Since I didn't have any more ideas to work with I decided to reduce the function sizes, here's what they now look similar to with the functions they rely on:
Code:int foo__cb_init( foo_cb_id_t cb_id, int *wid ) { foo_cb_info_t *info; foo_window_t *window; int lua_cb; puts(__func__); if ( !wid ) return EDESTADDRREQ; if ( cb_id >= foo_cb_id_count ) { range: *wid = -1; return ERANGE; } info = &(foo_callbacks[cb_id]); *wid = ((uintptr_t)&info) + info->size + 2; printf("%s() wid = %d\n", info->name, *wid ); if ( *wid < 0 || *wid >= g_window_list.used ) goto range; window = g_windows[*wid]; lua_cb = window->lua_cb[cb_id]; lua_rawgeti( g_L, LUA_REGISTRYINDEX, lua_cb ); lua_pushvalue( g_L, 1 ); return EXIT_SUCCESS; } int foo__cb_call() { int ret; if ( (ret = lua_pcall( g_L, 0, 0, 0 )) != 0 ) printf("%s\n", lua_tostring( g_L, -1 ) ); return ret; } void foo_cb_close() { int wid = -1; if ( foo__cb_init( foo_cb_id_close, &wid ) != EXIT_SUCCESS ) return; (void)foo__cb_call(); }
Managed to downsize the functions to the limit and printed the resulting bytes:
Edit: All little endian btwCode:55 48 89 E5 48 83 EC 10 64 48 8B 04 25 28 00 00 00 48 89 45 F8 C7 45 F4 2E FB FF FF 31 FF 48 8D 75 F4 E8 09 FF FF FF 64 48 8B 0C 25 28 00 00 00 48 8B 55 F8 48 39 D1 0F 85 06 00 00 00 48 83 C4 10 5D C3 E8 C8 D7 FF FF 55 48 89 E5 48 83 EC 10 64 48 8B 04 25 28 00 00 00 48 89 45 F8 C7 45 F4 2E FB FF FF BF 01 00 00 00 48 8D 75 F4 E8 16 FE FF FF 64 48 8B 0C 25 28 00 00 00 48 8B 55 F8 48 39 D1 0F 85 06 00 00 00 48 83 C4 10 5D C3 E8 D5 D6 FF FF 55 48 89 E5 48 83 EC 10 64 48 8B 04 25 28 00 00 00 48 89 45 F8 C7 45 F4 2E FB FF FF BF 02 00 00 00 48 8D 75 F4 E8 26 FD FF FF 64 48 8B 0C 25 28 00 00 00 48 8B 55 F8 48 39 D1 0F 85 06 00 00 00 48 83 C4 10 5D C3 E8 E5 D5 FF FF 55 48 89 E5 48 83 EC 20 64 48 8B 04 25 28 00 00 00 48 89 45 F8 40 88 7D F3 89 75 EC 89 55 E8 C7 45 F4 2E FB FF FF 0F B6 55 F3 8B 4D EC 44 8B 45 E8 BF 03 00 00 00 48 8D 75 F4 E8 71 FC FF FF 64 48 8B 34 25 28 00 00 00 4C 8B 4D F8 4C 39 CE 0F 85 06 00 00 00 48 83 C4 20 5D C3 E8 E0 D4 FF FF 55 48 89 E5 48 83 EC 20 64 48 8B 04 25 28 00 00 00 48 89 45 F8 89 7D F0 89 75 EC C7 45 F4 2E FB FF FF BF 04 00 00 00 48 8D 75 F4 E8 30 FB FF FF 64 48 8B 0C 25 28 00 00 00 48 8B 55 F8 48 39 D1 0F 85 06 00 00 00 48 83 C4 20 5D C3 E8 EF D3 FF FF 55 48 89 E5 48 83 EC 20 64 48 8B 04 25 28 00 00 00 48 89 45 F8 89 7D F0 89 75 EC 89 55 E8 C7 45 F4 2E FB FF FF 8B 55 F0 8B 4D EC 44 8B 45 E8 BF 05 00 00 00 48 8D 75 F4 E8 73 FA FF FF 64 48 8B 34 25 28 00 00 00 4C 8B 4D F8 4C 39 CE 0F 85 06 00 00 00 48 83 C4 20 5D C3 E8 E2 D2 FF FF
Welp I managed to write the value inside the function rendering the external value redundant, gotta start preparing for work soon and since I'm not getting anywhere with this at the moment I've uploaded an archive of this mini project in it's current state, maybe you guys will be able to help me fix this with it.
ffxv_cheats.zip - Google Drive
And this is where I've been referencing the instructions
x86 and amd64 instruction reference