Accéder au contenu principal

Reversing C++ String And QString

Par
After the rust string overview of its internal substructures, let's see if c++ QString storage is more light, but first we'r going to take a look to the c++ standard string object:



At first sight we can see the allocation and deallocation created by the clang++ compiler, and the DAT_00400d34 is the string.

If we use same algorithm than the rust code but in c++:



We have a different decompilation layout. Note that the Ghidra scans very fast the c++ binaries, and with rust binaries gets crazy for a while.
Locating main is also very simple in a c++ compiled binary, indeed is more  low-level than rust.


The byte array is initialized with a simply move instruction:
        00400c4b 48 b8 68        MOV        RAX,0x6f77206f6c6c6568

And basic_string generates the string, in the case of rust this was carazy endless set of calls, detected by ghidra as a runtime, but nevertheless the basic_string is an external imported function not included on the binary.

(gdb) x/x 0x7fffffffe1d0
0x7fffffffe1d0: 0xffffe1e0            low str ptr
0x7fffffffe1d4: 0x00007fff           hight str ptr
0x7fffffffe1d8: 0x0000000b        sz
0x7fffffffe1dc: 0x00000000
0x7fffffffe1e0: 0x6c6c6568         "hello world"
0x7fffffffe1e4: 0x6f77206f
0x7fffffffe1e8: 0x00646c72
0x7fffffffe1ec: 0x00000000        null terminated
(gdb) x/s 0x7fffffffe1e0
0x7fffffffe1e0: "hello world"

The string is on the stack, and it's very curious to see what happens if there are two followed strings like these:

  auto s = string(cstr);
  string s2 = "test";

Clang puts toguether both stack strings:
[ptr1][sz1][string1][null][string2][null][ptr2][sz2]

C++ QString datatype

Let's see the great and featured QString object defined on qstring.cpp and qstring.h

Some QString methods use the QCharRef class whose definition is below:

class Q_EXPORT QCharRef {
    friend class QString;
    QString& s;
    uint p;
Searching for the properties on the QString class I've realized that one improvement that  rust and golang does is the separation from properties and methods, so in the large QString class the methods are  hidden among the hundreds of methods, but basically the storage is a QStringData *;

After removing the methods of QStringData class definition we have this:

struct Q_EXPORT QStringData : public QShared {
    QChar *unicode;
    char *ascii;
#ifdef Q_OS_MAC9
    uint len;
#else
    uint len : 30;














































Commentaires











Enregistrer un commentaire




















Posts les plus consultés de ce blog





















The Muse Brooklyn












Par
























http://abcirque.com http://www.amny.com/things-to-do/circus-class-at-the-muse-brooklyn-teaches-acrobatic-skills-1.13781898 https://www.instagram.com/p/Bx-D67pAxGz/ https://www.instagram.com/p/Bx7e3GFgpp2/ https://www.instagram.com/p/Bx5xpoPn_hm/ https://www.instagram.com/p/Bx40FSvj2Tf/ https://www.instagram.com/p/Bx0p224DkxE/ https://www.instagram.com/p/BxzxjhqFO1S/ https://www.instagram.com/p/BxyJmIaAeSd/ https://www.instagram.com/p/BxxweSaF6q4/ https://www.instagram.com/p/BxxSsdcAjFg/ https://www.instagram.com/p/Bxvr0SSgpPs/ https://new.mta.info/L-Project http://themusegowanus.com http://instagram.com/themusebrooklyn https://www.facebook.com/TheMuseBrooklyn/ https://twitter.com/TheMuseBrooklyn https://www.youtube.com/channel/UCkzh62AIfOI7XU3I0P6rWIQ




















Enregistrer un commentaire









Lire la suite




























Fw:












Par
























  Consider this message as your last warning.   We hacked your system!   We have copied all the data from your device to our own servers.   Curious videos were recorded from your camera and your actions while watching porn.   Your device was infected with our virus when you visited the porn site.   The Trojan virus gives us full access, allows us to control your device.   The virus allows not only to see your screen, but also to turn on your camera, microphone, without your knowledge.   We took over the video from your screen and camera, then we mounted a video in which you can see you watching porn in one part of the screen and masturbating in the other.   But that’s not all! We have access to all the contacts in your phone book and social networks.   It won’t take us long to send this video to your friends, family and friends on social networks, messengers and email in minutes.   We have a lot of audio recordings of your personal conversations, where a lot of “intere...




















Enregistrer un commentaire









Lire la suite






























HTML5 Games On Android












Par
























On my last hollidays, I made two HTML5 games, and published on android market.  Nowadays javascript has powerful libraries for doing almost everything, and also there are several compilers from java or c code to javascript, converting opengl c code to html5 canvas, but definitely, javascript execution is slower than dalvik applications, and of course much slower than arm c libs.  For improving the speed of sounds and images loader, I have used javascript asynchronous execution and scheduling priority has been controlled with setTimeout/setInterval which deprioritize or priorize a code block.   This games are published on the android market here: Android Planets  and here: Far Planet       Related news  Hacker Hardware Tools  Pentest Tools Port Scanner  Hacker Tools For Mac  Tools Used For Hacking  Hacker Techniques Tools And Incident Handling  Easy Hack Tools  Hacking Tools Kit  Hacking Tools Usb  Hacker Hardware Tools  Hacker Tools Hardware  Hack Tools For Windows  Hacking Tools For G...




















Enregistrer un commentaire









Lire la suite