What is the logic behind this line of co

Forum

Forum
General C++ Programming
What is the logic behind this line of co

What is the logic behind this line of code...

// Codecave function
VOID Codecave(DWORD destAddress, VOID (*func)(VOID), BYTE nopCount)
{
	// Calculate the code cave for chat interception
	DWORD offset = (PtrToUlong(func) - destAddress) - 5;

	// Buffer of NOPs, static since we limit to 'UCHAR_MAX' NOPs
	BYTE nopPatch[0xFF] = {0};

	// Construct the patch to the function call
	BYTE patch[5] = {0xE8, 0x00, 0x00, 0x00, 0x00}; // E8 = 'CALL' opcode
	memcpy(patch + 1, &offset, sizeof(DWORD));
	WriteBytesASM(destAddress, patch, 5);

	// We are done if we do not have NOPs
	if(nopCount == 0)
		return;

	// Fill it with nops
	memset(nopPatch, 0x90, nopCount);

	// Make the patch now
	WriteBytesASM(destAddress + 5, nopPatch, nopCount);
}

Ok, so basically, you pass this function a address in memory (destAddress), and a function to write to memory at the destAddress.

I don't understand teh logic of the Bolded line. It seems like it's supposed to get the address of the function you pass, so it can write it to memory. By the way, it's correct, because it works.

Can someone maybe try to explain why bolded operation gives the offset of the function passed? Thanks.

Last edited on

Topic archived. No new replies allowed.

C++

Forum

What is the logic behind this line of code...