Resetting a value after disabling script

[TimFun13]

Keep it simple and stupid:

push r14
mov [r14],YourValue
comiss xmm6,[r14]
pop r14

Done.

But if r14 is the registry that holds the address for the game value, why push and pop it, I read that code and the push and pop seem to be pointless?

I read it like this.

push r14 registry to stack
never write to to the registry it self, but write the the address stored at the registry.
compare the address stored at the registry, to the xmm6 registry.
Then pop r14 registry from the stack.

So why the push and pop, and what about the flags in question?

[Blayde]

I read that code and the push and pop seem to be pointless?

Try without push/pop and you'll see.

..... what about the flags in question?

The question is:
Resetting a value after disabling script.

push r14
mov [r14],YourValue
comiss xmm6,[r14]
pop r14

The value is restored after cmp or disabling the script.
I can not help without the original assembly code.
I'am done here. Peace

[TimFun13]

I read that code and the push and pop seem to be pointless?

Try without push/pop and you'll see.

..... what about the flags in question?

The question is:
Resetting a value after disabling script.

push r14
mov [r14],YourValue
comiss xmm6,[r14]
pop r14

The value is restored after cmp or disabling the script.
I can not help without the original assembly code.
I'am done here. Peace

The pop will restore the registry but not the value at the address, and this will do nothing on disabling.

And I don't have the code I was helping the OP, but this works fine with out the push and pop, they do nothing in this case because r14 is never written to.

And you said to push the flags not me. So again what about the flags in question?

[Blayde]

The pop will restore the registry but not the value at the address, and this will do nothing on disabling.

I'll keep that in mind. Goodbye.

[Fruitpunch]

Code: Select all

[ENABLE]
alloc(newmem,2048,"something.exe"+5000000)
globalAlloc(storedvalue, 8)
label(stored)
label(returnhere)
label(originalcode)
label(exit)

newmem:
	mov [storedvalue],(float)1.4
	cmp  [storedvalue+4],0
	jne stored
	        push eax
	        mov eax,[r14]
        	mov [storedvalue+4],eax
	        pop eax
        stored:
	mov [r14],(float)1

	originalcode:
		comiss xmm6,[r14]

	exit:
	jmp returnhere


"something.exe"+5000000:
	jmp newmem
	nop
	nop
	nop
	returnhere:

[DISABLE]
dealloc(newmem)
"something.exe"+5000000:
	comiss xmm6,[r14]
	//Alt: db 41 23 7B B6 6E 03 00 00

luaCall(writeFloat('[storedvalue]', '[storedvalue+4]'))

Yeah, I think you understood quite right ShyTwig16.

The code looked promising but unfortunately it doesn't work.
Look, if this is not simple to do then just say it and maybe I'll combine scripts to get it working the way I want.

[TimFun13]

So first off I forgot to put in a "readFloat" call, and I used the wrong pointer size (32 not 64) sorry for that.
And then you are not storing the address, just float values, you need to store the address

Code: Select all

[ENABLE]
alloc(newmem,2048,"something.exe"+5000000)
globalAlloc(storedvalue, 8)
label(stored)
label(returnhere)
label(originalcode)
label(exit)

newmem:
	mov [storedvalue],(float)1.4 // this is way it doesn't work the address needs to be stored here
	cmp  [storedvalue+4],0
	jne stored
	        push eax
	        mov eax,[r14]
        	mov [storedvalue+4],eax
	        pop eax
        stored:
	mov [r14],(float)1

	originalcode:
		comiss xmm6,[r14]

	exit:
	jmp returnhere


"something.exe"+5000000:
	jmp newmem
	nop
	nop
	nop
	returnhere:

[DISABLE]
dealloc(newmem)
"something.exe"+5000000:
	comiss xmm6,[r14]
	//Alt: db 41 23 7B B6 6E 03 00 00

luaCall(writeFloat('[storedvalue]', '[storedvalue+4]'))

Here you are writing to what ever float 1.4 is in hex in the Lua call to writeFloat.

So try this:

Code: Select all

[ENABLE]
alloc(newmem,2048,"something.exe"+5000000)
globalAlloc(storedvalue, C)
label(stored)
label(returnhere)
label(originalcode)
label(exit)

newmem:
	mov [storedvalue],r14 // here the address is stored so you can access it in the disable section
	cmp  [storedvalue+8],0
	jne stored
	        push eax
	        mov eax,[r14]
        	mov [storedvalue+8],eax
	        pop eax
        stored:
	mov [r14],(float)1

	originalcode:
		comiss xmm6,[r14]

	exit:
	jmp returnhere


"something.exe"+5000000:
	jmp newmem
	nop
	nop
	nop
	returnhere:

[DISABLE]
dealloc(newmem)
"something.exe"+5000000:
	comiss xmm6,[r14]
	//Alt: db 41 23 7B B6 6E 03 00 00

luaCall(writeFloat('[storedvalue]', readFloat('[storedvalue+8]')))
// writeFloat({ address to write to }, { value to write })
//readFloat({ address to read from })

So the Lua call at the end of Disable, writes to the address stored at "storedvalue", and writes the value stored at "storedvalue+8".

You can even add "[storedvalue]" (8 byte as hex) and "[storedvalue+8]" (float) as addresses to the address list to help in debugging.

[Fruitpunch]

Sheesh, I had to make the example too simple.

There's an added twist. What if the register has an offset, how do I deal with that?

Code: Select all

[ENABLE]
alloc(newmem,2048,"something.exe"+5000000)
globalAlloc(storedvalue, 12)
label(stored)
label(returnhere)
label(originalcode)
label(exit)

newmem:
	mov [storedvalue],r14
	cmp  [storedvalue+8],0
	jne stored
	        push eax
	        mov eax,[r14+2FC]
        	mov [storedvalue+8],eax
	        pop eax
        stored:
	mov [r14+2FC],(float)1

	originalcode:
		comiss xmm6,[r14+2FC]

	exit:
	jmp returnhere


"something.exe"+5000000:
	jmp newmem
	nop
	nop
	nop
	returnhere:

[DISABLE]
dealloc(newmem)
"something.exe"+5000000:
	comiss xmm6,[r14+2FC]
	//Alt: db 41 23 7B B6 6E 03 00 00

luaCall(writeFloat('[storedvalue]', readFloat('[storedvalue+8]'))) 
//so the (address to write to) would be r14+2FC

[TimFun13]

With the Lua call you can just put that in, but the "storedvalue" is a pointer that you create, so "[storedvalue]+2FC".
This is because in storing the address (or base) of the value, at the address of "storedvalue"; it becomes a base with a first offset of 0 to get to the base address, of the values address.

And just to be as clear as I can, the Lua call at the end of the disabled section needs to be:

Code: Select all

luaCall(writeFloat('[storedvalue]+2FC', readFloat('[storedvalue+8]'))) 

[Fruitpunch]

Alright, thank you very much for your help ShyTwig16, this has cleared some things that were confusing.

There's still a tiny problem though.

I tried to attach a snapshot but kept getting an extension error so you'll just have to believe me.

The address being changed: A0438F0C

After enabling script:
storedvalue = 2688781328 = A0438C10
storedvalue+8 = (float)1.4

After disabling script the value in address A0438F0C becomes 0.

This is exactly what I used:

Code: Select all

luaCall(writeFloat('[storedvalue]+2FC', readFloat('[storedvalue+8]')))

[TimFun13]

It doesn't need the brackets in read float because the address to read is "storedvalue+8", sorry stupid mistake on my part. I bet if you had put in "[storedvalue+8]" as an address you would have seen a "0", maybe "??". Just change it to this.

Code: Select all

luaCall(writeFloat('[storedvalue]+2FC', readFloat('storedvalue+8')))

Well maybe one of these days I might actually help some one? Hope my errors don't add to confusion or aggravation to much, but you can add the addresses as they are in the Lua call in-between the quotations and see where they are pointing to, just to double check at this point (this is where I might have seen my error, hah maybe?).

[Fruitpunch]

Well, you did help me so thanks a million!
Also giving confirmation that the code works now.