C++: pointer to byte array

[deepzero]

Hi,

For some reason i cant get a pointer to the first element of a byte array, which is driving me mad.

COnsider this:

BYTE  searchpattern[] = {0x6d, 0x70, 0x6f, 0x72, 0x74};
cout << "deref: " << &searchpattern[0];

Isnt this supposed to dereference the first element of the array?

Instead it prints the whole array.

or
/>http://msdn.microsoft.com/en-us/library/hbswzcs5%28VS.80%29.aspx

BYTE* pbArr = &searchpattern[0];
cout << "asdf: " << pbArr;

same thing...

or

BYTE* pbArr = &searchpattern[0];
cout << &pbArr;

This prints a pointer to 1 dword before the actual array...

any help would be appreciated, chances are good i`m missing something obvious...

Edited August 15, 2010 by deepzero

[metr0]

Assuming A is some sort of array (note that in most contexts, type* blah and type blah[] act the same concerning usual array indirections), we got the following similarities:

// address of first element:
&a[0]// address of array variable itself:
a
&a// first element itself (indirection):
a[0]
*a// second element:
a[1]
*(a + 1)

Edited August 15, 2010 by metr0

[deepzero]

This works now:

cout  << &searchpattern << endl;

I am 100% sure i tried this, though.

Anyways, thanks a lot!

edit:

why cant i store the result in a dword variable?

DWORD tmp = &searchpattern;

wont compile:

error C2440: '=': 'BYTE (*)[5]' cant be converted to 'DWORD'.

Edited August 15, 2010 by deepzero

[CondZero]

why cant i store the result in a dword variable?

Consider the following:

typedef struct _bytetodword {
	BYTE	byte1;
	BYTE	byte2;
	BYTE	byte3;
	BYTE	byte4;
} bytetodword;
bytetodword	btodw;BYTE  searchpattern[] = {0x6d, 0x70, 0x6f, 0x72, 0x74}btodw.byte1 = (byte)&searchpattern[0];
btodw.byte2 = (byte)&searchpattern[1];
btodw.byte3 = (byte)&searchpattern[2];
btodw.byte4 = (byte)&searchpattern[3];DWORD tmp = &btodw;

[deepzero]

I know you cant store 5 bytes in a DWORD, but i was under the impression that i stored the address of the 5-bytes-array in that DWORD.

cout << &searchpattern;

outputs, on my machine: 0012FF6C which is the address of the array.

I am now trying to store that address in a DWORD, which should be possible.

ie, i was hoping that after executing DWORD tmp = &searchpattern; the dword tmp would hold the address of the array, 0012ff6c.

edit:

I got it!!!

Will post what exactly i wanted to do & did later.

Edited August 15, 2010 by deepzero

[metr0]

DWORD WhyOEver = (DWORD)&searchpattern;

Is that what you want? For pointer safety regarding a future x64-compliant version, try considering ULONG_PTR instead.

[ghandi]

BYTE  searchpattern[] = {0x6d, 0x70, 0x6f, 0x72, 0x74}; 
cout << "deref: " << &searchpattern[0];

Can't output bytes directly, you need to format them as text

BYTE  searchpattern[] = {0x6d, 0x70, 0x6f, 0x72, 0x74}; 
CHAR  tempstring[32];sprintf( tempstring, "%08X", &searchpattern[0] );
cout << "address of byte: " << tempstring;sprintf( tempstring, "%02X", searchpattern[0] );
cout << "deref: " << tempstring;

HR,

Ghandi

Edited August 16, 2010 by ghandi

[T-rad]

why cant i store the result in a dword variable?

DWORD tmp = &searchpattern;

you can

DWORD tmp = *(DWORD*)&searchpattern[0];

if you want to search a byte array for dword

//eax= ??

DWORD tmp = *(DWORD*)&searchpattern[eax*4];

[why06]

I just wanted to add one thing:

This

cout << "deref: " << &searchpattern[0];

is the same thing as

cout << "deref: " << searchpattern;

As the address of the first element is the same thing as the char* searchpattern itself. Also in almost all cases of working with output a simple cast would help you greatly. For instance (int) if you want it to interpret your address as a number and escape characters to change the base \h for hex \d for decimal, etc.