Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Confusion around pointers: what does the + operator mean?

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
aochagavia
How do I cheat?
Reputation: 0

Joined: 07 Nov 2019
Posts: 2

PostPosted: Thu Nov 07, 2019 9:14 am    Post subject: Confusion around pointers: what does the + operator mean? Reply with quote

I am practicing my Cheat Engine skills around pointers and came across something confusing. I am practicing with notepad and my goal was to find a pointer to the first letter of the text. I have already managed to find the pointer I need, which is "notepad.exe" + 2C470 (see picture). For instance, in the picture I have notepad open with a text that starts with B, so the pointer points to the value 66 (the ASCII code for B).

However, if I manually add up the address returned by "notepad.exe" to 0x2C470 I get an address that points to nowhere. In fact, "notepad.exe" returns the address 0x7FF64C160000, which after adding it to 0x2C470 yields 0x7FF64C18C470 (see picture). This is different than the address you get when you type "notepad.exe" + 0x2C470 in the "Add Address Manually" dialog. What magic is Cheat Engine doing here that I am missing?



pointer2.png
 Description:
Attempt to manually add pointer after adding "notepad.exe" and 0x2C470 together
 Filesize:  4.51 KB
 Viewed:  239 Time(s)

pointer2.png



pointer.png
 Description:
Pointer to the start of the text
 Filesize:  8.71 KB
 Viewed:  239 Time(s)

pointer.png




Last edited by aochagavia on Fri Nov 08, 2019 9:20 am; edited 1 time in total
Back to top
View user's profile Send private message
ParkourPenguin
I post too much
Reputation: 71

Joined: 06 Jul 2014
Posts: 2321

PostPosted: Thu Nov 07, 2019 9:53 am    Post subject: Reply with quote

"notepad.exe"+2C470 -> 24825A30008

The -> means the value 24825A30008 is stored at the address "notepad.exe"+2C470.

If you uncheck the pointer box, change the value type to 8 bytes, and set the address to "notepad.exe"+2C470, you should see the value is 24825A30008.

_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
DanyDollaro
Expert Cheater
Reputation: 1

Joined: 01 Aug 2019
Posts: 116
Location: Italy

PostPosted: Thu Nov 07, 2019 12:34 pm    Post subject: Reply with quote

When entering an address via the "Add Address Manually" button, remember to remove all space characters.
Because if I write something like:
"7FF64C18C470" will point to a memory region

but if I write something like:
"7FF6 4C18 C470" CE will interpret it as a symbol and not being registered will point to an unallocated memory region
Back to top
View user's profile Send private message
aochagavia
How do I cheat?
Reputation: 0

Joined: 07 Nov 2019
Posts: 2

PostPosted: Fri Nov 08, 2019 9:16 am    Post subject: Reply with quote

Thanks ParkourPenguin and DanyDollaro for your replies. I now realize I didn't explain myself as well as I thought. Let me try it again in clearer terms.

EDIT: now I see that 7FF64C18C470 is a valid address that contains the value 24825A30008. Now everything is clear. Thanks!

I am keeping the rest of the post in case someone is interested, but you might as well skip it as it is wrong Smile

When adding an address using the "Add Address Manually" button, it is possible to either write the address directly (e.g. 24825A30008) or let Cheat Engine compute it using the "+" operator (e.g. 7FF64C160000 + 2C470). The latter case is the one that confuses me.

My expectation is that the "+" operator adds the operands, just as in ordinary math. Therefore, I expected 7FF64C160000 + 2C470 to yield 7FF64C18C470. This is not the case, however. Cheat Engine calculates a different value, namely 24825A30008.

In summary: if I type 7FF64C160000 + 2C470 in my calculator I get 7FF64C18C470. If I type exactly the same in the address field of Cheat Engine I get 24825A30008. What does the "+" operator do in Cheat Engine, since it clearly is doing something different than adding two numbers?
Back to top
View user's profile Send private message
DanyDollaro
Expert Cheater
Reputation: 1

Joined: 01 Aug 2019
Posts: 116
Location: Italy

PostPosted: Fri Nov 08, 2019 9:52 am    Post subject: Reply with quote

I think you got confused, the + operator returns the addition between the two opernades as value, so the expression "1 + 1" returns "2" which if added to the cheat table as it is not a valid address Consequently it will point to an invalid memory region.
And I say that you got confused because maybe you interpreted the value pointed by "7FF64C160000 + 2C470" as the value returned by the same expression.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites