Set or clear chat input text
- Thread starter monday
- Start date
I tried find pointer of this a lot times , but not successfully.
Idk how many params should be called to samp.dll - same as this one:
@springfield I think you have much more experience to do that.
Idk how many params should be called to samp.dll - same as this one:
PHP:
:SET_CHAT_INPUT_ENABLED
{
0.3.DL
0AB1: @SET_CHAT_INPUT_ENABLED 1 STATUS 0 // 1 = ENABLED , 0 = DISABLED
}
IF 0AA2: 10@ = "samp.dll"
THEN
0A8E: 11@ = 10@ + 0x2ACA14 // SAMP_CHAT_INPUT_INFO_OFFSET
0A8D: 12@ = readMem 11@ sz 4 vp 0
0A8E: 11@ = 10@ + 0xA0530 //SAMP_CHAT_INPUT_CLOSE
0AA8: call_function_method 11@ struct 12@ num_params 2 pop 0 0@ retn_val 1@
END
0AB2: 0
Last edited:
monday
Expert
- Joined
- Jun 23, 2014
- Messages
- 1,125
- Reaction score
- 149
I tried to find it too, here's the "CInput->ProcessInput()" function peudocode (0.3.7 R1 samp version):
I found out that nop'ing samp+0x80f60 function results in the chat input box not being cleared (despite processing the command/text itself), so I assume it has something to do with it. I noticed the same behaviour when noping the first function that is called within 0x80f60:
But I didn't have much luck trying to call 0x80f60 "remotely"...
Edit: It certainly looks like some kind of "cleanup" function for the input box:
C++:
void __fastcall CInput->ProcessInput_10065d30(int iParm1)
{
char cVar1;
undefined4 uVar2;
code *pcVar3;
char *pcVar4;
char *pcVar5;
char local_84 [132];
char *szInputBuffer;
char *2ndCharPointer;
if (*(int *)(iParm1 + 8) == 0) {
return;
}
/* 0x14e4 = CInput->szInputBuffer[129] */
szInputBuffer = (char *)(iParm1 + 0x14e4);
uVar2 = FUN_10081030(0x80);
FUN_100b6090(szInputBuffer,uVar2);
/* 0x1564 = last char of CInput->szInputBuffer[129] */
*(undefined *)(iParm1 + 0x1564) = 0;
2ndCharPointer = szInputBuffer;
do {
cVar1 = *2ndCharPointer;
2ndCharPointer = 2ndCharPointer + 1;
} while (cVar1 != '\0');
/* 0x14e4 = CInput->szInputBuffer[129]
so it's 2nd character */
if (2ndCharPointer == (char *)(iParm1 + 0x14e5)) goto LAB_10065e74;
CInput->AddRecall_10065930(szInputBuffer);
/* 0x1af0 = CInput->iCurrentRecall */
*(undefined4 *)(iParm1 + 0x1af0) = 0xffffffff;
if (*szInputBuffer != '/') {
/* 0x1af8 = CMDPROC CInput->pszDefaultCMD */
if (*(code **)(iParm1 + 0x1af8) != (code *)0x0) {
(**(code **)(iParm1 + 0x1af8))(szInputBuffer);
}
goto LAB_10065e62;
}
/* 0x14e4 = CInput->szInputBuffer[129]
so it's 2nd character */
2ndCharPointer = (char *)(iParm1 + 0x14e5);
pcVar5 = 2ndCharPointer;
if (*2ndCharPointer == '\0') {
LAB_10065dd4:
pcVar3 = (code *)CInput->GetCommandHandler_10065a70(2ndCharPointer);
if (pcVar3 == (code *)0x0) {
if (DAT_1021a0f8 == 0) goto LAB_10065e58;
SendCommandToServer_10065c60(szInputBuffer);
}
else {
(*pcVar3)(&DAT_100d39c5);
}
}
else {
do {
if (*pcVar5 == ' ') break;
pcVar4 = pcVar5 + 1;
pcVar5 = pcVar5 + 1;
} while (*pcVar4 != '\0');
if (*pcVar5 == '\0') goto LAB_10065dd4;
pcVar4 = szInputBuffer;
do {
cVar1 = *pcVar4;
pcVar4[(int)(local_84 + -(int)szInputBuffer)] = cVar1;
pcVar4 = pcVar4 + 1;
} while (cVar1 != '\0');
*pcVar5 = '\0';
pcVar3 = (code *)CInput->GetCommandHandler_10065a70(2ndCharPointer);
if (pcVar3 == (code *)0x0) {
if (DAT_1021a0f8 != 0) {
SendCommandToServer_10065c60(local_84);
goto LAB_10065e62;
}
LAB_10065e58:
FUN_10064520(DAT_1021a0e4,"I don\'t know that command.");
}
else {
(*pcVar3)(pcVar5 + 1);
}
}
LAB_10065e62:
*szInputBuffer = '\0';
FUN_10080f60(&DAT_100d39c5,0);
LAB_10065e74:
/* 0x14e0 = CInput->iInputEnabled */
if (*(int *)(iParm1 + 0x14e0) != 0) {
if (DAT_1021a0e4 != 0) {
CChat->ScrollToBottom_100637c0();
}
CInput->Close_100658e0();
}
return;
}I found out that nop'ing samp+0x80f60 function results in the chat input box not being cleared (despite processing the command/text itself), so I assume it has something to do with it. I noticed the same behaviour when noping the first function that is called within 0x80f60:
Code:
10080f6b 50 PUSH EAX
10080f6c 8b cf MOV ECX,EDI
10080f6e e8 bd 69 CALL FUN_10097930
01 00But I didn't have much luck trying to call 0x80f60 "remotely"...
Edit: It certainly looks like some kind of "cleanup" function for the input box:
C++:
void __thiscall FUN_10080f60(int iParm1,undefined4 param_1)
{
undefined4 uVar1;
FUN_10097930(param_1);
/* 0x122 = CInput->szInputBox->horizontalScrollOffset (a.k.a. how many
characters are hidden on the left side) */
*(undefined4 *)(iParm1 + 0x122) = 0;
uVar1 = (*(code *)0xeacf4)(*(undefined4 *)(iParm1 + 0x4d));
FUN_10080e50(uVar1);
if ((char)param_1 != '\0') {
/* Set cursor pos to the begining */
*(undefined4 *)(iParm1 + 0x11e) = 0;
return;
}
/* 0x119 = CInput->stInputBox->markedTextEndOffset */
/* 0x11e = CInput->szInputBox->textCursorPos */
*(undefined4 *)(iParm1 + 0x11e) = *(undefined4 *)(iParm1 + 0x119);
return;
}
Last edited:
monday
Expert
- Joined
- Jun 23, 2014
- Messages
- 1,125
- Reaction score
- 149
it's there:
https://github.com/BlastHackNet/mod_s0beit_sa-1/blob/master/src/samp.h
SAMP_CHAT_INPUT_INFO_OFFSET + 8 = stInputBox
Btw I found it
It is stored as "wide string" so each character has 2 bytes (and it ends with 2 zero bytes as far as I know). Changing the values at that address actually affect the input box text
https://github.com/BlastHackNet/mod_s0beit_sa-1/blob/master/src/samp.h
SAMP_CHAT_INPUT_INFO_OFFSET + 8 = stInputBox
Btw I found it
It is stored as "wide string" so each character has 2 bytes (and it ends with 2 zero bytes as far as I know). Changing the values at that address actually affect the input box text
Attachments
I can't find it
I mean where you see +8 offset
springfield
God
- Joined
- Feb 18, 2005
- Messages
- 2,963
- Reaction score
- 267
In the same way as this ; http://ugbase.eu/index.php?threads/dll-call.20643/#post-120459
0x80F60 is CDXUTEditBox::SetText (0.3.7 R1), call it like this
Use the function, since it's a dynamic buffer, so writing in the buffer without updating the 'size' member, or trying to free/allocate memory(to expand string) from another heap might result in errors.
0x80F60 is CDXUTEditBox::SetText (0.3.7 R1), call it like this
C++:
((void(__thiscall *)(void*, const char*, bool))samp.dll+0x80F60)(CInput->szInputBox, "hello", false);Ty..., thx.
PHP:
:SetChatInputEditBoxText
{
0AB1: @SetChatInputEditBoxText 2 => text 0@ selected 0
}
if 0AA2: 2@ = "samp.dll"
then
0A8E: 3@ = 2@ + 0x21A0E8 // SAMP_CHAT_INPUT_INFO_OFFSET (R1)
0A8D: 3@ = readMem 3@ sz 4 vp 0 // pChatInput;
0A8E: 4@ = 3@ + 0x8 // pChatInput->pEditBox;
0A8D: 4@ = readMem 4@ sz 4 vp 0 // pEditBox;
0A8E: 5@ = 2@ + 0x80F60 // CDXUTEditBox::SetText (offset for 0.3.7 R1)
// CDXUTEditBox::SetText takes 2 params
// 1 - pointer to zero terminated string
// 2 - bool, if text is to be selected or not
0AA8: call_function_method 5@ struct 4@ num_params 2 pop 0 _bSelected 1@ _pszText 0@ _retVal 6@
end
0AB2: 0
Last edited:
Please explain it.
IF every second need add +4 , so how dialog editbox have 24 offset?
Because if i add every time +4 it should be 36 offset.
I trying understand.
C++:
struct stDialogInfo
{
IDirect3DDevice9 *m_pD3DDevice; // + 0
int iTextPoxX; // + 4
int iTextPoxY; // + 8
uint32_t uiDialogSizeX; // + 12
uint32_t uiDialogSizeY; // + 16
int iBtnOffsetX; // + 20
int iBtnOffsetY; // + 24
class _CDXUTDialog *pDialog; // + 28
class _CDXUTListBox *pList; // + 32
class _CDXUTIMEEditBox *pEditBox; // + 36
int iIsActive;
int iType;
uint32_t DialogID;
char *pText;
uint32_t uiTextWidth;
uint32_t uiTextHeight;
char szCaption[65];
int bServerside;
};
Last edited:
monday
Expert
- Joined
- Jun 23, 2014
- Messages
- 1,125
- Reaction score
- 149
Oh that make sense.
Thanks a lot guys.
ETC.
@springfield
@monday
I made and tested this snippet - working , but also i get one error , maybe you know why?
Edit solved.:
@springfield
@monday
I made and tested this snippet - working , but also i get one error , maybe you know why?
PHP:
:SET_CHAT_INPUT_ENABLED
{
0.3.7 - R1
0AB1: @SET_CHAT_INPUT_ENABLED 1 Status 0 // 1 = Enable, 0 = Disable
}
IF 0AA2: 10@ = "samp.dll"
THEN
0A8E: 11@ = 10@ + 0x21A0E8 // SAMP_CHAT_INPUT_INFO_OFFSET
0A8D: 12@ = readMem 11@ sz 4 vp 0
0A8E: 11@ = 10@ + 0x657E0 //SAMP_CHAT_INPUT_CLOSE
0AA8: call_function_method 11@ struct 12@ num_params 1 pop 0 _Status 0@ _retVal 6@
END
0AB2: 0Edit solved.:
PHP:
:SET_CHAT_INPUT_ENABLED
{
0.3.7 - R1
0AB1: @SET_CHAT_INPUT_ENABLED 1 Status 0 // 1 = Enable, 0 = Disable
}
IF 0AA2: 10@ = "samp.dll"
THEN
0A8E: 11@ = 10@ + 0x21A0E8 // SAMP_CHAT_INPUT_INFO_OFFSET
0A8D: 12@ = readMem 11@ sz 4 vp 0
if
0@ == 1
then
0A8E: 11@ = 10@ + 0x657E0 //SAMP_CHAT_INPUT_OPEN
else
0A8E: 11@ = 10@ + 0x658E0 //SAMP_CHAT_INPUT_CLOSE
end
0AA8: call_function_method 11@ struct 12@ num_params 0 pop 0 _retVal 6@
END
0AB2: 0
Last edited: