[Question] Figured something out, then forgot how I did it....

[nwg601]

So I've managed to locate this subroutine:

Code:

int __thiscall unit::getHealth(void *this)
{
  int health;

  if ( *(_DWORD *)(dword_ED7738 + 48) )         // Not even a clue
    health = *((_DWORD *)this + 1139);
  else
    health = *(_DWORD *)(*((_DWORD *)this + 62) + 72);
  return health;
}

I figured this can get me what I want, I might have mangled it a bit but I want to get a unit's health from its base address.

I could swear I tried

Code:

 CurrentObject+ 1139

OR

Code:

  *((_DWORD *)CurrentObject+ 62) + 72

and one of them worked. I leave the room, come back and it's

Code:

CurrentObject+4556

And it works, the other two values don't. Now I can't figure out where I got 4556 from.... What did I do?

[Robske]

You got it from the function at 0x5B4FD0 called in Script_UnitHealth (0x453420)

I don't understand why you go through such lengths to get unit health, use the descriptors.

[nwg601]

You got it from the function at 0x5B4FD0 called in Script_UnitHealth (0x453420)

I don't understand why you go through such lengths to get unit health, use the descriptors.

Are those 4.3.4.15595?

If your sub_5B4FD0 is what I've called unit::getHealth I can't see where I got the value 4556 from?

This is the first part of a POC for a larger aspiration, I've got it working, but I can't figure out how I got here.

[Robske]

Code:

int __thiscall sub_5B4FD0(int this)
{
  int result; // eax@2

  if ( *(dword_ED7594 + 48) )
    result = *(this + 4556);
  else
    result = *(*(this + 248) + 72);
  return result;
}

[nwg601]

Okay, It seems I made some mistake in IDA, I've re-opened wow.exe and I can see your above.

Thanks.

[_Mike]

In before OP figures out why 1139*4=4556

[Frosttall]

You got it from the function at 0x5B4FD0 called in Script_UnitHealth (0x453420)

I don't understand why you go through such lengths to get unit health, use the descriptors.

The descriptors take aaaaages to update.. Had that problem yesterday

In before OP figures out why 1139*4=4556

That's why you shouldn't trust HexRays in IDA.. It sometimes forgets to multiply the values with 4, but hey: What is the ASM-View for?!

[nwg601]

In before OP figures out why 1139*4=4556

Not quite in before. Appreciate the help though

[Aftiagouras]

That's why you shouldn't trust HexRays in IDA.. It sometimes forgets to multiply the values with 4, but hey: What is the ASM-View for?!

Nah, HexRays is fine.
*((_DWORD *)this + 1139) means [this + 1139*4]
while
*(_DWORD *)(this + 1139) means [this + 1139]

Its how pointers and casts work in C.

[Frosttall]

Nah, HexRays is fine.
*((_DWORD *)this + 1139) means [this + 1139*4]
while
*(_DWORD *)(this + 1139) means [this + 1139]

Its how pointers and casts work in C.

Aaah got it, thank you

[_Mike]

Nah, HexRays is fine.
*((_DWORD *)this + 1139) means [this + 1139*4]
while
*(_DWORD *)(this + 1139) means [this + 1139]

Its how pointers and casts work in C.

It's not just that though. The 2nd one could also mean 1139*4. Hexrays assumes you declare the types correctly. Notice the difference in the posted function declarations.

Code:

int __thiscall unit::getHealth(void *this)
int __thiscall sub_5B4FD0(int this)