Collectives™ on Stack Overflow

Find centralized, trusted content and collaborate around the technologies you use most.

Teams

Q&A for work

Connect and share knowledge within a single location that is structured and easy to search.

Technically both are pointers when passed in their respective function calls like such: (cross platform different function calls)

if os.name == 'posix':
    string = 'abc'
    libc = ctypes.CDLL('libc.so.6')
    # creating a pointer pointing at our string
    s_ptr = ctypes.c_char_p(string)
    # allocating free space
    free_space_ptr = ctypes.c_void_p(libc.valloc(ctypes.c_int(len(string))))
    # copying memory from one loc to another
    ctypes.memmove(free_space_ptr, s_ptr, ctypes.c_int(len(string)))
else:
    string = 'abc'
    # allocating free space
    free_space_ptr = ctypes.windll.kernel32.VirtualAlloc(...)
    # creating a pointer pointing at our string?
    buffer = (cytpes.c_char_p * len(string))).from_buffer(string)
    # copying memory from one loc to another
    ctypes.windll.kernel32.RtlMoveMemory(ctypes.c_void_p(free_space_ptr), buffer, ctypes.c_int(len(shellcode)))
My Question is: 
The two function calls (both memmove, and RtlMoveMemory) take in two pointers ==> destination, source, and then the last param is the length to copy. 
What is the difference in the two ways of getting a pointer that points to our string?:
Using ctypes.c_char_p(string)
Using ctypes.c_char.from_buffer(string)
                One difference is ctypes.c_void_p('abc') doesn't work :^)  I don't see the point of this code.  I think create_string_buffer() would do the same thing as this OS-specific code.
– Mark Tolonen
                May 30, 2018 at 4:54
                Oh yeah it should be ctypes.c_char_p(string), fixed in the edit. But do you think if these ways can be used on the other platform? eg. Using ctypes.c_char_p(string) and passing it into the ms api RtlMoveMemory function as the source param, I wonder if that will work...
– 0x5929
                May 30, 2018 at 5:16
                thanks btw @Mark, just cant upvote b/c not enough reps, but yeah create_string_buffer() would also be a great way to create a buffer of  char pointer which is just a char array.
– 0x5929
                May 30, 2018 at 5:23
wouldn't work because the from_buffer method accepts a param that is an array of bytes, so I would need to convert string into array of bytes first like such: 
buf = bytearray(string)
ptr = ctypes.c_char.from_buffer(string)
now both returned results of: 
ctypes.c_char_p(string)
ctypes.c_char.from_buffer(buf)
can be used in memory copying operation function calls like: 
ctypes.memmove for linux 
RtlMemoryMove for windows 
        
Thanks for contributing an answer to Stack Overflow!
Please be sure to answer the question. Provide details and share your research!
But avoid …
Asking for help, clarification, or responding to other answers.
Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.