C precedence rules, we need to make sure we are dereferencing a modified address. I might make a crude drawing later to clearify some things, but you use pointer arithmetic to transverse data in memory, arrays are an excellent example of this.
PS. If I had any errors in spelling or semantics it's probably the 7 heinekens I had ;>
Last edited by Nigtronix on Sat May 19, 2007 5:34 pm; edited 3 times in total |
|
| Back to top |
|
|
TheSorc3r3r
I post too much
Reputation: 0
Joined: 06 Sep 2006
Posts: 2404
|
| Posted: Sat May 19, 2007 4:29 pm Post subject: |
|
|
Wow, thanks! That explained pointers a lot better than C++ for dummies. 
_________________
Don't laugh, I'm still learning photoshop! |
|
| Back to top |
|
|
Nigtronix
Cheater
![]() Reputation: 0
Joined: 18 May 2007
Posts: 45
|
| Posted: Wed May 23, 2007 10:12 am Post subject: |
|
|
Thanks  Hoped you learned something
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
