BigPackets Forum

BigPackets => Public Discussion => Reversing => Topic started by: KittoniuM on December 16, 2018, 10:45:09 pm

Title: Finding Entitylist in Just Cause 1
Post by: KittoniuM on December 16, 2018, 10:45:09 pm
(http://i64.tinypic.com/6ny07s.png)
Here is how i found entity list in JC1


first.. i started looking at strings...

i found something interesting:
"MaxNofChars(%d)met, chars:%d\n"

so i looked at it, and found out that its calling a few things with (0) as nullptr,which means that it's getting the address in Text View but psuedocode messes up and shows 0.

i looked at them in reclass, sure enough they have pointers that look like they are storage for a list
(http://i65.tinypic.com/bi111j.png)
Code: [Select]
char __thiscall sub_474B50(_BYTE *this)
{
  int v1; // eax
  char result; // al
  int v3; // eax
  int v4; // [esp+0h] [ebp-8h]
  unsigned int v5; // [esp+4h] [ebp-4h]

  v4 = (int)this;
  v5 = CEntityList::CountValidEntities(0);
  if ( v5 <= *(unsigned __int16 *)(v4 + 60) )
  {
    if ( v5 != *(unsigned __int16 *)(v4 + 60) || (unsigned __int8)sub_474CB0(v4) )
    {
      result = 1;
    }
    else
    {
      if ( *(_BYTE *)(v4 + 54) )
      {
        v3 = CEntityList::CountValidEntities(0);
        nullsub_1("MaxNofChars(%d)met, chars:%d\n", *(unsigned __int16 *)(v4 + 60), v3);
      }
      result = 0;
    }
  }
  else
  {
    sub_474CB0(v4);
    if ( *(_BYTE *)(v4 + 54) )
    {
      v1 = CEntityList::CountValidEntities(0);
      nullsub_1("MaxNofChars(%d)met, chars:%d\n", *(unsigned __int16 *)(v4 + 60), v1);
    }
    result = 0;
  }
  return result;
}


This is the function that appears to count the number of valid entities
Code: [Select]
int __thiscall sub_4D3A60(int this)
{
  int *v2; // [esp+4h] [ebp-1Ch]
  int *v3; // [esp+8h] [ebp-18h]
  int v4; // [esp+Ch] [ebp-14h]

  v3 = *(int **)(this + 0x28);
  v2 = *(int **)(this + 0x24);
  v4 = 0;
  while ( v3 != v2 )
  {
    if ( sub_4D3A20(*v2) )
      ++v4;
    ++v2;
  }
  return v4;
}
//For the valid entity check
bool __cdecl sub_4D3A20(int a1)
{
  return (*(_DWORD *)(a1 + 2180) >> 6) & 1 && !sub_597B80((char *)a1);
}