-
Member
[Crash] when calling TerrainClick
Good day guys.
Tell me what could be the problem, when calling the function HandleTerrainClick WoW crashes
Code:
[UnmanagedFunctionPointer(CallingConvention.Cdecl)]
private delegate bool Spell_C__HandleTerrainClickDelegate(TerrainClick TC);
public static bool HandleTerrainClick(Location Coords, ulong GUID = 0ul)
{
if (_spellHandleTerrainClick == null)
_spellHandleTerrainClick = Reader.Memory.RegisterDelegate<Spell_C__HandleTerrainClickDelegate>((IntPtr)0x00527360, true); // 3.3.5a(12340)
return _spellHandleTerrainClick(new TerrainClick {GUID = GUID, Location = Coords, Button = MouseButton.Left });
}
public struct Location
{
public float x;
public float y;
public float z;
}
[StructLayout(LayoutKind.Sequential)]
public struct TerrainClick
{
public GUID;
public Location Location;
[MarshalAs(UnmanagedType.U4)] public MouseButton Button;
}
[Flags]
public enum MouseButton : uint
{
Left = 1,
Middle = 2,
None = 0,
Right = 4,
XButton1 = 8,
XButton2 = 0x10
}
Error
Code:
Errors
ERROR #132 (0x85100084) Fatal Exception
Program: C:\WoWCircle 3.3.5a\Wow.exe
Exception: 0xE0434352 (unknown exception) at 0023:76D3C762
----------------------------------------
x86 Registers
----------------------------------------
EAX=03B5F9F0 EBX=00000005 ECX=00000005 EDX=00000000 ESI=03B5FAB0
EDI=00000001 EBP=03B5FA48 ESP=03B5F9F0 EIP=76D3C762 FLG=00000216
CS =0023 DS =002B ES =002B SS =002B FS =0053 GS =002B
I tried to divide the GUID into 2 parts, there was no more crash, but the click does not work
Code:
public struct GUID
{
public uint GUIDx;
public uint GUIDy;
public GUID(ulong GUID)
{
GUIDx = (uint)((GUID) & 0xFFFFFFFF);
GUIDy = (uint)(((GUID) >> 32) & 0xFFFFFFFF);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct TerrainClick
{
public GUID GUID;
public Location Location;
[MarshalAs(UnmanagedType.U4)] public MouseButton Button;
}
Last edited by NightlyBlooD; 05-20-2019 at 03:31 PM.
-
I was told WoWCircle 3.3.5a runs a custom client/anti cheat. If that is true it could be that. I would try 00527830 CGGameUI__HandleTerrainClick, I think its the same thing. What code is at 76D3C762, was that your own module?
--edit
Could be missing 4 bytes? I'm counting 7 "args" ( 0x1C )
Code:
mov [ebp+var_18], 0
mov [ebp+var_14], 0
mov [ebp+var_C], eax
mov [ebp+var_10], edx
mov edx, [ebp+arg_0]
lea eax, [ebp+var_18]
push eax
mov [ebp+var_8], ecx
mov [ebp+var_4], edx
call sub_527830
--edit
Not the 1st? -- edit Was looking at the wrong version of wow
wor...t-working.html
Code:
GV.WoWHook.Memory.WriteFloat(DoStringArg_Codecave, 0);
GV.WoWHook.Memory.WriteFloat(DoStringArg_Codecave + 8, 0);
GV.WoWHook.Memory.WriteFloat(DoStringArg_Codecave + 16, X);
GV.WoWHook.Memory.WriteFloat(DoStringArg_Codecave + 20, Y);
GV.WoWHook.Memory.WriteFloat(DoStringArg_Codecave + 24, Z);
--edit
nvm, looking over that asm again, its a pointer to the data that's on the stack, ooops So no extra 4 bytes
--edit
https://www.ownedcore.com/forums/wor...-question.html
Originally Posted by
TOM_RUS
Isn't argument of that function supposed to be a pointer (ref in C#) to struct?
As history repeats itself...
Last edited by DarkLinux; 05-21-2019 at 12:04 AM.
-
Post Thanks / Like - 1 Thanks
NightlyBlooD (1 members gave Thanks to DarkLinux for this useful post)
-
Member
This method works.
Code:
public void TerrainClick(ulong GUID = 0,float X=0, float Y=0, float Z=0)
{
IntPtr MyStructure = Reader.Memory.AllocateMemory(20);
Reader.Memory.Write<ulong>(MyStructure, GUID);
Reader.Memory.Write<float>(MyStructure + 0x8, X);
Reader.Memory.Write<float>(MyStructure + 0xC, Y);
Reader.Memory.Write<float>(MyStructure + 0x10, Z);
Reader.Memory.Asm.Clear();
String[] asm = new String[]
{
"mov eax, " + MyStructure + "",
"push eax",
"call " + (uint)Spell_C__HandleTerrainClick, //(IntPtr)0x00527360
"add esp, 0x4",
"retn"
};
wow.InjectAndExecute(asm);
Reader.Memory.FreeMemory(MyStructure);
}
but unfortunately it does not fit ...
CGGameUI__HandleTerrainClick also leads to crash
Last edited by NightlyBlooD; 05-15-2022 at 04:59 AM.
-
Member
Sorry, completely forgotten =) Thanks for the help!
Originally Posted by
DarkLinux
Originally Posted by
TOM_RUS
Isn't argument of that function supposed to be a pointer (ref in C#) to struct?
It really helped, although Google translator did not quite correctly translate xD
-
Contributor
Code:
class TerrainClickData
{
public:
int64_t guid; //0x0000
Vector3 pos; //0x0008
int32_t click_type; //0x0014
}; //Size: 0x0018
int32_t TerrainClick(TerrainClickData* data)
{
return reinterpret_cast<int32_t(__cdecl*)(TerrainClickData*)>(0x527830)(data);
}
and called like this
Code:
WowFunctions::TerrainClickData testData{0, {-9413.485f, 88.942f, 57.320f}, 0x4};
TerrainClick(&testData);
just pass 0 to guid as that is what wow does, no crash here and works as expected with no errors (using c++ you will have to convert on your own)
also be sure to call from wows thread like endscene etc
Last edited by Icesythe7; 05-24-2019 at 10:28 AM.