Flag: Tornado! Hurricane!

 Forums >>  IDA Pro  >>  IDA PRO Struct Pointer Counter big number not starting from address offset 0, Lowers a bit slightly but not completely to 0

Topic created on: April 15, 2014 23:34 CDT by sspoke .

I put the whole question in 3 images from research it seems I need to use `CTRL+R` but I don't think that's what I need since I could lower the number a bit lower just can't lower it to the proper amount of 0.

I think the problem is I'm not creating the structs properly probably missing something.




ASM Code:

    .text:0040E040 ; =============== S U B R O U T I N E =======================================
    .text:0040E040
    .text:0040E040
    .text:0040E040 ; struct_ARENA *__thiscall code(struct_PLAYER *player, const void *buf, unsigned int len, int a4)
    .text:0040E040 sub_40E040      proc near              
    .text:0040E040                                        
    .text:0040E040
    .text:0040E040 buf             = dword ptr  4
    .text:0040E040 len             = dword ptr  8
    .text:0040E040 a4              = dword ptr  0Ch
    .text:0040E040
    .text:0040E040                 push    ebx
    .text:0040E041                 push    esi
    .text:0040E042                 mov     esi, ecx
    .text:0040E044                 mov     eax, [esi+1Ch]
    .text:0040E047                 test    eax, eax
    .text:0040E049                 jz      short loc_40E093
    .text:0040E04B                 mov     ecx, [eax+0FF0Ch]
    .text:0040E051                 xor     ebx, ebx
    .text:0040E053                 test    ecx, ecx
    .text:0040E055                 jle     short loc_40E093
    .text:0040E057                 push    edi
    .text:0040E058                 push    ebp
    .text:0040E059                 mov     ebp, [esp+10h+a4]
    .text:0040E05D                 mov     edi, 0FB20h
    .text:0040E062
    .text:0040E062 loc_40E062:                            
    .text:0040E062                 mov     eax, [edi+eax]
    .text:0040E065                 cmp     eax, esi
    .text:0040E067                 jz      short loc_40E082
    .text:0040E069                 mov     ecx, [eax+38h]
    .text:0040E06C                 test    ecx, ecx
    .text:0040E06E                 jnz     short loc_40E082
    .text:0040E070                 mov     ecx, [esp+10h+len]
    .text:0040E074                 mov     edx, [esp+10h+buf]
    .text:0040E078                 push    ebp             ; a4
    .text:0040E079                 push    ecx             ; len
    .text:0040E07A                 push    edx             ; buf
    .text:0040E07B                 mov     ecx, eax        ; this
    .text:0040E07D                 call    SendPlayerReliablePacket
    .text:0040E082
    .text:0040E082 loc_40E082:                            
    .text:0040E082                                        
    .text:0040E082                 mov     eax, [esi+1Ch]
    .text:0040E085                 inc     ebx
    .text:0040E086                 add     edi, 4
    .text:0040E089                 cmp     ebx, [eax+0FF0Ch]
    .text:0040E08F                 jl      short loc_40E062
    .text:0040E091                 pop     ebp
    .text:0040E092                 pop     edi
    .text:0040E093
    .text:0040E093 loc_40E093:                            
    .text:0040E093                                        
    .text:0040E093                 pop     esi
    .text:0040E094                 pop     ebx
    .text:0040E095                 retn    0Ch
    .text:0040E095 sub_40E040      endp
    .text:0040E095 ; ---------------------------------------------------------------------------
    .text:0040E098                 align 10h

Here is one that looks better only 1 struct instead of 2 but still same problem


No posts found under this topic.
Note: Registration is required to post to the forums.

There are 31,040 total registered users.


Recently Created Topics
Ultimate Hacking Cha...
Jun/21
CreateMutex
May/31
let 'IDAPython' impo...
Sep/24
set 'IDAPython' as t...
Sep/24
GuessType return une...
Sep/20
About retrieving the...
Sep/07
How to find specific...
Aug/15
How to get data depe...
Jul/07
Identify RVA data in...
May/06
Immunity Debugger Re...
Aug/03


Recent Forum Posts
How to find specific...
hackgreti
Problem with ollydbg
sh3dow
How can I write olly...
sh3dow
New LoadMAP plugin v...
mefisto...
Intel pin in loaded ...
djnemo
OOP_RE tool available?
Bl4ckm4n
OOP_RE tool available?
van7hu
Should binaries be n...
Kolisar
Problem with ollydbg
nullx42
!findtrampoline Immu...
skycrack


Recent Blog Entries
crystalwade
Jul/20
test

nieo
Mar/22
Android Application Reversing

halsten
Mar/14
Breaking IonCUBE VM

oleavr
Oct/24
Anatomy of a code tracer

hasherezade
Sep/24
IAT Patcher - new tool for ...

More ...


Recent Blog Comments
nieo on:
Mar/22
IAT Patcher - new tool for ...

djnemo on:
Nov/17
Kernel debugger vs user mod...

acel on:
Nov/14
Kernel debugger vs user mod...

pedram on:
Dec/21
frida.github.io: scriptable...

capadleman on:
Jun/19
Using NtCreateThreadEx for ...

More ...


Imagery
SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit