C++ code

C++ is very popular and adds a layer of complexity.

• A program doesn’t have functions, has methods.

• Methods have a shared context (the object).

• Methods can be overridden due to inheritance.

• This pointer commonly allows access to data outside the function stack.

• Contructors, new…?

• Strings are complex objects.

this pointer

• The “this” pointer plays a crucial role in the identification of C++ sections in the assembly code. It is initialized to point to the object used, to invoke the function, when it is available in non-static C++ functions.

Vtables.

• Eases runtime resolution of calls to virtual functions.

• The compiler generates a vtable containing pointers to each virtual function for the classes which contain virtual functions.

Constructors and destructors.

• A member function initializes objects of a class and it can be identified in assembly by studying the objects in which it’s created.

Runtime Type Information (RTTI).

• Mechanism to identify the object type at run.

• These keywords pass information, such as class name and hierarchy, to the class.

Structured exception handling (SEH).

• Irregularities in source code that unexpectedly strike during runtime, terminating the program.

• SEH is the mechanism that controls the flow of execution and handles errors by isolating the code section where the unexpected condition originates.

Inheritance.

• Allows new objects to take on existing object properties.

• Observing RTTI relationships can reveal inheritance hierarchy.

A simple hello world