Cheat Engine

vng21092 · Posted: Sat May 02, 2015 6:05 pm Post subject: Push/Pop causing crash?

So I'm working on my inventory editor for State Of Decay: Year One and I ran into a problem. I was able to write a script to modify the inventory, and that works great, but the thing is when I add things into my inventory, it pops up with a quantity of 0, which kinda means it doesn't REALLY exist. So I've found the instruction that controls the quantity, great, I basically try to do a copy and paste of the inventory editor since it is kinda the same thing. Here's the gist of the inventory editor, this script is meant to retrieve the current inventory so when you modify it, you won't lose what you had.

justa_dude · Posted: Sat May 02, 2015 6:52 pm Post subject:

Most instructions will infer 32-bit operands when operating on 32-bit registers. The byte ptr tells the assembler that you're working with a one-byte value.

Not sure why you're crashing, but it's weird that you're pushing and popping instead of just moving from register to mem.

vng21092 · Posted: Sat May 02, 2015 6:57 pm Post subject:

you mean like "mov iqe_slot1,[eax]"? I get a compile error. Maybe I'm doing it wrong? How is it suppose to be done?

Geri · Moderator Reputation: 111 Joined: 05 Feb 2010 Posts: 5627

Probably an access violation, because

movzx eax,byte ptr [eax+ebx]

You have moved the value to eax and then you do

push [eax]

At that point, eax is not an address, but a value from 0 to 255 and that will obviously crash the game.

When you have no idea why is your code crashing, use break and trace to debug it and check the trace log to see what went wrong.

vng21092 · Posted: Sat May 02, 2015 7:46 pm Post subject:

I thought "mov" simply copied the value from the second operand to the first? Anyhow, how would I fix this?

Geri · Moderator Reputation: 111 Joined: 05 Feb 2010 Posts: 5627

Yes, it does, and that code is overwriting eax with [eax+ebx].

Eg

mov eax,[eax]

is a valid code and it's overwriting eax with [eax].

Just store [eax+ebx] before it's overwritten. Right before the movzx eax,byte ptr [eax+ebx] instruction.

vng21092 · Posted: Sat May 02, 2015 7:57 pm Post subject:

hmm tried it, still crashing Rolling Eyes

time to go fishing...

Geri · Moderator Reputation: 111 Joined: 05 Feb 2010 Posts: 5627

Ok, then do the trace and see what happens. Even if the game will crash, the trace log will be available with every data and you can see what happened.

Zanzer · Posted: Sat May 02, 2015 8:44 pm Post subject:

Are you trying to store the actual quantity value?
Or the game address containing the quantity?
Also, did you declare iqe_slot1 as a 1 byte field?

Are you sure what you want isn't:

vng21092 · Posted: Sat May 02, 2015 9:00 pm Post subject:

I want to store the value, I originally declared iqe_slot1 with "dd", switched it to "db" and still crashed, and with your piece of code above I get this

Just out of curiosity, what can I do by storing the address?

Zanzer · Posted: Sat May 02, 2015 9:03 pm Post subject:

Sounds like you didn't register the variable name... or alloc it.

vng21092 · Posted: Sat May 02, 2015 9:13 pm Post subject:

nope, its definitely registered... here it is in all its non-working glory

Geri · Moderator Reputation: 111 Joined: 05 Feb 2010 Posts: 5627

eax is a 32-bit register. byte ptr is not working if you are trying to read eax. You have to use an 8-bit register for it:

http://www.sandpile.org/x86/gpr.htm

vng21092 · Posted: Sat May 02, 2015 9:21 pm Post subject:

Geri · Moderator Reputation: 111 Joined: 05 Feb 2010 Posts: 5627

If you want to store the value, you just have to do this:

mov eax,[ebp+14]
movzx eax,byte ptr [eax+ebx]
mov [iqe_slot1],eax
jmp returnhere_iqe_1