possibility to create an object and pass it's member variable inside a function call (as a parameter to this function)

97 views Asked by At

I searched quite a bit but i was not sure what terms i need to actually search for, so please forgive me if this title might be confusing.

I'm trying to read a remote process' memory and store them in my local objects.

I'll show you the working version first, so you should get an idea of what i mean:

class myObject_2
{
public:
    float value;
};
class myObject_1
{
public:
    class myObject_2* obj_2;
};

myObject_1 obj_1;
uint64_t obj_1_Addr = ReadProcessMemory_to_get_address_of_object_in_target_process;
ReadProcessMemory(hProcess, (uint64_t*)obj_1_Addr, &obj_1, sizeof(myObject_1), &bytesRead);
uint64_t float_Addr = (uint64_t)obj_1.obj_2; // save obj_2's address which equals the 'value' address (no offset)
obj_1.obj_2 = new myObject_2(); // allocate memory for obj_2 object
ReadProcessMemory(hProcess, (uint64_t*)float_Addr, &obj_1.obj_2->value, sizeof(float), &bytesRead); // read from the previously stored address and save it to the 'value' member inside the newly allocated obj_2

obj_1.obj_2->value; // contains correct value now
delete obj_1.obj_2;

my actual question is, if it's possible to do something like this instead of the 3rd ReadProcessMemory call and without saving the address to a temporary variable first:

ReadProcessMemory(hProcess, (uint64_t*)obj_1.obj_2, (obj_1.obj_2 = new myObject_2())->value, sizeof(float), &bytesRead);

obj_1.obj_2->value; // contains correct value now
delete obj_1.obj_2;

This is done in Visual Studio 2017 without explicitly setting the C++ Language Standard compiler flag (not sure what it defaults to).

1

There are 1 answers

0
GuidedHacking On

I can't think of a reason to do this. Your reason for using a pointer is not apparent and seems unjustified.

Instead of 1 variable you have created 2 classes, a pointer and a variable.

I would consider simplicity and readability to be two important characteristics of good code.

If you're trying to replicate the memory layout of the external process in your internal process this unnecessary. The purpose of your code is to get either the address of the variable or it's value, which can be easily done with 2-3 calls to ReadProcessMemory.

Here is my preferred method of dealing with multilevel pointers:

uintptr_t FindDMAAddy(HANDLE hProc, uintptr_t ptr, std::vector<unsigned int> offsets)
{
    uintptr_t addr = ptr;
    for (unsigned int i = 0; i < offsets.size(); ++i)
    {
        ReadProcessMemory(hProc, (BYTE*)addr, &addr, sizeof(addr), 0);
        addr += offsets[i];
    }
    return addr;
}

//example
uintptr_t addr = FindDMAAddy(hProcess, PtrBaseAddr, { 0x374, 0x14, 0x0 });