Reverse Engineering Asked on April 6, 2021
Im trying to recognise where is my targeted function int64 __fastcall sub_1400CE4F0(__int64 a1, const char *a2)
executed. When stepping through this function, after return
it’s redirecting me here:
if ( *(_QWORD *)(v9 + v8 + 8) || *(_QWORD *)(v9 + v8 + 16) )
(*(void (__fastcall **)(_QWORD, __int64))(v9 + v8 + 16))(*(_QWORD *)(v9 + v8 + 8), v4);
if ( v5 == 0xFFFFFFF ) //Here..
v5 = *((_DWORD *)v2 + 9);
You can see in the line:
(*(void (__fastcall **)(_QWORD, __int64))(v9 + v8 + 16))(*(_QWORD *)(v9 + v8 + 8), v4);
That you have an indirect function call - a function that is called by a value of a variable, and not by a direct address.
Your function has the following signature:
void your_func(QWORD, __int64)
And the function itself comes from the v9 + v8 + 16
variables.
So v9 + v8 + 8
is the first parameter of the function, and v4
is the second parameter.
Correct answer by macro_controller on April 6, 2021
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP