I don't know if I'm weird or if it's just normal to get random reverse engineering urges.
-
at least they remembered to call CLI first
-
I think they're dynamically loading code and stuffing it into the tick handler
-
the best place to stick dynamically loaded code: INSIDE AN INTERRUPT HANDLER
-
I need to turn my patching shit form Super Solvers Gizmos & Gadgets into a generic thing I can use on any game. That'd be sweet
-
anyway for now I can just skip the disk swap check by patching out CALL DiskSwapCheck, since it has no side-effects.
The video mode check unfortunately does, so I gotta leave it in but hack it to think I said "VGA" -
patch 0xDF0A with 90 90 90 to skip disk check
patch 0xE2BF with C6 C0 33 90 90 90 to skip video check. 33=VGA, 32=Tandy/Amstrad, 31=CGA, 68=Hercules -
I think this was written with a macro assembler by someone who loved macros.
Like there's a lot of times where the code would be like
LEA EAX, SomeString
CALL PRINTFin a saner world, but instead there's a loop that uses global memory addresses and calls the BIOS TELETYPE OUTPUT call letter by letter. and that loop appears in every function that needs to do printf()
-
I guess it's puts(), not printf
But yeah. It doesn't feel like an inlined function, it's just a macro
-
the way ghidra handles interrupts is profoundly broken and someone needs to fix it. someone might have already, I just haven't installed that incomplete dos loader
-
@foone Does 32-bit DOS with a DPMI use segments and overlays? It feels like it would be overkill since the whole idea was to get a 32-bit flat address space, unless you start doing weird stuff like unreal mode.
-
@indigoparadox Technically, yes, but it tries to hide that from you. As long as you don't need to debug into what the DPMI calls are doing, you can mostly pretend segments aren't real
-
oh ghidra is just completely wrong about where this call goes. that's... fine
-
for some reason ghidra thinks some of the calls are going into the data segment instead of CS
-
-
@foone or Is It AA to A9?
-
@oblomov NAh, A0 through AZ. I found the string in the code
-
interesting. so the .ARE files have a 140 near the top, and the manual says each AREA is 140 kilometers.
-
@foone ghidra is, in my experience, not very good at disassembling 16 bit code
-
@endrift yeah. a bit
-
the RLE compression seems to only affect the first 256 bytes of the file (after the 6-byte chunks). fucking weird. But I wrote some code that does the same, and it matches.
-
this compresses the file from 2.36 kilobytes down to an amazing 2.25 kilobytes