Home > Software design >  Ghidra C dissasembly shows never seen code statement? Keyword "code" with pointer operator
Ghidra C dissasembly shows never seen code statement? Keyword "code" with pointer operator

Time:12-01

Playing with ghidra and there is this statement on the disassembly display that i don't understand.

(**(code **)

For example in this context:

int *piVar1;
int iVar2;

uVar3 = (**(code **)(*piVar1   8))(iVar2);

The internet did not had any good results due to that pointer operator that the search machine doesn't accept.

CodePudding user response:

code is not a C keyword or reserved identifier. From context, it looks like Ghidra is using it as a generic representation of a function, such that code ** means pointer to pointer to function. Ghidra might do this because without knowing the function's return type, it cannot form a correct function-pointer type name for it. Or perhaps it just thinks the form it is using is clearer.

In any case, in C, this expression ...

(**(code **)(*piVar1   8))(iVar2)

... is a function call, with (**(code **)(*piVar1 8)) as function designator and with iVar2 as argument. Presumably, the double dereference is present in the binary code, and Ghidra invents the (code **) cast to make it sensible. It follows that *piVar1 8 is (used as) a pointer to a pointer to a function, so overall that looks like a function being called via a dispatch table.

A call to a C member function via an object's vtable might look much like that, but the same general form might be used in certain C code, too.

Page link:https//www.codepudding.com/Softwaredesign/628085.html

Prev:After adding two conditions in a "for" loop in C I am getting errors
Next:Incompatible pointer type for array
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding