Trouble with address compare

Memory scanning, code injection, debugger internals and other gamemodding related discussion
Post Reply
Fruitpunch
Cheater
Cheater
Posts: 34
Joined: Sat Sep 09, 2017 1:07 pm
Reputation: 1

Trouble with address compare

Post by Fruitpunch »

Hello,



I hope someone with more experience could shed some light on why this piece of code is not working.



[CODE]

newmem:

cmp rdx,6

jne originalcode

mov [rbx+00000100],(float)100.0

jmp exit



originalcode:

movss [rbx+00000100],xmm2

[/CODE]



Is address not just an int value? The reason why I am asking is because the address in [rbx+00000100] does not get the 100 it's supposed to. Actually whatever is in there get's completely depleted. I had a similar experience when I was using cmp with floating point values. So is it incorrect to use cmp here or might there be another problem?

User avatar
FreeER
Expert Cheater
Expert Cheater
Posts: 116
Joined: Fri Mar 10, 2017 7:11 pm
Reputation: 28

Trouble with address compare

Post by FreeER »

that code is correct as long as rbx+100 is used as a float, which it is in the originalcode: section. (and of course that you want it to run when rdx is 6)



comparing floats is generally wrong in Computer Science unless you know the _exact_ value due to the inherent inaccuracy of trying to store an infinite number of decimal values in a finite binary format (you typically subtract them and compare the absolute value of that to some epsilon depending on what size value you expect them to have and how much accuracy you want). When you do know the exact value (because the code clamps the value to the min/max or only uses whole numbers etc.) then it works fine as long as you use (float) so it's comparing two floats (as integers because that's how [icode]cmp[/icode] is implemented but that's fine binary would match even if the represented values don't).



set a breakpoint and step through the code (note that you won't see 100 in memory unless you change it to show floats rather than bytes/ints because it's not 100 as an int)
Last edited by FreeER on Mon Jul 02, 2018 6:43 pm, edited 1 time in total.

User avatar
koderkrazy
Expert Cheater
Expert Cheater
Posts: 254
Joined: Sun Jun 17, 2018 2:14 pm
Reputation: 190

Trouble with address compare

Post by koderkrazy »

[QUOTE="Fruitpunch, post: 50810, member: 8443"]

the address in [rbx+00000100] does not get the 100 it's supposed to. Actually whatever is in there get's completely depleted.[/QUOTE]

could you post screen shot where you see the depleted value?

I mean where do you get to know the value is not correct. In memory view, in main CE window, in watchlist while debugging?

User avatar
SunBeam
Administration
Administration
Posts: 4704
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4287

Trouble with address compare

Post by SunBeam »

You are not storing/restoring [B]flags[/B]. If writing raw float to your address does nothing, it's probably due to executable code taking another branch due to ZF being changed by the CMP. Do it like this:

[code]newmem:

pushf

cmp rdx,6

jne originalcode

popf

mov [rbx+00000100],(float)100.0

jmp exit



originalcode:

popf

movss [rbx+00000100],xmm2[/code]

See if it makes a difference :)

Fruitpunch
Cheater
Cheater
Posts: 34
Joined: Sat Sep 09, 2017 1:07 pm
Reputation: 1

Trouble with address compare

Post by Fruitpunch »

You were 100% correct SunBeam! Thank you very much.



This flag part is completely new to me. Know any place where I could learn some more?

Post Reply

Who is online

Users browsing this forum: No registered users