help with offset

d3nd3's Avatar
Newbie Member
arg_0 = dword ptr 4 .text:2000333D mov ecx, [esp+7Ch+arg_0] .text:20003344 mov [esp+7Ch+var_78], eax .text:20003348 mov [esp+7Ch+var_70], edx .text:2000334C mov [esp+7Ch+var_4], 0FFh .text:20003351 mov eax, [ecx+0FCh] .text:20003357 test eax, eax .text:20003359 jle loc_200037D3 .text:2000335F push ebx .text:20003360 push ebp .text:20003361 push esi .text:20003362 jmp short loc_20003368 .text:20003364 ; --------------------------------------------------------------------------- .text:20003364 .text:20003364 loc_20003364: ; CODE XREF: cl_addpacketentities+50Aj .text:20003364 mov edx, [esp+88h+var_70] .text:20003368 .text:20003368 loc_20003368: ; CODE XREF: cl_addpacketentities+A2j .text:20003368 mov eax, [esp+88h+arg_0] .text:2000336F mov esi, [esp+88h+var_78] .text:20003373 mov [esp+88h+var_18], 3F800000h .text:2000337B mov eax, [eax+100h] .text:20003381 add eax, esi .text:20003383 and eax, 3FFh .text:20003388 lea ecx, ds:0[eax*8] .text:2000338F sub ecx, eax .text:20003391 lea eax, [eax+ecx*4] .text:20003394 mov ecx, dword_201CA530[eax*4] .text:2000339B lea esi, ds:201CA530h[eax*4] .text:200033A2 mov eax, ecx i have the c++ source , but it should be something like this s1 = &cl_parse_entities[(frame->parse_entities+pnum)&(MAX_PARSE_ENTITIES-1)]; where frame is the argument being passed to the function (arg_0); can any of you find that in this bit of asm codE? i need to know the offset of the member of the array passed , frame->parsen_entities i think its in this line of asm : .text:20003368 mov eax, [esp+88h+arg_0] but i am unsure why esp is added to it ...
0
d3nd3's Avatar
Newbie Member
sorry i am first time poster and don't know how to edit, so i repost in better format arg_0 = dword ptr 4
.text:2000333D mov ecx, [esp+7Ch+arg_0]
.text:20003344 mov [esp+7Ch+var_78], eax
.text:20003348 mov [esp+7Ch+var_70], edx
.text:2000334C mov [esp+7Ch+var_4], 0FFh
.text:20003351 mov eax, [ecx+0FCh]
.text:20003357 test eax, eax
.text:20003359 jle loc_200037D3
.text:2000335F push ebx
.text:20003360 push ebp
.text:20003361 push esi
.text:20003362 jmp short loc_20003368
.text:20003364 ; --------------------------------------------------------------------------- .text:20003364
.text:20003364 loc_20003364: ; CODE XREF: cl_addpacketentities+50Aj .text:20003364 mov edx, [esp+88h+var_70]
.text:20003368 .text:20003368 loc_20003368: ; CODE XREF: cl_addpacketentities+A2j .text:20003368 mov eax, [esp+88h+arg_0]
.text:2000336F mov esi, [esp+88h+var_78]
.text:20003373 mov [esp+88h+var_18], 3F800000h
.text:2000337B mov eax, [eax+100h]
.text:20003381 add eax, esi
.text:20003383 and eax, 3FFh
.text:20003388 lea ecx, ds:0[eax*8]
.text:2000338F sub ecx, eax
.text:20003391 lea eax, [eax+ecx*4]
.text:20003394 mov ecx, dword_201CA530[eax*4]
.text:2000339B lea esi, ds:201CA530h[eax*4]
.text:200033A2 mov eax, ecx

i have the c++ source , but it should be something like this
s1 = &cl_parse_entities[(frame->parse_entities+pnum)&(MAX_PARSE_ENTITIES-1)]; where frame is the argument being passed to the function (arg_0);

can any of you find that in this bit of asm codE? i need to know the offset of the member of the array passed , frame->parsen_entities i think its in this line of asm : .text:20003368 mov eax, [esp+88h+arg_0] but i am unsure why esp is added to it ...
0
xpi0t0s's Avatar, Join Date: Aug 2004
Mentor
New users can't edit their posts. But they can read the posting guidelines. How do I know you didn't? Because you posted code without using code tags. READ THE POSTING GUIDELINES PLEASE.