Data Types

Supported Types

The following data types are supported:

• Integers
  • 8 bit (1 byte)
  • 16 bit (2 bytes)
  • 32 bit (4 bytes)
  • 64 bit (8 bytes)
• Floating Point (Fractional)
  • Float (4 bytes)
  • Double (8 bytes)
• Strings
  • 8 bit (each character is 1 byte, number of characters varies)
  • 16 bit (each character is 2 bytes, number of characters varies)
• Byte Arrays (size varies on number of bytes)
• Pointers (size varies on running target)

Numbers like -5, 0, 2, 3, 100 represent integers, numbers like 1.43, 0.04, 1000.34 represent floating-points, and text like "Player Name:", "Lives" represent strings. These are the most common kinds of types to search for.

As for size: a 32-bit integer can vary from 2³² different values, whereas an 8-bit integer can vary from 2⁸ different values. Thus, a variable whose size is bigger can hold more possible values, but consumes more space in memory.

Signed vs Unsigned Integers

For integers, there are two modes available. Signed integers can represent negative and positive numbers while unsigned integers can represent only non-negative values. For example, a 16-bit integer holds 2¹⁶ possible values; this can vary from -32768 to 32767 if signed, or from 0 to 65535 if unsigned.

Pointers

Pointers are memory addresses. Often times, there are pointer variables which are variables whose value is a memory address to another variable in the program.

Variables can be edited in an advanced manner by going to Variable -> Edit Variable Address. An expression such as [0x1BE28] will be substituted with the pointer value read from 0x1BE28. This is also flexible allowing nesting and mathematical expressions such as [[0x1BE28] + 0x8] - 0x4].

Please see Pointers for more information on searching them.

Byte Arrays

Byte Arrays have a slightly different behavior than the other data types. Each byte in a byte array is represented in hexadecimal form, eg: 00 01 AF is a byte array whose size is 3 bytes.

If one edits a byte array's value, and adds a space (eg: "00 01 AF "), this will increase the size of the variable by one byte. If one removes the last byte along with the space before it, this will decrease the size by one byte. One can also change the byte array's size by going to Variable -> Edit Variable Size.

Lastly, byte array searches support wildcard characters (? or *) that could represent anything as a value. For example, one can make a search for 1A ?B CD ?? that could match 1A 0B CD 00, 1A 0B CD 10, 1A 4B CD 3F, etc.

Endianness

Byte order, or endianness, determines how bytes are ordered to represent a value for a data type. The different types of endianness are big and little. Endianness affects all data types except for 8-bit integers, 8-bit strings, and byte arrays since with these data is grouped by single bytes.

For example, a 32-bit integer with a value of 1 is represented as the byte array 01 00 00 00 in little endian. The value of 1 is represented as the byte array 00 00 00 01 in big endian.

A tidbit about little endian is that integers of larger size can be represented in memory with the same layout as integers of smaller size, as long as the value is small enough to fit both sizes. For example, if you have a byte array in memory that is 01 00 00 00:

• the first byte 01 could represent a 8-bit integer value of 1
• the first two bytes 01 00 could represent a 16-bit integer value of 1
• and all four bytes could represent 32-bit integer value of 1

Therefore one can search for a 8-bit integer as long as the value fits inside a 8-bit range, and could retrieve results even if the data type of the desired variable is actually of bigger size.

Fortunately, Macs prefer little endian these days, which is what will be most commonly seen.