Page 1 of 1

what does j stand for?

PostPosted: Fri Aug 30, 2019 6:16 pm
by Chr1sPwn3d
n_entries = *(_DWORD *)(shmem_ptr + 0x14);
void* resource = NULL;
size_t total_resources = 0;
input = (struct input*)shmem_ptr;
struct sub_desc* desc = &input->descs[0];
for (i = 0; i < n_entries; i++) {
for (int j = 0; j < desc->n_sub_entries; j+) {

int err = IOAccelShared2::lookupResource(ioaccel_shared,
if (err) {
goto fail;

unsigned short flags = desc->flags[j];

if (flags_invalid(flags)) {
goto fail;
resources_buf[total_resources++] = resource;

I saw this in Ian Beer's recent write-up about the exploit-chains, and got stuck reading this when I saw that j was created in the for statement ( for (int j = 0; j < desc->n_sub_entries; j+) ) , but just not sure what it's used for. Apologies if this is really simple.

This is the link to the write-up im reading (where the code is from) : ... ain-1.html

Re: what does j stand for?

PostPosted: Wed Sep 04, 2019 6:20 pm
by morpheus
J is my first name initia :-).

But your j stands for the sub descriptors - the sub entries in the sub descriptor. Note he shows code iterating the i index up to n_entries, and j up n_sub_entries, which is the green "u16" in his illustration (shown here too). This iterates over the res_ids, which are then handed to IOAccelShared2::lookupResource.