Understanding localized strings (how to read them OOP)

[Tanaris4]

So I FINALLY am able to actually find the correct Spell DBC struct my knowing the Spell ID (on mac), sadly it took me way too long to figure this out - but GetSpellInfo helped me greatly.

My question, I was able to find 4 pointers within the struct to strings: (at 0x180 through 0x18C):


Now I'm actually looking at the spell 15616 (Flame Shock) - randomly chosen. But when I follow the above pointers, they take me to spell name "Snap Kick" (the other pointers are to the start of the string list, the description, and then a 1 word description of Snap Kick):


So I'm guessing that I need to transform the string pointer somehow. Is this a correct assumption? And if so - can people provide me insight into how to do this?

(and yes I'm on a mac, but I don't think this should matter)

Thanks!

Other relevant screenshots (just of the struct in case you wanted to see):

Image 2
Image 3
Image 4
Image 5
Image 6

[swollen]

1. Destroy Mac.
2. Get PC
3. Install Windaids
4. Copy pasta code

[Krillere]

1. Destroy Mac.
2. Get PC
3. Install Windaids
4. Copy pasta code

1. Stop failing.
2. Stop failing.
3. Stop failing.
4. Stop failing.

[schlumpf]

1. Tell me which application you are using.

[swollen]

1. Stop failing.
2. Stop failing.
3. Stop failing.
4. Stop failing.

1. MacFag alert
2. MacFag alert
3. MacFag alert
4. MacFag alert

[Tanaris4]

Can I actually get a useful response to this thread? If you don't know shit go the **** away, this isn't a PC vs. mac debate, use whatever you are comfortable with.

@schlumpf - serious question?

[schlumpf]

@Tanaris4: Yes. I still search a good cheatengine replacement for my mac.

Snap Kick is 15618, so just a bit more. Seems like your struct is wrong or something like that.

[Tanaris4]

It's not wrong tho, check the last image in my post. That's the correct spell ID. I think I need to localize properly, I know Apoc had mentioned you have to do something else (maybe related to subtracting 0x18, altho this doesn't help), so not sure what I need to be doing.

Also, just use Pocket Gnome, the screen shots are from the memory tab. Great way to look @ things in memory.

[MaiN]

I'm pretty sure the name is at around field 136 (+0x220).
Atleast, it is on Windows.

[Tanaris4]

Yea it's not 0x220 on mac, although honestly these things never vary cross platform.

What is SO strange is I can consistently land on the correct spell ID w/in the database. But the strings ALWAYS point to a spell name/description that is (spellID + 2). Obviously I can program around this (If I want the spell name, search for the spell ID - 2). But I'd like to have an understanding why this is happening ya know? I have to be missing something simple.

[MaiN]

Yea it's not 0x220 on mac, although honestly these things never vary cross platform.

What is SO strange is I can consistently land on the correct spell ID w/in the database. But the strings ALWAYS point to a spell name/description that is (spellID + 2). Obviously I can program around this (If I want the spell name, search for the spell ID - 2). But I'd like to have an understanding why this is happening ya know? I have to be missing something simple.

Have you tried debugging lua_GetSpellName or lua_GetSpellInfo? See how it unpacks the row.

[Tanaris4]

That's what I'm trying to do now, and I'm confused as shit. And the pseudocode generator on mac doesn't always work that well :/ 0xD2E300 is a pointer to the WoW DB Struct

Code:

 WowClientDB__GetRow();
  v3 = *(&dword_D2E300 + 4);
  if ( _EBX >= v3
    && _EBX <= *(&dword_D2E300 + 3)
    && (v4 = *(const void **)(*(&dword_D2E300 + 8) + 4 * (_EBX - v3))) != 0 )
  {
    if ( unk_C7E44C )
    {
      v6 = (unsigned int)&v37;
      v5 = (int)((char *)v4 + 1);
      v36 = *(_BYTE *)v4;
      if ( (unsigned int)&v45 > (unsigned int)&v37 )
      {
        do
        {
          *(_BYTE *)v6 = *(_BYTE *)v5;
          v21 = *(_BYTE *)v5;
          ++v6;
          if ( *(_BYTE *)v5 == *(_BYTE *)(v5 - 1) )
          {
            v19 = v6;
            v20 = v6 + *(_BYTE *)(v5 + 1) - 1;
            if ( *(_BYTE *)(v5 + 1) )
            {
              while ( 1 )
              {
                *(_BYTE *)v19++ = v21;
                if ( v19 == v20 + 1 )
                  break;
                v21 = *(_BYTE *)v5;
              }
              v6 = v19;
            }
            v5 += 2;
            if ( (unsigned int)&v45 > v6 )
              *(_BYTE *)v6++ = *(_BYTE *)v5;
          }
          ++v5;
        }
        while ( v6 < (unsigned int)&v45 );
      }
    }
    else
    {
      memcpy(&v36, v4, 0x2A8u);
    }
    v7 = GetPlayerGUID();
    v8 = GetBaseAddressFromGUID(v7, 16);
    v35 = v8;
    if ( v47 )
    {
      LODWORD(v27) = sub_56D8E0(0);
      v8 = GetBaseAddressFromGUID(v27, 8);
    }
    FrameScript_PushString(a1, v43);

Full source: tanaris4 private pastebin - collaborative debugging tool


Edit: Kind of getting somewhere, looks like what I want to do is get the resulting POINTER to the row, add 0x1 to it, and then jump a certain amount and I see the correct string (but it's not static, it varies a bit on how far away it is, i.e. name could be at 0x60 away or 0x68 away)

[MaiN]

That's what I'm trying to do now, and I'm confused as shit. And the pseudocode generator on mac doesn't always work that well :/ 0xD2E300 is a pointer to the WoW DB Struct

Code:

 WowClientDB__GetRow();
  v3 = *(&dword_D2E300 + 4);
  if ( _EBX >= v3
    && _EBX <= *(&dword_D2E300 + 3)
    && (v4 = *(const void **)(*(&dword_D2E300 + 8) + 4 * (_EBX - v3))) != 0 )
  {
    if ( unk_C7E44C )
    {
      v6 = (unsigned int)&v37;
      v5 = (int)((char *)v4 + 1);
      v36 = *(_BYTE *)v4;
      if ( (unsigned int)&v45 > (unsigned int)&v37 )
      {
        do
        {
          *(_BYTE *)v6 = *(_BYTE *)v5;
          v21 = *(_BYTE *)v5;
          ++v6;
          if ( *(_BYTE *)v5 == *(_BYTE *)(v5 - 1) )
          {
            v19 = v6;
            v20 = v6 + *(_BYTE *)(v5 + 1) - 1;
            if ( *(_BYTE *)(v5 + 1) )
            {
              while ( 1 )
              {
                *(_BYTE *)v19++ = v21;
                if ( v19 == v20 + 1 )
                  break;
                v21 = *(_BYTE *)v5;
              }
              v6 = v19;
            }
            v5 += 2;
            if ( (unsigned int)&v45 > v6 )
              *(_BYTE *)v6++ = *(_BYTE *)v5;
          }
          ++v5;
        }
        while ( v6 < (unsigned int)&v45 );
      }
    }
    else
    {
      memcpy(&v36, v4, 0x2A8u);
    }
    v7 = GetPlayerGUID();
    v8 = GetBaseAddressFromGUID(v7, 16);
    v35 = v8;
    if ( v47 )
    {
      LODWORD(v27) = sub_56D8E0(0);
      v8 = GetBaseAddressFromGUID(v27, 8);
    }
    FrameScript_PushString(a1, v43);

Full source: tanaris4 private pastebin - collaborative debugging tool


Edit: Kind of getting somewhere, looks like what I want to do is get the resulting POINTER to the row, add 0x1 to it, and then jump a certain amount and I see the correct string (but it's not static, it varies a bit on how far away it is, i.e. name could be at 0x60 away or 0x68 away)

The actual row is "inlined" in the stack when that is called.
char v36; // [sp+5Ch] [bp-2CCh]@12 <- that is the base of the struct, hence it should actually be something like v36.spellID.
FrameScript_PushString(a1, v43); <- Ok, that is our name. v43.
char *v43; // [sp+27Ch] [bp-ACh]@14 <- v43 is at sp+0x27C, while v36 is at sp+0x5C. 0x27C - 0x5C = 0x220. So after the row has been unpacked, the name is at row+0x220.
Also, it looks horrible. You should define some types:
struct WoWClientDB
{
void *funcTable;
int isLoaded;
int numRows;
int maxIndex;
int minIndex;
int stringTable;
void *funcTable2;
void *FirstRow;
void **Rows;
};
Thanks to Apoc/Kynox for this. Set D2E300 to this type (Set it to the struct, NOT A POINTER TO THE STRUCT!).

[Tanaris4]

@Main - thanks for the reply, that makes more sense. So then my next question is how do I determine what sp (stack pointer?) points to, and how do I "unpack" the row?

Also, I do have those types defined, just not when I'm hacking away trying to understand what is going on.

And I'm also doing this OOP, so wouldn't SP be irrelevant?

[MaiN]

@Main - thanks for the reply, that makes more sense. So then my next question is how do I determine what sp (stack pointer?) points to, and how do I "unpack" the row?

Also, I do have those types defined, just not when I'm hacking away trying to understand what is going on.

And I'm also doing this OOP, so wouldn't SP be irrelevant?

No. Basically the unpacked row is copied to the address of the variable "v36", which happens to lie at sp+5C. That means sp+5C is going to be spell ID and sp+60 is going to be the field that comes after the spell ID in the row structure.
v43 is at sp+27C, which means that it is at 27C - 5C relative to the row start address. 27C - 5C = 0x220.
It's using the stack as memory instead of allocating new memory one might say.