YimMenu
Fix fortitude's "nemesis" streaming crash
E8 ? ? ? ? 48 8B C8 48 8B F0 48 8B 10 FF 52 ? 48 8B CE add(1).rip()
if (auto ptr = *(uint64_t*)(a1 + 0xC10); !ptr) return 0;
That should work, but I'd like to analyze their syncs and block it through the can apply data hook. I'm busy working on something else right now, but I'll get back to this project soon enough
That should work, but I'd like to analyze their syncs and block it through the can apply data hook. I'm busy working on something else right now, but I'll get back to this project soon enough
I just figured out what the crash is.
RDR has also the invalid trailer attachment crash(trailer attached to a target not a vehicle).
We can check it in CPhysicalAttachDataNode.
But as I said in Yimmenu GTA, I think we also need to check sync or creation(object->GetGameObject)
Btw, I think netObject + 0xB0 is GetGameObject
That should work, but I'd like to analyze their syncs and block it through the can apply data hook. I'm busy working on something else right now, but I'll get back to this project soon enough
I just figured out what the crash is. RDR has also the invalid trailer attachment crash(trailer attached to a target not a vehicle). We can check it in
CPhysicalAttachDataNode. But as I said in Yimmenu GTA, I think we also need to check sync or creation(object->GetGameObject)Btw, I thinknetObject + 0xB0isGetGameObject
Or maybe we can check the attached object type
you right getGameObject is at 0xB0. 48 89 5C 24 ? 48 89 6C 24 ? 48 89 74 24 ? 57 41 54 41 55 41 56 41 57 48 83 EC 70 48 8B B9 ? ? ? ? here its the signature for the node. + the class class IDK_NODE{ public: char pad_0[0x10]; uint32_t m_unk; //0x10 char pad_14[0xC]; uint32_t m_unk1; //0x20 uint32_t m_unk2; //0x24 uint32_t m_unk3; //0x28
}; if someone know the name would be good for block this crash
you right getGameObject is at 0xB0. 48 89 5C 24 ? 48 89 6C 24 ? 48 89 74 24 ? 57 41 54 41 55 41 56 41 57 48 83 EC 70 48 8B B9 ? ? ? ? here its the signature for the node. + the class class IDK_NODE{ public: char pad_0[0x10]; uint32_t m_unk; //0x10 char pad_14[0xC]; uint32_t m_unk1; //0x20 uint32_t m_unk2; //0x24 uint32_t m_unk3; //0x28
}; if someone know the name would be good for block this crash
The class is much larger than that. It's the vehicle gadget node btw.
you right getGameObject is at 0xB0. 48 89 5C 24 ? 48 89 6C 24 ? 48 89 74 24 ? 57 41 54 41 55 41 56 41 57 48 83 EC 70 48 8B B9 ? ? ? ? here its the signature for the node. + the class class IDK_NODE{ public: char pad_0[0x10]; uint32_t m_unk; //0x10 char pad_14[0xC]; uint32_t m_unk1; //0x20 uint32_t m_unk2; //0x24 uint32_t m_unk3; //0x28 }; if someone know the name would be good for block this crash
The class is much larger than that. It's the vehicle gadget node btw.
thanks for the information :)
This should be a sufficient class:
class CGadgetData
{
public:
uint32_t m_type;
uint8_t m_data[0xF3];
};
static_assert(sizeof(CGadgetData) == 0xF8);
class CVehicleGadgetNodeData
{
public:
bool m_has_position;
char pad_0001[15];
float m_position[4];
uint32_t m_num_gadgets;
CGadgetData m_gadgets[2];
};
static_assert(sizeof(CVehicleGadgetNodeData) == 0x214); // Needs to be 0x220, prob from packing at 16.
E8 ? ? ? ? 48 8B C8 48 8B F0 48 8B 10 FF 52 ? 48 8B CE add(1).rip()
if (auto ptr = *(uint64_t*)(a1 + 0xC10); !ptr) return 0;
This produces false positives + Game Crashes. I am not even sure this will block the crash.
Fortnut crash may be fixed by #148. Needs further testing. EDIT: Game still eventually shits, though the trailer attachment protection seems to help some. 6-27-24 fort crash.log