Thank you very much for your patience in answering my questions.For Fire Emblem, i didn't search for it, i found it in the executable and then in the savegame.
There is a function called "nn:: Prepo:: PlayReport:: SetBuffer", the second reference to that import is a function where you can find the main pointer:
.text:0000000000561634 FB CD 14 94 BL __ZN2nn5prepo10PlayReport9SetBufferEPvm ; nn:: Prepo:: PlayReport:: SetBuffer(void *,ulong)
.text:0000000000561638 E0 63 01 91 ADD X0, SP, #0x170+var_118 ; Rd = Op1 + Op2
.text:000000000056163C ED FE FF 97 BL sub_5611F0 ; Branch with Link
.text:0000000000561640 79 A0 00 90 ADRP X25, #pMain@PAGE ; Address of Page
.text:0000000000561644 39 87 44 F9 LDR X25, [X25,#pMain@PAGEOFF] ; Load from Memory
pMain == 0x196D908 -> 0x19D76F0
just go to main+0x19D76F0 and the pointer there leads you directly to the Savegame and 0x0 of the savegame is the item table.
--------------------- MERGED ---------------------------
What do you mean by executable file is the main file obtained by unpacking xci? Then use IDA to open the function it finds, right?For Fire Emblem, i didn't search for it, i found it in the executable and then in the savegame.
There is a function called "nn:: Prepo:: PlayReport:: SetBuffer", the second reference to that import is a function where you can find the main pointer:
.text:0000000000561634 FB CD 14 94 BL __ZN2nn5prepo10PlayReport9SetBufferEPvm ; nn:: Prepo:: PlayReport:: SetBuffer(void *,ulong)
.text:0000000000561638 E0 63 01 91 ADD X0, SP, #0x170+var_118 ; Rd = Op1 + Op2
.text:000000000056163C ED FE FF 97 BL sub_5611F0 ; Branch with Link
.text:0000000000561640 79 A0 00 90 ADRP X25, #pMain@PAGE ; Address of Page
.text:0000000000561644 39 87 44 F9 LDR X25, [X25,#pMain@PAGEOFF] ; Load from Memory
pMain == 0x196D908 -> 0x19D76F0
just go to main+0x19D76F0 and the pointer there leads you directly to the Savegame and 0x0 of the savegame is the item table.
edit:
a bit more info on how i did end up finding this import call, i was searching for "Money" in the string table and guess what?:
Code:nn::prepo::PlayReport::PlayReport(&v26, "iron17_castle"); nn::prepo::PlayReport::SetBuffer(&v26, v3, v2); sub_5611F0(&v26); v4 = pMain; v5 = sub_395C40(&pMain->ptr->player); sub_55CC10((__int64)&v27, 64, "%02d:%02d,", v5 / 0xE10uLL, v5 % 0xE10 / 0x3CuLL, v6, v7, v8, v9, v10, v11, v12, v25); LODWORD(v28) = nn::prepo::PlayReport::Add(&v26, "PlayTime", &v27); if ( (_DWORD)v28 ) goto LABEL_20; v15 = Player::GetMoney(&v4->ptr->player); LODWORD(v28) = nn::prepo::PlayReport::Add(&v26, "Money", v15); if ( (_DWORD)v28 ) goto LABEL_20; v16 = Player::GetInstructLevel(&v4->ptr->activities); LODWORD(v28) = nn::prepo::PlayReport::Add(&v26, "InstructLevel", v16); if ( (_DWORD)v28 ) goto LABEL_20; LODWORD(v28) = nn::prepo::PlayReport::Add(&v26, "InstructExp", (unsigned __int16)v4->ptr->activities.InstructExp); if ( (_DWORD)v28 ) goto LABEL_20; LODWORD(v28) = nn::prepo::PlayReport::Add(&v26, "PlayLog_Wark", (unsigned __int8)v4->ptr->activities.PlayLogValues[0]);