Quote:
Originally Posted by xzidez  Seems like we have an StdCall with 1 param as returnValue? Looking at RETN 4.
so.. Code: [UnmanagedFunctionPointer(CallingConvention.StdCall)]
private unsafe delegate int SetFacing(float floatPtr);
Not sure about the float floatPtr. But ive tried almost everything as argument, pointer to the float value.. etc etc Everything crashes wow. :/
I really suck at ASM.. sigh.. |
It looks like it's a thiscall, and it's definitely not a float pointer.
[UnmanagedFunctionPointer(CallingConvention.ThisCall)]
private delegate int SetFacing(IntPtr baseAddress, float radian);
Code:
*(_DWORD *)(_ESI + 0x44) &= 0xFFFFFFCFu;
If I'm correct, that removes a flag (probably from the movement flags stuff). ESI is ECX, which should be the local player base address.
I'm not great with float operations, but it seems like it pushes two floats on the float stack, last one being your facing. The first one is popped off close to the first jump. If the first jump is taken it looks like something wrong has happened.
Code:
test ah, 5 ; Logical Compare
jnp short loc_949C89 ; Jump if Not Parity (PF=0)
Code:
loc_949C89:
fstp st ; Store Real and Pop
As you can see, your facing is stored but then popped off - it looks like it's not used anymore after that.
If it reaches the good way
Code:
test dword ptr [esi+44h], 1000h ; Logical Compare
fstp dword ptr [esi+20h] ; Store Real and Pop
jnz short loc_949C8B ; Jump if Not Zero (ZF=0)
First it does an AND on what I believe is the movement flags (?) at playerbase + 0x44 with the flag 0x1000 (looks like this decompiled v4 = (*(_DWORD *)(this + 0x44) & 0x1000) == 0) - it then sets playerbase + 0x20 to the facing value.
If the flag was zero, it goes the bad way, if it wasn't it goes the good way.
Basicly the good way calls 0x9480E0 which might be some kind of player nudge
