Quantcast

Jump to content

» «
Photo

Documenting GTA-SA memory adresses

1,347 replies to this topic
LINK/2012
  • LINK/2012

    LIVIN' IN CODE

  • Feroci
  • Joined: 30 Jan 2011
  • Brazil

#1321

Posted 27 January 2014 - 08:09 PM Edited by LINK/2012, 24 August 2014 - 01:58 AM.

0x4DFB10       CAEBankLoader *__thiscall CAEBankLoader::CAEBankLoader(CAEBankLoader *)
0x4DFB20       void __thiscall CAEBankLoader::~CAEBankLoader(CAEBankLoader *this)
0x4DFB60       void __thiscall CAEBankLoader::InitialiseRequestList(CAEBankLoader *this)
0x4DFBA0       void __thiscall CAEBankLoader::CalculateBufferSize(CAEBankLoader *this)
0x4DFBD0       char __thiscall CAEBankLoader::LoadBankLookupFile(CAEBankLoader *this)
0x4DFC70       char __thiscall CAEBankLoader::LoadSFXPakLookupFile(CAEBankLoader *this)
0x4DFDE0       void *__thiscall CAEBankLoader::GetSoundBuffer2(CAEBankLoader *this, unsigned short bankslot, int *out_size)
0x4DFE30       void __thiscall CAEBankLoader::Service(CAEBankLoader *this)
0x4E01B0       CAEBankLookupItem *__thiscall CAEBankLoader::GetBankLookup(CAEBankLoader *this, unsigned short bank)
0x4E01E0       long double __thiscall CAEBankLoader::GetSoundHeadroom(CAEBankLoader *this, unsigned short sound, short bankslot)
0x4E0220       char __thiscall CAEBankLoader::IsSoundBankLoaded(CAEBankLoader *this, unsigned short bank, short bankslot)
0x4E0250       char __thiscall CAEBankLoader::GetSoundBankLoadingStatus(CAEBankLoader *this, unsigned short bank, short bankslot)
0x4E0280       void *__thiscall CAEBankLoader::GetSoundBuffer(CAEBankLoader *this, unsigned short sound, short bankslot, int *out_Size, short *out_SampleRate)
0x4E0380       int __thiscall CAEBankLoader::GetLoopOffset(CAEBankLoader *this, unsigned short sound, short bankslot)
0x4E03B0       char __thiscall CAEBankLoader::IsSoundLoaded(CAEBankLoader *this, unsigned short bank, unsigned short sound, short bankslot)
0x4E0400       char __thiscall CAEBankLoader::GetSoundLoadingStatus(CAEBankLoader *this, unsigned short bank, unsigned short sound, short bankslot)
0x4E0450       void __thiscall CAEBankLoader::UpdateVirtualChannels(CAEBankLoader *this, void *a2, void *a3, void *a4)
0x4E0590       char __thiscall CAEBankLoader::LoadBankSlotFile(CAEBankLoader *this)
0x4E0670       void __thiscall CAEBankLoader::LoadSoundBank(CAEBankLoader *this, unsigned short bank, short bankslot)
0x4E07A0       void __thiscall CAEBankLoader::LoadSound(CAEBankLoader *this, unsigned short bank, unsigned short sound, short bankslot)
0x4E08F0       char __thiscall CAEBankLoader::Initialise(CAEBankLoader *this)

0x5B97F0       void __cdecl CAEAudioUtility::StaticInitialise()
0x4D9C10       int __cdecl CAEAudioUtility::GetRandomNumberInRange(int, int)
0x4D9C50       double __cdecl CAEAudioUtility::GetRandomNumberInRangef(float, float)
0x4D9C80       char __cdecl CAEAudioUtility::ResolveProbability(float)
0x4D9CC0       char __cdecl CAEAudioUtility::GetBankAndSoundFromScriptSlotAudioEvent(int *a1, int *pBank, int *pSound, int scriptSlot)
0x4D9D90       double __cdecl CAEAudioUtility::GetPiecewiseLinear(float a1, short a2, float *a3)
0x4D9E10       CVehicle *__cdecl CAEAudioUtility::FindVehicleOfPlayer()
0x4D9E50       double __cdecl CAEAudioUtility::AudioLog10(float)
0x4D9E80       int __cdecl CAEAudioUtility::GetCurrentTimeInMilliseconds()
0x4D9EF0       int __cdecl CAEAudioUtility::ConvertFromBytesToMS(unsigned int size, unsigned int sampleRate, unsigned short numChannels)
0x4D9F40       int __cdecl CAEAudioUtility::ConvertFromMSToBytes(unsigned int MS, unsigned int sampleRate, unsigned short numChannels)
#pragma pack(push, 1)
struct CAEBankSlotItem
{
  int m_dwOffset;
  int m_dwLoopOffset;
  short m_usSampleRate;
  short m_usSoundHeadroom;
};
#pragma pack(pop)


#pragma pack(push, 1)
struct CAEBankLookupItem
{
  char m_iPak;
  char _pad[3];
  int m_dwOffset;
  int m_dwSize;
};
#pragma pack(pop)


#pragma pack(push, 1)
struct CAEBankSlot
{
  int m_dwOffsetOnBuffer;
  int m_dwSlotBufferSize;
  int _unknown1;
  int _unknown2;
  unsigned short m_usBankNum;
  unsigned short m_nSoundsOnBank;
  CAEBankSlotItem m_aBankItems[400];
};
#pragma pack(pop)


#pragma pack(push, 1)
struct CAESoundRequest
{
  CAEBankSlot *m_pBankSlot;
  int m_dwOffset;
  int m_dwSize;
  void *m_pBufferData;     // Somewhere in the m_pBuffer, used to resolve sector alignment issues
  void *m_pBuffer;         // Pointer returned by malloc
  int m_iLoadingStatus;
  short m_usBank;
  short m_usBankSlot;
  short m_usSound;
  char m_iPak;
  char field_1F;
};
#pragma pack(pop)

#pragma pack(push, 1)
struct CAEBankLoader
{
  CAEBankSlot *m_pBankSlots;
  CAEBankLookupItem *m_pBankLookup;
  void *m_pPakFiles;
  short m_usNumBankSlots;
  short m_usNumBanks;
  short m_usNumPakFiles;
  short _unused0;
  char m_bInitialized;
  char gap_15[3];
  int m_iSoundBuffersSize;
  char *m_pSoundBuffers;
  int *m_StreamHandles;
  CAESoundRequest m_aSoundRequests[50];
  short _unk0;
  short m_nRequestsToLoad;
  short m_iRequestListNext;
  short m_iStreamingChannel;
  short m_aBankSlotSound[45];
  char _unused1[30];
};
#pragma pack(pop)
enum eBankSlot : short
{
    BANKSLOT_FRONTEND_GAME = 0,
    BANKSLOT_FRONTEND_MENU = 1,
    BANKSLOT_COLLISIONS = 2,
    BANKSLOT_BULLET_SOUNDS = 3,
    BANKSLOT_EXPLOSIONS = 4,
    BANKSLOT_WEAPONS = 5,
    BANKSLOT_WEATHER_RAIN = 6,
    BANKSLOT_STREAM_ENGINE_1 = 7,
    BANKSLOT_STREAM_ENGINE_2 = 8,
    BANKSLOT_STREAM_ENGINE_3 = 9,
    BANKSLOT_STREAM_ENGINE_4 = 10,
    BANKSLOT_STREAM_ENGINE_5 = 11,
    BANKSLOT_STREAM_ENGINE_6 = 12,
    BANKSLOT_STREAM_ENGINE_7 = 13,
    BANKSLOT_STREAM_ENGINE_8 = 14,
    BANKSLOT_STREAM_ENGINE_9 = 15,
    BANKSLOT_STREAM_ENGINE_10 = 16,
    BANKSLOT_HORNS = 17,
    BANKSLOT_HELICOPTER = 18,
    BANKSLOT_VEHICLE_EXTRAS = 19,
    BANKSLOT_SPEECH_0 = 20,
    BANKSLOT_SPEECH_1 = 21,
    BANKSLOT_SPEECH_2 = 22,
    BANKSLOT_SPEECH_3 = 23,
    BANKSLOT_SPEECH_4 = 24,
    BANKSLOT_PLAYER_SPEECH = 25,
    BANKSLOT_SCRIPT_SPEECH_0 = 26,
    BANKSLOT_SCRIPT_SPEECH_1 = 27,
    BANKSLOT_SCRIPT_SPEECH_2 = 28,
    BANKSLOT_SCRIPT_SPEECH_3 = 29,
    BANKSLOT_AMBIENT_RESIDENT = 30,
    BANKSLOT_DOORS = 31,
    BANKSLOT_WATER = 32,
    BANKSLOT_33 = 33,
    BANKSLOT_34 = 34,
    BANKSLOT_35 = 35,
    BANKSLOT_36 = 36,
    BANKSLOT_37 = 37,
    BANKSLOT_38 = 38,
    BANKSLOT_39 = 39,
    BANKSLOT_ENGINE_RESIDENT = 40,
    BANKSLOT_FEET_RESIDENT = 41,
    BANKSLOT_BULLET_TRAIL = 42,
    BANKSLOT_43 = 43,
    BANKSLOT_44 = 44
};

Thanks to Silent for the enum above ;)

Bonus Documentation for SFX files:
SFXPak: http://pastebin.com/NAVwtmyb
BankLkup: http://pastebin.com/drKr6YCP
BankSlot: http://pastebin.com/nM6Ztem1
EventVol: http://pastebin.com/ffQCPE5S
and finally, the most obvious file... including it here just to have a complete documentation
PakFiles: http://pastebin.com/zBrdUpAW

Oh well, I guess the deadline for the audio engine was too short considering the mess it is :p

  • Deji likes this

DK22Pac
  • DK22Pac

    Playing SA on my lovely PS2. Y'all bums.

  • Feroci
  • Joined: 12 Apr 2009
  • Brazil

#1322

Posted 19 February 2014 - 01:38 PM

All stuff related to mission timers (0xBA1788)

#pragma once
 
#include "plugin\plugin.h"
 
#pragma pack(push, 4)
 
class COnscreenTimerEntry
{
public:
    UInt32 m_dwVarId;
    char   m_acDescriptionTextKey[10];
    char   m_acDisplayedText[42]; // possibly 2b padding?
    Bool   m_bEnabled;
    UInt8  m_nTimerDirection;
    UInt32 m_dwClockBeepCountdownSecs;
};
 
VALIDATE_SIZE(COnscreenTimerEntry, 0x40);
 
class COnscreenCounterEntry
{
public:
    UInt32 m_dwVarId;
    UInt32 m_dwMaxVarValue;
    char   m_acDescriptionTextKey[10];
    UInt16 m_nType; // 0 - counter (%), 1 - line, 2 - conter counter (%/%)
    char   m_acDisplayedText[42]; // possibly 2b padding?
    Bool   m_bEnabled;
    Bool   m_bFlashWhenFirstDisplayed;
    UInt8  m_nColourId; // color index from HudColours
};
 
VALIDATE_SIZE(COnscreenCounterEntry, 0x44);
 
class COnscreenTimer
{
public:
    COnscreenTimerEntry m_Clock;
    COnscreenCounterEntry m_aCounters[4];
    Bool m_bDisplay;
    Bool m_bPaused;
};
 
VALIDATE_SIZE(COnscreenTimer, 0x154);
 
#pragma pack(pop)

WolF Client
  • WolF Client

    Player Hater

  • Members
  • Joined: 24 Feb 2014
  • Germany

#1323

Posted 24 February 2014 - 09:25 PM

Is there a simple way to read the distance of the nearest vehicle? ( Not just 30m )

Maybe with a loop, wich gets the distance of each loaded vehicle object and compare them ...
But how to read the position of all loaded vehicles?


Jack
  • Jack

    wanted level modifications

  • Feroci
  • Joined: 06 Dec 2011
  • Serbia

#1324

Posted 28 May 2014 - 08:41 AM Edited by Jack..., 21 June 2014 - 06:17 AM.

Emergency car model arrays:

rhino>>>>>>>>>>?? ?? ?? ?? ?? ?? ?? ?? ?? ??
barracks>>>>>>>?? ?? ?? ?? ?? ?? ?? ?? ?? ??
FBI rancher>>>>B8 EA 01 00 00 5B C3 6A FF E8
enforcer>>>>>>>B8 AB 01 00 00 5B C3 6A FF E8
polmav>>>>>>>>>68 F1 01 00 00 8B C8 E8 FB DB
vcnmav>>>>>>>>>68 E8 01 00 00 8B C8 E8 23 DC
hydra>>>>>>>>>>C7 05 D8 CA C1 00 08 02 00 00
predator>>>>>>>28 AE 01 00 00 C7 44 24 58 18

Testing: everything works - new cars are coming. When I replaced polmav with hunter the new polhunter acted strange...

Rhino and barracks have diferent assembly code... Still searching...

:karmaeater: I'm hungry.

EDIT:

Wanted level needed, to see police cars & peds:

ARMY>>>>>>>>>>06 74 09 F6 41 1E 20 75 03 33
FBI>>>>>>>>>>>05 74 09 F6 41 1E 10 75 03 33
SWAT>>>>>>>>>>04 74 09 F6 41 1E 08 75 03 33
COPS>>>>>>>>>>00 D8 1E 56 00 ED 1E 56 00 90

Star number replacement can replace vehicles from the other stars. FBI at 6 stars is now possible (and others).

IDA pro and Assembly codes made this happen.

And yeah I'm still very hungry :karmaeater:.

0x5DDD86   motorbike cop model

Hydra plane model found (up)...

 

EDIT: I've just found cop weapon related stuff:

cop pistol model >>>>>>>>>>>>>>>>6A 16 E8 DD AC 00 00 88 9E 18 
cop pistol assign >>>>>>>>>>>>>>>6A 16 E8 C3 A6 F5 FF 5E C2 04 
cop shotgun model (from car)>>>>>6A 19 E8 42 C8 1C 00 8B 8B 7C

:karmaeater:.

The first one was found by  DexX a long time ago.


paulicabos
  • paulicabos

    Player Hater

  • Members
  • Joined: 27 Jul 2012

#1325

Posted 08 June 2014 - 03:12 PM

I need to memory adress for the distance you can see the green triangle of a player.

Ex: i want to see that green triangle when i aim someone that is at maximum 200 meters far way from me..


Jack
  • Jack

    wanted level modifications

  • Feroci
  • Joined: 06 Dec 2011
  • Serbia

#1326

Posted 14 June 2014 - 08:15 PM Edited by Jack..., 15 June 2014 - 09:05 PM.

All cop skins are stored in this array (not SWAT, FBI or ARMY, just cops):

1B 01 00 00 18 01 00 00 19 01 00 00 1A 01

There're probably some other emergency ped skins arround this location :) - I haven't checked.

Also I found this by accident (it's some fire related stuff):

0x492971
0x4A37E0
0x4C2D78

The third one makes the fire more rectangular shaped or smthng like that... I don't know...

 

EDIT: The array I showed up here (for cop skins) was not a default one - fixed now - I'm sorry about that.

 

EDIT2:
More emergency ped models:

medics (LS, SF, LV)>>>>>>>>>>>>>12 01 00 00 14 01 00 00 13 01 00 00
firefighters (LS, SF, LV)>>>>>>>15 01 00 00 17 01 00 00 16 01 00 00

HM128
  • HM128

    alovelyday

  • Feroci
  • Joined: 09 Jul 2006
  • None
  • Best Map 2013 "ViceCityStories PC Edition"

#1327

Posted 18 June 2014 - 07:57 AM Edited by HackMan128, 18 June 2014 - 08:41 AM.

Can someone tell me what address of mouse horizontal camera rotation for player is? Also is possible to set this camera rotation around player? In GTA Vice City something like that was probably possible. The mouse based camera angles was from -1.0 to 1.0.

 

//EDIT:

There are floats 0x00B6F104 and 0x00B6F108 but these are read-only.


OrionSR
  • OrionSR

    Chain Game Development Team

  • Feroci
  • Joined: 23 May 2007
  • None
  • Helpfulness Award [GTA & Modding]

#1328

Posted 18 June 2014 - 09:39 AM

virtual_protect 1?
 


DK22Pac
  • DK22Pac

    Playing SA on my lovely PS2. Y'all bums.

  • Feroci
  • Joined: 12 Apr 2009
  • Brazil

#1329

Posted 18 June 2014 - 10:23 AM

That is some CCamera fields. Why don't you work with gtasa IDA idb?
  • HM128 likes this

Jack
  • Jack

    wanted level modifications

  • Feroci
  • Joined: 06 Dec 2011
  • Serbia

#1330

Posted 22 June 2014 - 09:20 AM Edited by Jack..., 22 June 2014 - 01:02 PM.

Ignore this post.


DK22Pac
  • DK22Pac

    Playing SA on my lovely PS2. Y'all bums.

  • Feroci
  • Joined: 12 Apr 2009
  • Brazil

#1331

Posted 22 June 2014 - 09:25 AM

Check it in database.

Jack
  • Jack

    wanted level modifications

  • Feroci
  • Joined: 06 Dec 2011
  • Serbia

#1332

Posted 22 June 2014 - 09:31 AM Edited by Jack..., 09 July 2014 - 11:02 AM.

Do you mean this:
SA mem add?

It ain't there.

 

They were found in this topic. Edited previous post.

 

EDIT: Mouse related stuff:

0xB73404 [Byte]--------LMB
0xB73405 [Byte]--------RMB
0xB73406 [Byte]--------MMB

0---no action
128-pressed

 

EDIT2:

Weapon accuracy>>>>>>>>>C6 86 1A 07 00 00 XX

There're 5 of them - 4 of them for pedtype 6 and 1 for everyone else - same as in VC and III (XX - default value).


LINK/2012
  • LINK/2012

    LIVIN' IN CODE

  • Feroci
  • Joined: 30 Jan 2011
  • Brazil

#1333

Posted 31 July 2014 - 03:34 AM Edited by LINK/2012, 31 July 2014 - 03:44 AM.

#pragma pack(push, 1)
struct CStreamingInfo // ikr, 0x8E4CC0 -> CStreamingInfo ms_aInfoForModel[26316]
{
  unsigned __int16 usNext;      // Used for linked-list of specific resources
  unsigned __int16 usPrev;      // Used for linked-list of specific resources
  __int16 usNextOnCd;           // The resource following this one on the img directory, used to minimize the number of I/O reads by reading the file(s) following this one, all at once with a single system call.
  unsigned __int8 ucFlags;	// Resource flags, see below
  unsigned __int8 ucImgId;	// The image file id this resource is in
  int iBlockOffset;	        // Offset for this file in 2KiB blocks
  int iBlockCount;		// Size of this file in 2KiB blocks
  unsigned __int8 uiLoadState;	// Loading state, 0=not loaded, 1=loaded, 2=inqueue, 3=reading, 4=?bifile_to_finish
  char _pad1[3];
};
#pragma pack(pop)

enum CStreamingInfoFlags
{
    STREAMING_FLAG_CANNOT_DELETE        = 0x02,     // Cannot unload this object
    STREAMING_FLAG_OWNED_BY_SCRIPT      = 0x04,     // Some script owns this resource
    STREAMING_FLAG_DEPENDENCY           = 0x08,     // This resource is a dependency from another resource or owned by some game code
    STREAMING_FLAG_FIRST_PRIORITY       = 0x10,     // This resource should be loaded as quickly as possible
    STREAMING_FLAG_LOADSCENE            = 0x20	    // This resource has been requested by some scene loading method, which means it should be avoid to stream it out
};
typedef CRect CRange2D; // It's actually a derived class but meh

#pragma pack(push, 1)
struct CStreamedIpl // not the actual native name -- 0x8E3FB0 -> pIplPool
{
  CRange2D bounds;                      // Bounding Box for this IPL
  char name[16];                        // IPL Name
  __int16 field_20;	                    //
  unsigned __int16 m_usBuildingsBegin;  // The first building created by this IPL in the pool
  unsigned __int16 m_usBuildingsEnd;    // The last building created by this IPL in the pool
  unsigned__int16 m_usDummyBegin;       // Same as usBuildingBegin, but for dummy objects (basic data for dynamic objects, when near it, it'll create it's CObject)
  unsigned __int16 m_usDummyEnd;        // Same as usBuildingEnd, but for dummy objects......
  __int16 m_sTextIPL;                   // The text IPL related to this streamed IPl
  char m_bIsInterior;                   // Is this an interior IPL?
  char m_bStreamed;                     // Has been streamed in?
  char m_bRequired;                     // Is required to be streamed in?
  char m_bDisableDynamicStreaming;      // Shouldn't be streamed in when required (REMOVE_IPL)
  char m_bNotOwnedByMission;            // Not owned by a script (REQUEST_IPL)
  char _pad1[3];
};
#pragma pack(pop)

DK22Pac
  • DK22Pac

    Playing SA on my lovely PS2. Y'all bums.

  • Feroci
  • Joined: 12 Apr 2009
  • Brazil

#1334

Posted 01 August 2014 - 07:05 AM

Do you plan to research whole CStreaming stuff?

Do not forget to make an idc script for this please  :lol:


Jack
  • Jack

    wanted level modifications

  • Feroci
  • Joined: 06 Dec 2011
  • Serbia

#1335

Posted 02 September 2014 - 03:02 PM

Wanted stars RGB:

Inactive:
0x58DF41 // R
0x58DF3F // G
0x58DF3D // B
0x58DFC7 // 0 can make them gone

Outer shell on active:
0x58DD50 // R
0x58DD4E // G
0x58DD4C // B
0x58DD41 // 0 can make them gone

Active [already in DB]

juarez
  • juarez

    Memory Hacking

  • Members
  • Joined: 11 Jun 2011
  • Poland

#1336

Posted 16 September 2014 - 12:17 PM

CStreamedScripts GTA SA 1.0

0x470660	int __thiscall CStreamedScripts::Initialise(int this)
0x4706A0     	char *__thiscall CStreamedScripts::ReInitialise(void *this)
0x4706C0	int __thiscall CStreamedScripts::RegisterScript(int this, int name)
0x4706F0	signed int __thiscall CStreamedScripts::FindStreamedScriptQuiet(int this, const char *name)
0x470740	signed int __thiscall CStreamedScripts::FindStreamedScript(int this, const char *name)
0x470750	int __thiscall CStreamedScripts::ReadStreamedScriptData(int this)
0x470810	__int16 __thiscall CStreamedScripts::GetProperIndexFromIndexUsedByScript(void *this, __int16 index)
0x470840	char __thiscall CStreamedScripts::LoadStreamedScript(CExternalScriptInfo *this, RwStream *stream, int index)
0x470890	CScriptThread *__thiscall CStreamedScripts::StartNewStreamedScript(int this, int index)
0x4708E0	void __thiscall CStreamedScripts::RemoveStreamedScriptFromMemory(void *this, int index)
0x470900	void *__thiscall CStreamedScripts::GetStreamedScriptFilename(void *this, unsigned __int16 a2)
0x470910	__int16 __thiscall CStreamedScripts::GetStreamedScriptWithThisStartAddress(void *this, int dataPtr)

HM128
  • HM128

    alovelyday

  • Feroci
  • Joined: 09 Jul 2006
  • None
  • Best Map 2013 "ViceCityStories PC Edition"

#1337

Posted 08 October 2014 - 02:07 PM

Hey DK, can you upload SA CFont.h or it's private?


juarez
  • juarez

    Memory Hacking

  • Members
  • Joined: 11 Jun 2011
  • Poland

#1338

Posted 08 October 2014 - 02:37 PM

http://ru-script.3dn...font/18-1-0-208


HM128
  • HM128

    alovelyday

  • Feroci
  • Joined: 09 Jul 2006
  • None
  • Best Map 2013 "ViceCityStories PC Edition"

#1339

Posted 08 October 2014 - 03:37 PM Edited by HM128, 10 October 2014 - 08:07 PM.

There is no download button, I was there. Have you been in rush? :)

//EDIT, OK, not matter, I have found working CFontSA h and cpp

 

Some RwRGBA game colors getting code

auto gBaseColors = (class CBaseColors*)0xBAB22C;
auto CHudColours__GetRGBA = (RwRGBA (__thiscall*)(void *, RwRGBA *color, unsigned char index))0x58FEA0;  

DK22Pac
  • DK22Pac

    Playing SA on my lovely PS2. Y'all bums.

  • Feroci
  • Joined: 12 Apr 2009
  • Brazil

#1340

Posted 08 October 2014 - 06:19 PM

https://github.com/D...src/sdk/game_sa
  • HM128 likes this

juarez
  • juarez

    Memory Hacking

  • Members
  • Joined: 11 Jun 2011
  • Poland

#1341

Posted 10 October 2014 - 09:55 AM

More info about player skin.

0x56EA80 int __thiscall CPlayerInfo__DeletePlayerSkin(CPlayer *this)
0x56F7D0 int __thiscall CPlayerInfo__LoadPlayerSkin(CPlayer *this)

// unused
0x5717F0 int __thiscall CPlayerInfo__SetPlayerSkin(CPlayer *player, const char *skinPath)

0x6FF8A0 int __cdecl CPlayerSkin__Initialise()
0x6FF8D0 int __cdecl CPlayerSkin__Shutdown()

// unused
0x6FF900 RpClump *__cdecl CPlayerSkin__RenderFrontendSkinEdit()

0x6FFA10 void *__cdecl CPlayerSkin__GetSkinTexture(char *name)

0x732870 int __cdecl CVisibilityPlugins__RenderPlayerCB(int atomic)

And in-game result

I've documented it some time ago. :)

  • Ss4gogeta0 likes this

juarez
  • juarez

    Memory Hacking

  • Members
  • Joined: 11 Jun 2011
  • Poland

#1342

Posted 11 October 2014 - 11:58 AM Edited by juarez, 11 October 2014 - 11:58 AM.

gta sa 1.0 CStoredCar

#pragma pack(push, 1)
struct CStoredCar
{
    float    m_fPosX;
    float    m_fPosY;
    float    m_fPosZ;
    int        m_dwHandlingFlags;
    BYTE    m_bFlags;
    BYTE    _pad[1];
    WORD    m_wModelIndex;
    WORD    m_awUpgrades[15];
    BYTE    m_nColors[4];
    BYTE    _f36;
    BYTE    m_anExtra[2];
    BYTE    m_bFlags2;
    BYTE    m_nRemapIndex;
    BYTE    m_nNitroBoosts;
    BYTE    m_nTopX;
    BYTE    m_nTopY;
    BYTE    m_nTopZ;
};
#pragma pack(pop)

Under_The_Radar
  • Under_The_Radar

    Agnaist Spammers

  • BUSTED!
  • Joined: 21 Oct 2014
  • None

#1343

Posted 21 October 2014 - 04:30 PM

how you call memory addresses?


The Hero
  • The Hero

    /* no comment */

  • Feroci
  • Joined: 25 Jan 2005
  • Germany

#1344

Posted 4 weeks ago Edited by THE HERO, 4 weeks ago.

I have a request: for implementing PS2 reflections (http://gtaforums.com...flections-on-pc) I need the offset/scale of the environment texture. Does anybody know where I can find it? On the PS2 there are four values: U-offset, V-offset, U-scale, V-scale.

 

I thought it would be in the transform parameters DK22Pac has documented here

http://www.gtamoddin...al_(RW_Section) but the four values are always 8 in my case. Is this maybe because I'm overriding the default vehicle pipeline? I hope someone can help me with that :/


DK22Pac
  • DK22Pac

    Playing SA on my lovely PS2. Y'all bums.

  • Feroci
  • Joined: 12 Apr 2009
  • Brazil

#1345

Posted 4 weeks ago

5D6F90 static float CCustomCarEnvMapPipeline::GetFxEnvScaleX(RpMaterial *material)
5D6FC0 static float CCustomCarEnvMapPipeline::GetFxEnvScaleY(RpMaterial *material)
5D7040 static float CCustomCarEnvMapPipeline::GetFxEnvTransSclX(RpMaterial *material)
5D7070 static float CCustomCarEnvMapPipeline::GetFxEnvTransSclY(RpMaterial *material)

The Hero
  • The Hero

    /* no comment */

  • Feroci
  • Joined: 25 Jan 2005
  • Germany

#1346

Posted 4 weeks ago Edited by THE HERO, 4 weeks ago.

They all return constant 1.0 for me :( Any ideas? Maybe a function which refreshes them that gets called in the default pipeline?

I assume these are the 8s I'm getting when I print the 4 bytes at the start of the env structure... 1.7 fixed point? The thing is when I call the default pipeline manually and look at these values after that they're all 8 as well :/

 

EDIT: I guess this is what I'm looking for:

https://github.com/j...peline.cpp#L206

EDIT: that function doesn't make sense at all, though. What code is this anyway? I found it through google.


madleg
  • madleg

    Player Hater

  • Members
  • Joined: 01 Jan 2014
  • Russia

#1347

Posted 2 weeks ago

00978628 array of 20 last picked pickups (4byte each)

00978624 slot index [0-19] (for this array^^) for next pickup what will be picked (4byte)

full array will be just overwritten from the beginning

008A5F48 "replace same type weapone" tip counter [10-0]


Shmoopy
  • Shmoopy

    Thug (͡ ͜ʖ ͡)

  • Members
  • Joined: 16 Jun 2009
  • None

#1348

Posted 2 weeks ago

I'm looking for the function responsible for models reloading (restreaming), thnx in advance





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users