Open your cstrike/cl_dlls/client.dll
with hex editor (for example WinHex
) and replace bytes 8B4C240433C02BC87406497403497505B801000000C3
with 837C240401750B8B44240CC7400800000042B001C3C3
. In WinHex
you can open the replace dialog with Ctrl
+Alt
+H
The original function:
int HUD_GetHullBounds(int hullnum, float* mins, float* maxs)
{
return (hullnum == 0 || hullnum == 1 || hullnum == 2) ? 1 : 0;
}
// 22 bytes
8B 4C 24 04 mov ecx, [esp+4]
33 C0 xor eax, eax
2B C8 sub ecx, eax
74 06 jz short NonLargeHull
49 dec ecx
74 03 jz short NonLargeHull
49 dec ecx
75 05 jnz short Exit
NonLargeHull:
B8 01 00 00 00 mov eax, 1
Exit:
C3 retn
The patched function (bool
is OK here, because engine expects just != 0
):
bool HUD_GetHullBounds(int hullnum, float* mins, float* maxs)
{
if (hullnum == 1)
maxs[2] = 32.0f;
return true;
}
// 21 bytes
83 7C 24 04 01 cmp [esp+4], 1
75 0B jne NonCrouch
8B 44 24 0c mov eax, [esp+0Ch]
C7 40 08 00 00 00 42 mov [eax+8], 42000000h
NonCrouch:
B0 01 mov al, 1
C3 retn
Another dirty way to patch this function:
// 22 bytes
XX XX XX XX mov eax, [esp+4]
40 inc eax
XX XX XX cmp eax, 2
75 0B jne NonCrouch
8B 44 24 0c mov eax, [esp+0Ch]
C7 40 08 00 00 00 42 mov [eax+8], 42000000h
NonCrouch:
C3 retn