# Thread: I dont understand this code

1. ## I dont understand this code

I saw this code in a book, and I dont understand what it tries to do?

Code:
```char code[] = "\x5e\xff.....\x8d";

int main() {
int *var;
var = (int *) &var + 2;
(*var) = (int)code;
}```
'*var' is a pointer and 'code' is an array. It is ok. but what is that '(int *) &code'. What he or she tries to do. What this line means?
i) &var is an address, what is (int *)&var ?
ii) and how can it be possible that (*var) = (int)code; I think it is like code below
Code:
```int main() {
int *ptr;
*ptr = 5;
}```
I would be grateful if you could help me.

2. The code seems to be from a chapter for the introduction of pointers and typecasting.

1) The var variable points to an integer.
2) The value of var is its present location + 2
3) The (int *) means that the value must be typecast to an integer pointer.
4) *var = (int)code means the value that var points to is the value of address of first byte of code that is code[0]. As var is a pointer to an int, we cannot write *var = code.

To make things more clear, type in the following printf statements before the closing brace

printf("The address of var is %u\n", &var);
printf("The value at var is %u\n", var);
printf("The value of *var is %u\n", *var);
printf("The value of code is %u\n", &code[0]);

Hope that helps.

3. looks to me like the first example is way to hack something onto the stack by pointing at the stack location 2 past 'var' and then writing the address of 'code' into it.

4. Originally Posted by Hyberboloid
I saw this code in a book, and I dont understand what it tries to do?

Code:
```char code[] = "\x5e\xff.....\x8d";

int main() {
int *var;
var = (int *) &var + 2;
(*var) = (int)code;
}```
'*var' is a pointer and 'code' is an array. It is ok. but what is that '(int *) &code'. What he or she tries to do. What this line means?
i) &var is an address, what is (int *)&var ?
ii) and how can it be possible that (*var) = (int)code; I think it is like code below
Code:
```int main() {
int *ptr;
*ptr = 5;
}```
I would be grateful if you could help me.
This is a buffer exploit... it takes a variable's address from the stack, uses that to discover the return address of the function, resets the return address to the address of the char buffer... then when the function returns, it will actually execute the code in the buffer.

This is the stuff of virus and trojan... and it's not something you want to be messing with. If there is such a thing as illegal code... that's it!

5. Given that explanation, I doubt the code was found "in a book". Unless it was in the programmer’s equivalent of Anarchist's Cookbook.

6. Rule 6
Announcements - C Programming

We're not interested in helping stack smashers, shell coders and other miscreants.