Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Multiple "instrunction accesses" calls only shows

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
gir489
Grandmaster Cheater
Reputation: 14

Joined: 03 Jan 2012
Posts: 841
Location: Maryland, United States
PostPosted: Fri Mar 01, 2013 10:22 pm    Post subject: Multiple "instrunction accesses" calls only shows Reply with quote
When I do 'Find out what addresses this instruction accesses' and there's two different calls, it only shows the first call it catches. So if the same call with the same address has a different return address, I can only find out the second return address by logging ebp+4 with a hook.

A minor inconvenience, but you should be able to select which call's stack you are viewing.
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 470

Joined: 09 May 2003
Posts: 25791
Location: The netherlands
PostPosted: Sat Mar 02, 2013 6:06 am    Post subject: Reply with quote
I take it you mean when ESP is different store that as a separate entry ? (Checking for ebp+4 to be different is not an option as not all functions use a stackframe)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
gir489
Grandmaster Cheater
Reputation: 14

Joined: 03 Jan 2012
Posts: 841
Location: Maryland, United States
PostPosted: Sun Mar 03, 2013 12:01 pm    Post subject: Reply with quote
Dark Byte wrote:
I take it you mean when ESP is different store that as a separate entry ? (Checking for ebp+4 to be different is not an option as not all functions use a stackframe)

Bioshock omits EBP, so yes. The stack frame was different each time it was called.

I had to just log ESP+90, which I found from traversing the call. I called it EBP+4 for reference.

The return address changed depending on two actions. The first time you start reloading it's called with no sub so it can get the value, then it's called again with the actual sub. The second call was the return address I wanted, but I had to hook the function and log it manually.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites