C# passing a pointer problem

[streppel]

Hey all,
i'm still writing my bot, but now found a little problem:
i'm trying to call a native method that expects free memory to write a vector<T> inside it.
so i tryed this:

Code:

                    IntPtr memory = Marshal.AllocHGlobal(2000*8);
                                                
                    ptrtoparse = _myMethodHandler(SomeInstancePointer, memory);

the Method handler points to the correct method,has the right signature etc.

My problem now is,even tho is sounds stupid, that if i run it this way and set a breakpoint on the native method to see the stack i can see,that i get a pointer to a pointer to the free memory
[[PASSEDVALUE]] would be where the free memory is then.

so i tryed to fix this by reading from the "memory" variable first via marshalling or WhiteMagic,but it didn't make any difference.
i'm on this stupid problem all day now and i'm happy that i finally nailed it down to what's wrong,but can't really find how i could solve this.


Thanks for your help as always,and while i'm at it, thanks for all the amazing stuff posted in this section(shynds blackmagic,apocs whitemagic,apocs domainmanager just for the things i use in this project) aswell as providing good feedback

[DrakeFish]

Can you post what your handler signature looks like? AllocHGlobal should give you a direct pointer to the area. This should work unless your signature/convention is wrong or there is something somewhere not working as expected.

[streppel]

[UnmanagedFunctionPointer(CallingConvention.ThisCall)]
public delegate IntPtr methodname(IntPtr instance, IntPtr vectoraddr);
this is my signature

void __thiscall methodname(class std::vector<class SomeClass, class std::allocator<class SomeClass>> &)const
this is what ida says

it returns 4 bytes(last statement is ret 4), so the void is wrong and it sould be an IntPtr,right(i'm on x86,the game itself is x86 too)

[Bananenbrot]

[UnmanagedFunctionPointer(CallingConvention.ThisCall)]
public delegate IntPtr methodname(IntPtr instance, IntPtr vectoraddr);
this is my signature

void __thiscall methodname(class std::vector<class SomeClass, class std::allocator<class SomeClass>> &)const
this is what ida says

it returns 4 bytes(last statement is ret 4), so the void is wrong and it sould be an IntPtr,right(i'm on x86,the game itself is x86 too)

IDA says that methodname is a thiscall with 1 parameter, the actual vector<SomeClass> instance.
Also, ret 4 means that before jumping back to the calling function, the stack pointer is adjusted by 4 bytes if the callee is responsible (e.g. stdcall, fastcall and specifically thiscall in MSVC). It has nothing to do with the function returning a value.
Are you sure about your IDA signature? As long as this is MSVC compiled, at least another 4 byte parameter is passed. That would actually closer match your delegate signature and your posted IDA signature is wrong.

[streppel]

I am sure
i now fixed it by creating a struct that consists of 4 IntPtrs, cause that's more or less what i'll get back(4 empty bytes,4 with the adresse where to start reading,4 with the adresse where to end it,and what the last 4 stand for i don't know yet,but also didn't need yet )
still i should be able to pass a pointer to the allocatedmemory,not?

[_Mike]

I am sure
i now fixed it by creating a struct that consists of 4 IntPtrs, cause that's more or less what i'll get back(4 empty bytes,4 with the adresse where to start reading,4 with the adresse where to end it,and what the last 4 stand for i don't know yet,but also didn't need yet )
still i should be able to pass a pointer to the allocatedmemory,not?

Yes you should. Although I would assume that the state of the vector "object" you pass in matters.
IntPtr's default constructor initializes it to 0 so the STL sees your struct as an empty vector and allocates a new buffer as needed.
AllocHGlobal() does no initialization of the allocated memory so you could end up with anything from a no-op because the vector is in an invalid state, to a crash because the vector tries to write to memory it doesn't own.
Try zeroing the memory before you call the delegate to see if it makes a difference.

Also note that since you are side stepping the RAII design of std::vector you will have memory leaks, both from the vector itself and quite possibly it's SomeClass instances as well.
And since the vector's members are just a few pointers allocating 16000 bytes is an excessive amount of memory

[namreeb]

Rather than dealing with the internals of the STL containers, I have found it to be more simple to wrap them in a C++/CLI project. Then you can expose the actual types to your C# application.

[_Mike]

Yes you could do that but technically you'd still have to mess with the object internals in a way since the STL doesn't specify an ABI.
It's fine if you compile all the code yourself, or know that it's all compiled from the same STL implementation, or else you'd have to make sure your object members and calling conventions and such all match the target's.
But yes, some kind of wrapper is definitely the way to go here. At the very least you should implement automatic object destruction.

Edit: the above is also why you shouldn't pass STL objects across DLL boundaries if you don't have control over both or you can't be sure that they are using the same STL impl.
In MSVC even mixing the debug and release STL can be very bad in some instances.

[streppel]

As i don't have control about the c++ side of this, i think i'll just stick to using my 4 intptr struct. It works this way in every occasion,so i think it's ok to do this(and the game keeps working too,so no problem there )

next big thing i'm gonna do after this thing runs,is to learn c++ finally. i already learned lots of it via reversing,but that's just the basic things. and it's industry standard,so i'll have to learn it anyway if i want to get a good job later

still thank you very much for your help