Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


i can`t assemble "cmp rsi, 7FF46D96A240"

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
DanyDollaro
Master Cheater
Reputation: 3

Joined: 01 Aug 2019
Posts: 334
PostPosted: Mon Sep 16, 2019 1:23 pm    Post subject: i can`t assemble "cmp rsi, 7FF46D96A240" Reply with quote
Hello every one, i was creating an assembly script, what the original script is to deal with deallocating the memory of a string (and i must avoid it), then the string pointer doesn't work anymore, what I have to do is, make a comparison with the address of the string and the address of ESI (where ESI is the address that will be deallocated) so i have to assemble the following instruction:
Code:
cmp rsi, 7FF46D96A240
but only after I realized that the script didn't work because the address exceeds the 8 byts, so i'm wondering, how can i compare ESI with "0x7FF46D96A240"?

I don't know if it might interest you but the script I created is this:
Code:
[ENABLE]
7FF6A4252DEB:
bts rax,rcx
mov [r14+000000C8],rax
mov rax,[rdx+rcx*8]

//Deviation
jmp 7FF6A4253392
nop 2

jne 7FF6A4252E0D
mov [rsi+10],rsi
mov [rsi+18],rsi
jmp 7FF6A4252E70
test byte ptr [r14+000003B2],40
jne 7FF6A4252E34
mov rcx,[rax+10]
mov [rsi+10],rcx


//Deviated
7FF6A4253392:
cmp rsi, 7FF46D96A240
je 7FF6A4252E0D
jmp 7FF6A4252E01




[DISABLE]
//Orignal Code
7FF6A4252DEB:
bts rax,rcx
mov [r14+000000C8],rax
mov rax,[rdx+rcx*8]
lea rdx,[rdx+rcx*8]
test rax,rax
jne 7FF6A4252E0D

// --- Interesting part ----
mov [rsi+10],rsi
mov [rsi+18],rsi
// --------------------------

jmp 7FF6A4252E70
test byte ptr [r14+000003B2],40
jne 7FF6A4252E34
mov rcx,[rax+10]
mov [rsi+10],rcx


the "interesting part" are the actions that in the case ESI has the address of the string must NOT perform, Consequently jump to the struction "jmp 7FF6A4252E70".
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 471

Joined: 09 May 2003
Posts: 25819
Location: The netherlands
PostPosted: Mon Sep 16, 2019 2:17 pm    Post subject: Reply with quote
cmp can only encode using 32-bits.
that means anything from 0 to 7ffffffff and anything from
ffffffff80000000 to ffffffffffffffff

to do a compare in an unsupported range you will have to use a register with the value
e.g.:
Code:

push rax
mov rax,7FF46D96A240
cmp rsi,rax
pop rax
je xxxxxxxx

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
DanyDollaro
Master Cheater
Reputation: 3

Joined: 01 Aug 2019
Posts: 334
PostPosted: Mon Sep 16, 2019 3:13 pm    Post subject: Reply with quote
Thanks Dark Byte for the fast response, very kind Very Happy
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites