Pointers periodically changing addresses during game

MistahIncognito

What is cheating?
May 10, 2018
3
0
1
#1
Something I have recently noticed as I got back into toying around with making my own tables is that I have a few particular pointers that while stable seem to occasionally change the address their are pointing to and then back to the address I need.



If you notice the Vitality and Vigor pointers at the top they will occasionally change the address they are pointing to and then back to the correct one. I thought this a little odd, but the pointers themselves are otherwise stable across numerous game launches. Would anyone be able to explain to me what's going on here and if it is a problem that I can correct?
 

SunBeam

RCE Fanatics
Talents
Fearless Donors
Feb 4, 2018
743
394
63
#2
That's what happens when you wrongly consider Pointer Scan to be the solution for your troubles. I keep telling people to verify their pointers, that they are being used by the game engine and not some temporary storage for operations. No one listens. Just simply scan for a pointer, find one that's convenient at a given moment in time, then whine "they change" :) Of course it may happen. Find a proper one and it won't. Additional question: are you 100% sure the list you're showing above works for another person on their PC/OS? Think of that.
 

MistahIncognito

What is cheating?
May 10, 2018
3
0
1
#3
d a proper one and it won't. Additional question: are you 100% sure the list you're showing above works for another person on their PC/OS? Think of that.
Thank you for letting me know that's what happens when you're using a pointer in temporary storage. I will continue to refine my pointers or attempt to switch to an aob scan. In this particular case it worked on three individual systems. I wasn't so much as whining that they are changing. I was more curious why so that I could better refine my table. I have seen bad pointers stop functioning from time to time. I just had never seen them "blink" like that before so I figured I'd ask the more knowledgeable.

Edit:
In case it's not apparent, the address of the first pointer is going from P->48151808 to P->???????? to P->48151808. The gif is looping, but you are actually seeing the address stop resolving and resolve again.
 

SunBeam

RCE Fanatics
Talents
Fearless Donors
Feb 4, 2018
743
394
63
#4
The "blink" effect is the memory spot used as a temporary container for swapped addresses (XCHG [src],dest; or just temp MOV [addr],val). Try debugging the location and see what writes to it and where it happens, if you're interested.

Else, just find a stable pointer and debug each level of it, starting from base. And when I say 'debug each level', I mean add to list each address you see when you open up the pointer tree. Then manually "find out what accesses this" and make sure there isn't any instruction that shows variability (such as MOV EAX,[ECX+ESI*4+8]). If that's the case, you don't have a working pointer, as that level of the pointer relies on a dynamic offset, which changes based on certain engine rules (e.g.: ESI can be 1 in first map, can be 2 on second map, etc.; so your pointer level will shift every 4 bytes, as you change game maps; just an example).

How's that for knowledge? :)

Edit:
In case it's not apparent, the address of the first pointer is going from P->48151808 to P->???????? to P->48151808. The gif is looping, but you are actually seeing the address stop resolving and resolve again.

As I mentioned, it's not a good pointer for you to use; there's no "fix"; discard it and find a stable one.
 

MistahIncognito

What is cheating?
May 10, 2018
3
0
1
#5
That's some incredibly helpful knowledge, and it very much points me in the right direction to better understand things.
 
Top Bottom