Cheat Engine

searay330 · Posted: Tue Aug 02, 2016 7:04 pm Post subject: Adress VS Pointer Values

first i would like to apologize if the title seems wrong but i couldn't really think of what to call this.

So i have a question that i have been trying to figure out for a while now but i just cant seem to find the answer, i have address with an offset that i am using as a pointer.

140000000+46E26A8 yields the memory address 7FF5A07141C0 which is what i need however if i place that in the address section it gives me:
2691776960 which is the same thing that my c++ memory reader is giving me how can i get c++ to get the address and not the random number value.

Thanks in advance

Zanzer · Posted: Tue Aug 02, 2016 8:46 pm Post subject:

Stop using an int to represent a 64-bit address. Use a long.

searay330 · Posted: Tue Aug 02, 2016 8:53 pm Post subject:

i guess i should have posted the code i am using, I am using DWORD_PTR's which are longs.

Zanzer · Posted: Tue Aug 02, 2016 10:08 pm Post subject:

Incorrect.
DWORD is 32 bit. An int.
QWORD is 64 bit. A long.
You should be using IntPtr.

searay330 · Posted: Tue Aug 02, 2016 10:11 pm Post subject:

well then microsoft lied to me or i misunderstood the documentation

i cant post links to the doc so heres a quote

A DWORD_PTR is an unsigned long type used for pointer precision. It is used when casting a pointer to an unsigned long type to perform pointer arithmetic. DWORD_PTR is also commonly used for general 32-bit parameters that have been extended to 64 bits in 64-bit Windows. <--quote

Zanzer · Posted: Tue Aug 02, 2016 10:29 pm Post subject:

Are you compiling your trainer as a 64-bit application? Smile

Either way, it's clearly truncating your supposed 64-bit value.
Print the value of "sizeof(pointer1)". Is it 4 or 8?

I guess you could have the wrong definition for ReadProcessMemory.
The second argument isn't defined to hold a 64-bit value.
A cast to LPVOID may be causing the truncation?

searay330 · Posted: Tue Aug 02, 2016 10:40 pm Post subject:

i just changed them form DWORD_PTR's to unsigned long long int's and that fixed the problem thank you and from now on i will take the microsoft docs with a pinch of salt. Laughing

and yes ParkourPenguin that was what i thinking of im a bit rusty.

ParkourPenguin · Posted: Tue Aug 02, 2016 10:40 pm Post subject:

It says "32-bit parameters" right there.

A word is 2 bytes. A dword (double word) is twice that, 4 bytes. A qword is twice that, 8 bytes. DWORD_PTR means you're pointing to a dword.
source

The "long" type takes up 4 bytes of space. You're thinking of the "long long" type which takes up 8 bytes.
source

If you're interested in the history of this:
http://queue.acm.org/detail.cfm?id=1165766

Zanzer · Posted: Tue Aug 02, 2016 10:49 pm Post subject:

Meh, I'm a Java developer. Where the longs are longs and the ints are ints. Smile

searay330 · Posted: Tue Aug 02, 2016 10:50 pm Post subject:

yes the land of c where true can false, false can be true, and int's cant be whatever the hell they want to be.