Coding

 Reply to this postStart new topic

Can someone help me to understand this

powernoob
post Jan 24 2013, 03:44 PM
Post #1


The New Guy!

Posts: 11
Joined: 9-January 13



Hello all

I'm still a beginner with IDA and try to reverse engineer a GTA function to understand what it does, here it is:

CODE
char __stdcall CUpsideDownCarCheck__isCarUpsideDown(int a1)
{
  int v1; // eax@1
  unsigned int v2; // edx@1
  int v3; // esi@5

  v1 = *(_DWORD *)(a1 + 1424);                  // vehicle type
  v2 = 0;
  if ( v1 )                                     // if type != 0
  {
    if ( v1 == 9 )                              // if type is bike
      v2 = *(_BYTE *)(a1 + 2052);
  }
  else                                          // else, type is car/plane
  {
    v2 = *(_BYTE *)(a1 + 2400);
  }
  v3 = *(_DWORD *)(a1 + 20);                    // vehicle rotation matrix
  return (*(float *)(v3 + 40) < 0.30000001 && v2 < 4 || *(float *)(v3 + 40) < 0.0)
      && (unsigned __int8)(*(int (__stdcall **)(_DWORD))(*(_DWORD *)a1 + 228))(0);
}


My questions are

1) How, and with which tools, do I find out what is "v2" equal to? For v1 it was easy to find out that it was the vehicle type, because it was documented already smile.gif

I suppose I can find with CheatEngine but, still to find v2, how do I locate a1 in CheatEngine so then I can add to it, offset 2052 for bike or 2400 for cars?

2) What is this on the last line: (unsigned __int8)(*(int (__stdcall **)(_DWORD))(*(_DWORD *)a1 + 228))(0)


Thanks you in advance for any help! And sorry for my bad english.


Edit: ok I found how to find v1 (the vehicle type) in CheatEngine smile.gif, I must add an address manually, set it as a pointer, give it value BA18FC (pointer to current vehicle) and offset 590 (hex of 1424). Same process for v2! Now to find out what this value is xD

Ok I think I found what v2 is: the number of wheels currently touching ground. Always between 0 and 4, even if bikes only have 2 wheels and trucks have more wheels xD

This post has been edited by powernoob: Jan 24 2013, 04:49 PM
Go to the top of the page
 
+Quote Post
Silent
post Jan 24 2013, 04:06 PM
Post #2


The master of cut retort

Group Icon

Posts: 239
From: Warsaw, PL
Joined: 21-July 10



Since you seem to use listener's IDB, set a1 type to CAutomobile*. That should sort stuff.

Also, this function is a __thiscall. Therefore, its correct definition is:
CODE
char __thiscall CUpsideDownCarCheck__IsCarUpsideDown(CUpsideDownCarCheck *this, CAutomobile *carHandle)


Oddly, my CAutomobile seems to be a bit broken, but I'm pretty sure that v3 is something like m_nNumContactWheels.
Go to the top of the page
 
+Quote Post
powernoob
post Jan 24 2013, 05:54 PM
Post #3


The New Guy!

Posts: 11
Joined: 9-January 13



QUOTE
Since you seem to use listener's IDB, set a1 type to CAutomobile*. That should sort stuff.

Thanks, it resolved some names smile.gif


QUOTE
Also, this function is a __thiscall. Therefore, its correct definition is:
CODE
char __thiscall CUpsideDownCarCheck__IsCarUpsideDown(CUpsideDownCarCheck *this, CAutomobile *carHandle)

If I do this I get a Bad declaration error.


QUOTE
Oddly, my CAutomobile seems to be a bit broken, but I'm pretty sure that v3 is something like m_nNumContactWheels.

(You mean v2?) I can't find this name, also it is stored in different place for bikes than for cars, so it can't have the same name for both, correct?

Thanks!

This post has been edited by powernoob: Jan 24 2013, 05:55 PM
Go to the top of the page
 
+Quote Post
Silent
post Jan 24 2013, 08:28 PM
Post #4


The master of cut retort

Group Icon

Posts: 239
From: Warsaw, PL
Joined: 21-July 10



v2 should become v3 when you declare the function as __thiscall. So yeah, we're referring to the same var.
Go to the top of the page
 
+Quote Post
donaulazen
post Nov 1 2013, 06:58 AM
Post #5


The New Guy!

Posts: 2
Joined: 30-October 13



Do you guys have a link to the most used codes for beginners?


--------------------
Go to the top of the page
 
+Quote Post
Reply to this postStart new topic

2 User(s) are reading this topic (2 Guests and 0 Anonymous Users)
0 Members: