Maybe someone here could help me to understand more about C
While reading about Unreal Engine 4, I came across this function which is used as the following
class ClassSample1
{
public:
Babu* pBabu; //0x022C
};
void SetFuncton(Babu* param1, bool param2)
{
(*(int(__fastcall**)(Babu*, bool))(*(DWORD64*)param1 0x38))(param1, param2);
}
What I want to know.
- What will this function produce?
- What datatype will this function produce?
Thank you.
CodePudding user response:
What I want to know.
- What will this function produce?
That's the fun part, from what you've shown, nobody knows!
- What datatype will this function produce?
I guess the answer is "nothing", SetFunction() returns void, but this appears to be calling some kind of class parameter setter so it will probably have side effects.
Let's break this down a bit:
(int(__fastcall**)(Babu*, bool))
This declares a pointer to a pointer to a function, where the function returns int and has two parameters, one of type pointer to Babu, and one of type bool. This function should also use the __fastcall calling convention.
*(DWORD64*)param1 0x38
This is a compound statement which casts param1 to a pointer to DWORD64 and then reads the DWORD64 value at that address and adds 0x38 to it. Note that in the MSVC ABI, the vtable pointer is the first element of a class, so if param1 is a pointer to an instance of Babu this statement is reading the vtable pointer of Babu, and adding 0x38 to it.
Putting these together:
*(int(__fastcall**)(Babu*, bool))(*(DWORD64*)param1 0x38)
This says: take whatever is stored at memory address param1 (which is probably the vtable pointer), add 0x38 to it, cast this to a pointer to a pointer to a function, read this resulting address to produce a pointer to a function of the type described above. As @HolyBlackCat mentioned in the comments, this is most likely a virtual method lookup on the class Babu.
The last little bit: (param1, param2), is just the actual call to the function with param1 and param2 as arguments. Note that in any class method call, there is an implicit this pointer which gets passed as the first argument.
From all of this it's fair to deduce that class Babu has some set of virtual methods, and there's one at offset 0x38 which takes bool as its one non-implicit parameter. What happens after this is anybody's guess. At the risk of being dismissive I would consider it somewhat miraculous if it returns with your machine intact at all.