code injection works sometimes, replace with code does nothing works well

[handlingcfg]

i have assasins creed origins v1.21 i use two differet table contents for infinite health, teleport vs. plus i need code for infinite arrows

i found code that decreases my arrows, my problem is when i click codelist and replace code does nothing it works fine, but when i use auto assemler or aob assembler for table script it crashes game randomly. code that decreases my arrows is

"ACOrigins.exe"+1BE2C3F: 44 89 07 - mov [rdi],r8d

if i add inc [rdi] after or inc r8d before it generally crashes, sometimes works, but if i dsiable-re enable script it definitely crashes
and addition, same code used for trading in game maybe something else too,


my injection point is few code sooner , it works more stable but not fully stable.
why is my code injection works with problem but replace code does nothing works wery well?

my basic code is

[ENABLE]
aobscanmodule(INJECT,ACOrigins.exe,1F 44 8B 07 45 3B E8) // should be unique
alloc(newmem,$1000,"ACOrigins.exe"+1BE2C2F)

label(code)
label(return)

newmem:

code:
inc [rdi]**************************************only add this
mov r8d,[rdi]
cmp r13d,r8d
jmp return

INJECT+01:
jmp newmem
nop
return:
registersymbol(INJECT)

[DISABLE]

INJECT+01:
db 44 8B 07 45 3B E8

unregistersymbol(INJECT)
dealloc(newmem)



{
// ORIGINAL CODE - INJECTION POINT: "ACOrigins.exe"+1BE2C2F

"ACOrigins.exe"+1BE2C0D: 48 8B 42 08 - mov rax,[rdx+08]
"ACOrigins.exe"+1BE2C11: 48 8B CD - mov rcx,rbp
"ACOrigins.exe"+1BE2C14: 48 8B 12 - mov rdx,[rdx]
"ACOrigins.exe"+1BE2C17: 48 C1 E0 20 - shl rax,20
"ACOrigins.exe"+1BE2C1B: 48 C1 F8 3F - sar rax,3F
"ACOrigins.exe"+1BE2C1F: 48 23 D0 - and rdx,rax
"ACOrigins.exe"+1BE2C22: 48 83 C2 58 - add rdx,58
"ACOrigins.exe"+1BE2C26: E8 A5 80 FF FF - call ACOrigins.exe+1BDACD0
"ACOrigins.exe"+1BE2C2B: 84 C0 - test al,al
"ACOrigins.exe"+1BE2C2D: 75 1F - jne ACOrigins.exe+1BE2C4E
// ---------- INJECTING HERE ----------
"ACOrigins.exe"+1BE2C2F: 44 8B 07 - mov r8d,[rdi]
"ACOrigins.exe"+1BE2C32: 45 3B E8 - cmp r13d,r8d
// ---------- DONE INJECTING ----------
"ACOrigins.exe"+1BE2C35: 41 8B C0 - mov eax,r8d
"ACOrigins.exe"+1BE2C38: 41 0F 46 C5 - cmovbe eax,r13d
"ACOrigins.exe"+1BE2C3C: 44 2B C0 - sub r8d,eax




"ACOrigins.exe"+1BE2C3F: 44 89 07 - mov [rdi],r8d******************** actual code that decreases my arrows



"ACOrigins.exe"+1BE2C42: 75 0A - jne ACOrigins.exe+1BE2C4E
"ACOrigins.exe"+1BE2C44: 8B D6 - mov edx,esi
"ACOrigins.exe"+1BE2C46: 49 8B CF - mov rcx,r15
"ACOrigins.exe"+1BE2C49: E8 72 06 00 00 - call ACOrigins.exe+1BE32C0
"ACOrigins.exe"+1BE2C4E: 48 8B 4D 38 - mov rcx,[rbp+38]
"ACOrigins.exe"+1BE2C52: 48 85 C9 - test rcx,rcx
}

[Xblade Of Heaven]

is a bug on ce 6.8.3. is fixed on ce 7.0 rc 3, the problem is when enable the script add incorrect bytes and game instacrash...

[DrummerIX]

it could be doing 14 byte jumps instead of 5 byte because of memory issues and causes it to crash

[Xblade Of Heaven]

yes on ce 7.0 is fixed.

[JohnFK]

yes on ce 7.0 is fixed.

Which commit fixed it?

[SunBeam]

AC Origins and Odyssey are known to be behave like that. It's mostly due to Denuvo. Why isn't anyone checking out WTF I do in my tables? I'm using a code cave in .exe's PE header (ModuleBase + 0x500). Just do "fullAccess(ACOrigins.exe+500)" and use that instead of "alloc(bla)". Why.. cuz alloc(bla) will allocate an address far from your game module, thus what DrummerIX said will happen -> JMP Hook = 14 bytes instead of 5 bytes. It's funny how people are used to x86 (be it they know or not) and act like x64 is done identically...

P.S.: Nothing to do with any CE fixes.

[handlingcfg]

AC Origins and Odyssey are known to be behave like that. It's mostly due to Denuvo. Why isn't anyone checking out WTF I do in my tables? I'm using a code cave in .exe's PE header (ModuleBase + 0x500). Just do "fullAccess(ACOrigins.exe+500)" and use that instead of "alloc(bla)". Why.. cuz alloc(bla) will allocate an address far from your game module, thus what DrummerIX said will happen -> JMP Hook = 14 bytes instead of 5 bytes. It's funny how people are used to x86 (be it they know or not) and act like x64 is done identically...

P.S.: Nothing to do with any CE fixes.

thanks for info,
im amateur, i'm improving myself step by step, for now, even if i look your cheats i wouldnt understand what you are doing
when i learn enough i will look for the more advanced things like your methods etc.