struct-offset-analyzer

Statically analyze C struct member offsets through code reading to calculate memory layouts

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "struct-offset-analyzer" with this command: npx skills add littleenough/struct-offset-analyzer/littleenough-struct-offset-analyzer-struct-offset-analyzer

struct-offset-analyzer

Statically analyze the memory offsets of C language struct members without needing to run code.

Use Cases

  • Locating struct members during reverse engineering
  • Confirming memory layouts during debugging
  • Analyzing data structures in security research
  • Understanding struct field positions in binary analysis

Workflow

1. Locate Struct Definition

# Search for struct definition
grep -n "struct xxx_st {" **/*.h
grep -n "typedef struct" **/*.h

2. Collect Type Information

Find definitions for all member types:

  • Nested structs
  • Enum types
  • typedef aliases
  • Constant definitions (e.g., #define EVP_MAX_MD_SIZE 64)

3. Calculate Alignment Rules

TypeSize (64-bit)Alignment Requirement
char/unsigned char11
short22
int/uint32_t44
long/size_t/pointer88
unsigned char[N]N1 (no padding needed)
enumusually 44
structdepends on membersaligned to largest member

Key Rules:

  • Member offset must be a multiple of its size
  • unsigned char arrays are 1-byte aligned, no padding required
  • Overall struct size is aligned to the size of its largest member
  • Padding bytes count toward offsets

4. Output Offset Table

Use hexadecimal representation for offsets, format:

| Offset(0x) | Member | Type | Size |
|------------|--------|------|------|
| 0x00 | field1 | int | 4 |
| 0x04 | *(padding)* | - | 4 |
| 0x08 | field2 | void * | 8 |

Common Search Patterns

# Find struct member definition
grep -n "struct xxx_st" **/*.h

# Find type definition
grep -n "typedef.*XXX" **/*.h

# Find constant definition
grep -n "#define.*SIZE" **/*.h

# Find enum definition
grep -n "typedef enum" **/*.h

Example: OpenSSL ssl_st Analysis

Analyzing client_app_traffic_secret member offset:

  1. Locate struct: ssl/ssl_local.h:1068
  2. Find constant: EVP_MAX_MD_SIZE = 64 (include/openssl/evp.h:19)
  3. Calculate layout, note that unsigned char arrays need no padding
  4. Result: offset 0x33c (828 bytes)

Notes

  • Confirm target platform (32-bit vs 64-bit)
  • Note that conditional compilation (#ifdef) may affect struct layout
  • Check for #pragma pack directives that may change alignment
  • Union members share the same offset

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Coding

Acmesh

A pure Unix shell script ACME client for SSL / TLS certificate automation acmesh, shell, acme, acme-challenge, acme-protocol, acme-v2, ash. Use when you need...

Registry SourceRecently Updated
1050ckchzh
Coding

Webhook Tester

Webhook testing and debugging tool. Send test webhook payloads to any URL, simulate various webhook events (GitHub, Stripe, Slack), inspect responses, and lo...

Registry SourceRecently Updated
00bytesagain
Coding

Uptime

Website and service uptime checker. Monitor URLs for availability, measure response times, check HTTP status codes, verify SSL certificates, and track uptime...

Registry SourceRecently Updated
750bytesagain
Coding

Sslgen

Self-signed SSL certificate generator. Create SSL certificates for development, generate CA certificates, create certificate signing requests, and manage dev...

Registry SourceRecently Updated
700bytesagain