I've been messing around with a program in Ghidra, and I came across these four lines of code. I found something about CONCAT11 meaning a concatenation between two one-byte operands, but I don't understand what part of the input user_input._2_1_ and (undefined)user_input represent.
The code in C:
read(0,&user_input,5);
uVar1 = user_input;
uVar2 = user_input._1_1_;
local_16._0_2_ = CONCAT11(user_input._2_1_,(undefined)user_input);
CONCAT11(x, y)Performs
( ((uint16_t)x) << 8 ) | (uint8_t)yon bytesxandy.user_input._2_1_user_inputis a variable. That fact that you can use the.operator on it makes it a some kind of structure._2_1_would be one of its fields. Obviously, it's a generated name. I presume the two numbers are an offset and a size. So it would be a one byte field found at the third byte of the structure.(undefined)user_inputI don't think this is valid code.
We know that
CONCAT11will be provided a byte. So(undefined)user_inputmust refer to an operation that reads a byte. This byte must surely be the first byte ofuser_input. So that would make it a reference touser_input._0_1_.Well, it could be the first byte of a multi-byte field (
*(char*)&user_input._0_?_), but that seems unlikely.I think
(undefined)is used because of the lack of information needed to resolve this ambiguity.This is all guesswork.