Solved Hook to the Nullable structure

derzost2

derzost2

Platinian
Original poster
Apr 15, 2022
17
3
3
31
RU
Good evening,
There is such a structure in the dump

Code: 
public struct Nullable<T> // TypeDefIndex: 386
{
    // Fields
    internal T value; // 0x0
    internal bool has_value; // 0x0

    // Properties
    public bool HasValue { get; }
    public T Value { get; }
...
I'm trying to reproduce it this way

Code: 
template<typename T>
struct Nullable {
    T value;
    bool has_value;
};

template<typename T>
struct Nullable2 {
    T *value;
    bool *has_value;
};
Further in the dump there is such a value

Code: 
[CompilerGeneratedAttribute] // RVA: 0x685BB8 Offset: 0x685BB8 VA: 0x685BB8
private Nullable<long> <SessionCount>k__BackingField; // 0xB0

'm trying to get the value in different ways

Code: 
long long SessionCount=*(long long*) ((uint64_t) instance + 0xB0);
Nullable<long long> SessionCount1=*(Nullable<long long>*) ((uint64_t) instance + 0xB0);
Nullable<long long> *SessionCount2=*(Nullable<long long>**) ((uint64_t) instance + 0xB0);
Nullable<long long*> SessionCount3=*(Nullable<long long*>*) ((uint64_t) instance + 0xB0);
Nullable<long long*> *SessionCount4=*(Nullable<long long*>**) ((uint64_t) instance + 0xB0);
Nullable2<long long> SessionCount11=*(Nullable2<long long>*) ((uint64_t) instance + 0xB0);
Nullable2<long long> *SessionCount22=*(Nullable2<long long>**) ((uint64_t) instance + 0xB0);
Nullable2<long long*> SessionCount33=*(Nullable2<long long*>*) ((uint64_t) instance + 0xB0);
Nullable2<long long*> *SessionCount44=*(Nullable2<long long*>**) ((uint64_t) instance + 0xB0);
The result is

Code: 
SessionCount=-9217461059952564479
SessionCount1=-9217461059952564479
SessionCount2=-9223372036845202947
SessionCount3=0x8e882701
SessionCount4=0x9211fd
SessionCount11=0x8e882701
SessionCount22=0x9211fd
SessionCount33=0x8e882701
SessionCount44=0x9211fd
I know that for standard types such options are used

Code: 
int SessionCount=*(int*) ((uint64_t) instance + 0xB0);
bool SessionCount=*(bool*) ((uint64_t) instance + 0xB0);
long long SessionCount=*(long long*) ((uint64_t) instance + 0xB0);
void *SessionCount=*(void**) ((uint64_t) instance + 0xB0);
Help with Nullable, it seems to me that I have extra * somewhere
 
  • Like
Reactions: 远坂凛null
derzost2

derzost2

Platinian
Original poster
Apr 15, 2022
17
3
3
31
RU
I found a solution, the problem was that I was looking at the old structure,
in the new variables are arranged differently

Code: 
public struct Nullable`1
{
    // Fields
    private readonly Boolean hasValue; // 0x0
    internal T value; // 0x0

    // Properties
    public Boolean HasValue { get; }
    public T Value { get; }

...
That's why I repeated it this way

Code: 
template <typename T>
struct Nullable {
    bool hasValue;
    T value;

    // Default constructor
    Nullable() : hasValue(false), value(T()) {}

    // Constructor with value
    Nullable(T val) : hasValue(true), value(val) {}
};
Getting, creating and changing also works fine

Code: 
Nullable<long long> SessionCountN=*(Nullable<long long>*) ((uint64_t) instance + 0xB0);

Nullable<long long> SessionCountN2 = 1501;
*(Nullable<long long>*) ((uint64_t) instance + 0xB0)=SessionCountN2;

Nullable<long long> SessionCountN3=*(Nullable<long long>*) ((uint64_t) instance + 0xB0);
 
You must log in or register to reply here.
Top Bottom