This is the AMP version of this page.
If you want to load the real page instead, click this text.

Solved Hook to the Nullable structure

derzost2

Platinian
Original poster
Apr 15, 2022
17
3
3
31
RU
Good evening,
There is such a structure in the dump

Code: 
public struct Nullable<T> // TypeDefIndex: 386
{
    // Fields
    internal T value; // 0x0
    internal bool has_value; // 0x0

    // Properties
    public bool HasValue { get; }
    public T Value { get; }
...
I'm trying to reproduce it this way

Code: 
template<typename T>
struct Nullable {
    T value;
    bool has_value;
};

template<typename T>
struct Nullable2 {
    T *value;
    bool *has_value;
};
Further in the dump there is such a value

Code: 
[CompilerGeneratedAttribute] // RVA: 0x685BB8 Offset: 0x685BB8 VA: 0x685BB8
private Nullable<long> <SessionCount>k__BackingField; // 0xB0

'm trying to get the value in different ways

Code: 
long long SessionCount=*(long long*) ((uint64_t) instance + 0xB0);
Nullable<long long> SessionCount1=*(Nullable<long long>*) ((uint64_t) instance + 0xB0);
Nullable<long long> *SessionCount2=*(Nullable<long long>**) ((uint64_t) instance + 0xB0);
Nullable<long long*> SessionCount3=*(Nullable<long long*>*) ((uint64_t) instance + 0xB0);
Nullable<long long*> *SessionCount4=*(Nullable<long long*>**) ((uint64_t) instance + 0xB0);
Nullable2<long long> SessionCount11=*(Nullable2<long long>*) ((uint64_t) instance + 0xB0);
Nullable2<long long> *SessionCount22=*(Nullable2<long long>**) ((uint64_t) instance + 0xB0);
Nullable2<long long*> SessionCount33=*(Nullable2<long long*>*) ((uint64_t) instance + 0xB0);
Nullable2<long long*> *SessionCount44=*(Nullable2<long long*>**) ((uint64_t) instance + 0xB0);
The result is

Code: 
SessionCount=-9217461059952564479
SessionCount1=-9217461059952564479
SessionCount2=-9223372036845202947
SessionCount3=0x8e882701
SessionCount4=0x9211fd
SessionCount11=0x8e882701
SessionCount22=0x9211fd
SessionCount33=0x8e882701
SessionCount44=0x9211fd
I know that for standard types such options are used

Code: 
int SessionCount=*(int*) ((uint64_t) instance + 0xB0);
bool SessionCount=*(bool*) ((uint64_t) instance + 0xB0);
long long SessionCount=*(long long*) ((uint64_t) instance + 0xB0);
void *SessionCount=*(void**) ((uint64_t) instance + 0xB0);
Help with Nullable, it seems to me that I have extra * somewhere
 
Reactions: 远坂凛null

derzost2

Platinian
Original poster
Apr 15, 2022
17
3
3
31
RU
I found a solution, the problem was that I was looking at the old structure,
in the new variables are arranged differently

Code: 
public struct Nullable`1
{
    // Fields
    private readonly Boolean hasValue; // 0x0
    internal T value; // 0x0

    // Properties
    public Boolean HasValue { get; }
    public T Value { get; }

...
That's why I repeated it this way

Code: 
template <typename T>
struct Nullable {
    bool hasValue;
    T value;

    // Default constructor
    Nullable() : hasValue(false), value(T()) {}

    // Constructor with value
    Nullable(T val) : hasValue(true), value(val) {}
};
Getting, creating and changing also works fine

Code: 
Nullable<long long> SessionCountN=*(Nullable<long long>*) ((uint64_t) instance + 0xB0);

Nullable<long long> SessionCountN2 = 1501;
*(Nullable<long long>*) ((uint64_t) instance + 0xB0)=SessionCountN2;

Nullable<long long> SessionCountN3=*(Nullable<long long>*) ((uint64_t) instance + 0xB0);
 
You must log in or register to reply here.
Menu
Log in
Register