Difference between revisions of "Virtual Offsets (Source Mods)"

From AlliedModders Wiki
Jump to: navigation, search
m (Added link to L4D player offsets)
(Swap out Berni's offset dumper for Asherkin's)
 
(10 intermediate revisions by 8 users not shown)
Line 6: Line 6:
  
 
== Offset Lists ==
 
== Offset Lists ==
 +
==== Automated Offsets ====
 +
You can get updated offsets from the following tool. It automatically updates the offsets when an update is pushed by Valve for the 6 games it supports, and you may input your own *.so file to obtain offsets for other games.
 +
* [https://asherkin.github.io/vtable VTable Dumper (by Asherkin)]
 
==== Counter-Strike: Source ====
 
==== Counter-Strike: Source ====
 
* [[CCSPlayer Offset List (Counter-Strike: Source)|CCSPlayer]]
 
* [[CCSPlayer Offset List (Counter-Strike: Source)|CCSPlayer]]
Line 12: Line 15:
 
* [[CBaseGrenade Offset List (Counter-Strike: Source) | CBaseGrenade]]
 
* [[CBaseGrenade Offset List (Counter-Strike: Source) | CBaseGrenade]]
 
* [[CDEagle Offset List (Counter-Strike: Source) | CDEagle]]
 
* [[CDEagle Offset List (Counter-Strike: Source) | CDEagle]]
* [[CBasePlayer Offset List (Counter-Strike: Source) | CBasePlayer]]
 
  
 
==== Day of Defeat: Source ====
 
==== Day of Defeat: Source ====
Line 20: Line 22:
 
* [[CDYSPlayer Offset List (Dystopia)|CDYSPlayer]]
 
* [[CDYSPlayer Offset List (Dystopia)|CDYSPlayer]]
  
==== Empires ====
+
==== Empires v2.12 ====
 
* [[CSDKPlayer Offset List (Empires)|CSDKPlayer]]
 
* [[CSDKPlayer Offset List (Empires)|CSDKPlayer]]
  
Line 40: Line 42:
 
==== Left 4 Dead ====
 
==== Left 4 Dead ====
 
* [[CTerrorPlayer Offset List (Left 4 Dead)|CTerrorPlayer]]
 
* [[CTerrorPlayer Offset List (Left 4 Dead)|CTerrorPlayer]]
 +
 +
==== Left 4 Dead 2 ====
 +
* [[CTerrorPlayer Offset List (Left 4 Dead 2)|CTerrorPlayer]]
  
 
==== Obsidian Conflict ====
 
==== Obsidian Conflict ====
Line 55: Line 60:
 
==== Synergy ====
 
==== Synergy ====
 
* [[CHL2MP_Player Offset List (Synergy)|CHL2MP_Player]]
 
* [[CHL2MP_Player Offset List (Synergy)|CHL2MP_Player]]
 +
 +
==== Synergy SteamWorks (Synergy Orange Box Edition)====
 +
* [[CHL2MP_Player Offset List (SynergyOB)|CHL2MP_Player]]
  
 
==== Team Fortress 2 ====
 
==== Team Fortress 2 ====
Line 64: Line 72:
 
==== Zombie Panic: Source ====
 
==== Zombie Panic: Source ====
 
* [[CHL2MP_Player Offset List (Zombie Panic: Source)|CHL2MP_Player]]
 
* [[CHL2MP_Player Offset List (Zombie Panic: Source)|CHL2MP_Player]]
 +
 +
==== GoldenEye: Source ====
 +
* [[CGEPlayer Offset List (GoldenEye: Source)|CGEPlayer]]
  
 
== How to use the examples ==
 
== How to use the examples ==

Latest revision as of 16:00, 2 October 2016

Calling virtual functions

I got this method from Mani, who I believe got it from Pavol Marko. Thank you!

I hope to expand on an actual explanation when I have the time (and understand it better). Hopefully, someone can expand on this, but for now I'll just post the examples and a list of the CCSPlayer virtual function table offsets.

Offset Lists

Automated Offsets

You can get updated offsets from the following tool. It automatically updates the offsets when an update is pushed by Valve for the 6 games it supports, and you may input your own *.so file to obtain offsets for other games.

Counter-Strike: Source

Day of Defeat: Source

Dystopia

Empires v2.12

Fortress Forever

Half-Life 2: Capture the Flag

Half-Life 2: Deathmatch

Hidden: Source

Insurgency

Left 4 Dead

Left 4 Dead 2

Obsidian Conflict

Pirates, Vikings, and Knights II

The Ship

SourceForts

Synergy

Synergy SteamWorks (Synergy Orange Box Edition)

Team Fortress 2

Zombie Master

Zombie Panic: Source

GoldenEye: Source

How to use the examples

Basically, this lets you call any virtual function by knowing it's offset. A table is created for each class that lists the address of the function for each virtual function. This method takes advantage of that to call those addresses.

Look at the examples below and edit to match the function you want to call: Use the offset for the function you want to call in this line. (CCSPlayer_offset_list_(SourceMM))

void *func = vtable[m_Off_GiveNamedItem];

Change this line to match your return type and parameters:

union {CBaseEntity *(VfuncEmptyClass::*mfpnew)(const char *, int );

Call the original function with your parameters (change the return type to match the function you're calling):

return (CBaseEntity *) (reinterpret_cast<VfuncEmptyClass*>(this_ptr)->*u.mfpnew)(ItemName, iSubType);

You'll need to add an empty class for the union. Something like this:

class VfuncEmptyClass {};

Examples

These examples are for CSS. Mani has created a set of macros to make this easier. If you ask nicely, maybe he'll give them to you or let you post them here.

datamap_t *VFuncs::GetDataDescMap(CBaseEntity *pThisPtr)
{
	void **this_ptr = *(void ***)&pThisPtr;
	void **vtable = *(void ***)pThisPtr;
	void *func = vtable[m_Off_GetDataDescMap]; 
 
	union {datamap_t *(VfuncEmptyClass::*mfpnew)();
#ifndef __linux__
        void *addr;	} u; 	u.addr = func;
#else /* GCC's member function pointers all contain a this pointer adjustor. You'd probably set it to 0 */
			struct {void *addr; intptr_t adjustor;} s; } u; u.s.addr = func; u.s.adjustor = 0;
#endif
 
	return (datamap_t *) (reinterpret_cast<VfuncEmptyClass*>(this_ptr)->*u.mfpnew)();
 
}
 
void VFuncs::SetModel(CBaseEntity *pThisPtr, const char *ModelName)
{
	void **this_ptr = *(void ***)&pThisPtr;
	void **vtable = *(void ***)pThisPtr;
	void *func = vtable[m_Off_SetModel]; 
 
	union {void (VfuncEmptyClass::*mfpnew)(const char *);
	#ifndef __linux__
			void *addr;	} u; 	u.addr = func;
	#else // GCC's member function pointers all contain a this pointer adjustor. You'd probably set it to 0 
				struct {void *addr; intptr_t adjustor;} s; } u; u.s.addr = func; u.s.adjustor = 0;
	#endif
 
	(void) (reinterpret_cast<VfuncEmptyClass*>(this_ptr)->*u.mfpnew)(ModelName);
 
}
 
void VFuncs::Teleport(CBaseEntity *pThisPtr, const Vector *newPosition, const QAngle *newAngles, const Vector *newVelocity)
{
	void **this_ptr = *(void ***)&pThisPtr;
	void **vtable = *(void ***)pThisPtr;
	void *func = vtable[m_Off_Teleport]; 
 
	union {void (VfuncEmptyClass::*mfpnew)(const Vector *, const QAngle *, const Vector *);
	#ifndef __linux__
			void *addr;	} u; 	u.addr = func;
	#else // GCC's member function pointers all contain a this pointer adjustor. You'd probably set it to 0 
				struct {void *addr; intptr_t adjustor;} s; } u; u.s.addr = func; u.s.adjustor = 0;
	#endif
 
	(void) (reinterpret_cast<VfuncEmptyClass*>(this_ptr)->*u.mfpnew)(newPosition, newAngles, newVelocity);
 
}
 
Vector VFuncs::EyePosition( CBaseEntity *pThisPtr )
{
	void **this_ptr = *(void ***)&pThisPtr;
	void **vtable = *(void ***)pThisPtr;
	void *func = vtable[m_Off_EyePosition]; 
 
	union {Vector (VfuncEmptyClass::*mfpnew)( void );
	#ifndef __linux__
			void *addr;	} u; 	u.addr = func;
	#else // GCC's member function pointers all contain a this pointer adjustor. You'd probably set it to 0 
				struct {void *addr; intptr_t adjustor;} s; } u; u.s.addr = func; u.s.adjustor = 0;
	#endif
 
	return (Vector) (reinterpret_cast<VfuncEmptyClass*>(this_ptr)->*u.mfpnew)( );
 
}
 
QAngle &VFuncs::EyeAngles( CBaseEntity *pThisPtr )
{
	void **this_ptr = *(void ***)&pThisPtr;
	void **vtable = *(void ***)pThisPtr;
	void *func = vtable[m_Off_EyeAngles]; 
 
	union {QAngle& (VfuncEmptyClass::*mfpnew)( void );
	#ifndef __linux__
			void *addr;	} u; 	u.addr = func;
	#else // GCC's member function pointers all contain a this pointer adjustor. You'd probably set it to 0 
				struct {void *addr; intptr_t adjustor;} s; } u; u.s.addr = func; u.s.adjustor = 0;
	#endif
 
	return (QAngle&) (reinterpret_cast<VfuncEmptyClass*>(this_ptr)->*u.mfpnew)( );
 
}
 
 
void VFuncs::Ignite(CBaseEntity *pThisPtr, float flFlameLifetime, bool bNPCOnly, float flSize, bool bCalledByLevelDesigner)
{
	void **this_ptr = *(void ***)&pThisPtr;
	void **vtable = *(void ***)pThisPtr;
	void *func = vtable[m_Off_Ignite]; 
 
	union {void (VfuncEmptyClass::*mfpnew)(float , bool , float , bool );
	#ifndef __linux__
			void *addr;	} u; 	u.addr = func;
	#else // GCC's member function pointers all contain a this pointer adjustor. You'd probably set it to 0 
				struct {void *addr; intptr_t adjustor;} s; } u; u.s.addr = func; u.s.adjustor = 0;
	#endif
 
	(void) (reinterpret_cast<VfuncEmptyClass*>(this_ptr)->*u.mfpnew)(flFlameLifetime, bNPCOnly, flSize, bCalledByLevelDesigner);
 
}
 
CBaseEntity *VFuncs::GiveNamedItem(CBaseEntity *pThisPtr, const char *ItemName, int iSubType)
{
	void **this_ptr = *(void ***)&pThisPtr;
	void **vtable = *(void ***)pThisPtr;
	void *func = vtable[m_Off_GiveNamedItem]; 
 
	union {CBaseEntity *(VfuncEmptyClass::*mfpnew)(const char *, int );
	#ifndef __linux__
			void *addr;	} u; 	u.addr = func;
	#else // GCC's member function pointers all contain a this pointer adjustor. You'd probably set it to 0 
				struct {void *addr; intptr_t adjustor;} s; } u; u.s.addr = func; u.s.adjustor = 0;
	#endif
 
	return (CBaseEntity *) (reinterpret_cast<VfuncEmptyClass*>(this_ptr)->*u.mfpnew)(ItemName, iSubType);
}
 
void VFuncs::CommitSuicide(CBaseEntity *pThisPtr)
{
	void **this_ptr = *(void ***)&pThisPtr;
	void **vtable = *(void ***)pThisPtr;
	void *func = vtable[m_Off_CommitSuicide]; 
 
	union {CBaseEntity *(VfuncEmptyClass::*mfpnew)( void );
	#ifndef __linux__
			void *addr;	} u; 	u.addr = func;
	#else // GCC's member function pointers all contain a this pointer adjustor. You'd probably set it to 0 
				struct {void *addr; intptr_t adjustor;} s; } u; u.s.addr = func; u.s.adjustor = 0;
	#endif
 
	(reinterpret_cast<VfuncEmptyClass*>(this_ptr)->*u.mfpnew)();
}