Reverse Engineering Thread
#1
Posted 19 June 2005 - 08:20 PM
@@Thud: I got the attach, thank you! By tomorrow or the day after we will have a view of the possible changes in W40KMod.dll
#2
Posted 19 June 2005 - 08:57 PM
Dawn of War Advanced AI Headquarters
Latest DoW Advanced AI Download!
#3
Posted 20 June 2005 - 03:40 PM
push esi
call sub_F207A1A
mov ebx, eax
test ebx, ebx
jz @@prerequisite_not_met_for_building
...
This translated into C code means:
temp=sub_F207A1A(current_object);
if(temp==NULL)
printf("Bla bla cannot...");
else
// Go on like normal!
If we dig deeper into sub_F207A1A, we find:
mov ecx, [esp+arg_0]
test ecx, ecx
jnz short loc_F207A26
xor eax, eax
jmp short locret_F207A2E
loc_F207A26:
push 78h
call EntityBlueprint::QInfo(uint)
locret_F207A2E:
retn 4
Again, if we translate the above code into C we obtain:
if(Current_Building!=NULL)
{
return EntityBlueprint::QInfo(0x78,this);
// Probably 0x78 --> Building code
}
else
return NULL;
This barely means that the sub_F207A1A, that I previously identified as the Cannot..., is just a member function for the building object that just acts as a simple wrapper to EntityBlueprint::QInfo that takes as a parameter the current object (this*) and the (supposed) building code, 0x78h.
A quick scan to the uses of the EntityBlueprint::QInfo(...) reveals that such a function might be what we are interested into....
#4
Posted 20 June 2005 - 04:04 PM
#5
Posted 20 June 2005 - 04:11 PM
(should have stuck to AMOS, ah, happy days)
Flenser
Edited by Flenser, 20 June 2005 - 04:11 PM.
#6
Posted 20 June 2005 - 04:17 PM
And I thought LUA was tough going! Jeez...
(should have stuck to AMOS, ah, happy days)
Flenser
That's right! The days of Amiga are really unforgettable... I still play my Shadow Of The Beast
#7
Posted 20 June 2005 - 04:20 PM
Also, the code for the Blueprint::QInfo is the following. As everybody can see, it is really probable that prerequisite checking is done in this procedure, that is called by a dedicated method of each game object (building, unit...).
class Blueprint::BPInfo const * __thiscall Blueprint::QInfo(unsigned int)const
.text:051A1089
.text:051A1089 arg_0 = dword ptr 4
.text:051A1089
.text:051A1089 mov eax, [ecx+8]
.text:051A108C mov ecx, [ecx+0Ch]
.text:051A108F lea ecx, [eax+ecx*8]
.text:051A1092 jmp short loc_51A10A0
.text:051A1092
.text:051A1094 ; ---------------------------------------------------------------------------
.text:051A1094
.text:051A1094 loc_51A1094:
.text:051A1094 mov edx, [eax+4]
.text:051A1097 cmp edx, [esp+arg_0]
.text:051A109B jz short loc_51A10A9
.text:051A109B
.text:051A109D add eax, 8
.text:051A10A0
.text:051A10A0 loc_51A10A0:
.text:051A10A0 cmp eax, ecx
.text:051A10A2 jnz short loc_51A1094
.text:051A10A2
.text:051A10A4 xor eax, eax
.text:051A10A6
.text:051A10A6 locret_51A10A6:
.text:051A10A6 retn 4
.text:051A10A6
.text:051A10A9 ; ---------------------------------------------------------------------------
.text:051A10A9
.text:051A10A9 loc_51A10A9:
.text:051A10A9 mov eax, [eax]
.text:051A10AB jmp short locret_51A10A6
.text:051A10AB
class Blueprint::BPInfo const * __thiscall Blueprint::QInfo(unsigned int)const endp
@@Thudo: Pleez, send me also the SimEngine.dll from the 1.20 version, thanks.
Edited by Polaris, 20 June 2005 - 04:37 PM.
#8
Posted 20 June 2005 - 05:27 PM
Attached Files
Edited by thudo, 20 June 2005 - 05:28 PM.
Dawn of War Advanced AI Headquarters
Latest DoW Advanced AI Download!
#9
Posted 20 June 2005 - 05:31 PM
But maybe the caller is changed... Thudo, instead of RARing, try to ZIP and resend the W40KMod.dll... Maybe the stupid MSN/TrendMicro antivirus will not catch it
#10
Posted 20 June 2005 - 05:33 PM
TuD.
Dawn of War Advanced AI Headquarters
Latest DoW Advanced AI Download!
#11
Posted 20 June 2005 - 05:35 PM
#12
Posted 20 June 2005 - 06:09 PM
Dawn of War Advanced AI Headquarters
Latest DoW Advanced AI Download!
#13
Posted 20 June 2005 - 06:13 PM
#14
Posted 20 June 2005 - 07:43 PM
50 ! !! ! of them out ! ! ! ! ! !
e.
Dawn of War Advanced AI Headquarters
Latest DoW Advanced AI Download!
#15
Posted 21 June 2005 - 08:28 AM
LOL
In the evening I'll post my new discoveries
#16
Posted 21 June 2005 - 09:54 AM
This is disappointing, but I will get on till complete success.
Next step will be an advanced compare between disassembly listings of W40KMod.dll in its version 1.20 and 1.30 to spot interesting locations to investigate.
#17
Posted 21 June 2005 - 01:43 PM
Dawn of War Advanced AI Headquarters
Latest DoW Advanced AI Download!
#18
Posted 22 June 2005 - 10:01 AM
So, before I start tracing the whole DLL from the very entrypoint I have a small question. Is there the possibility of making the LUA interpreter verbose?
I mean, there is some switch that allows to have human readable output of the inner mechanics of the LUA interpreter? If so, by tracking the output messages from the prereq system we could attempt to track back to the actual code.
#19
Posted 22 June 2005 - 12:11 PM
The prereq system output can be seen in part in my post in the main forum titled "Prereqs in v1.2". The main prereq output comes from the LUA functionRunning the file compare on ~12 millions of assembler lines of code did not highlight anything interesting.
So, before I start tracing the whole DLL from the very entrypoint I have a small question. Is there the possibility of making the LUA interpreter verbose?
I mean, there is some switch that allows to have human readable output of the inner mechanics of the LUA interpreter? If so, by tracking the output messages from the prereq system we could attempt to track back to the actual code.
prereq = CpuPrerequisites( cpu_manager.cpu_player, unit_stats:GetSquadName(), CpuPrerequisites.BT_Squad )It may also work with building, addon and research names and types, but I have not tried that, just squads.
The data put in 'prereq' is userdata, which LUA cannot do anything with other than stick it on the stack, so if you know how to dump that output or access it from within the C code then you could track it.
Paragraph 3.8 of this LUA reference manual might help.
Flenser
Edited by Flenser, 22 June 2005 - 12:12 PM.
#20
Posted 22 June 2005 - 01:45 PM
cpu_manager.debug = true
code line to your previous code that lists prerequsites:
function BuildOrderStrategy:Prereq() local race = cpu_manager.cpu_player:GetPlayerRace() for unit_stats in cpu_manager.stats:GetUnitStats(race) do local prereq = CpuPrerequisites( cpu_manager.cpu_player, unit_stats:GetSquadName(), CpuPrerequisites.BT_Squad ) aitrace("Prerequisites for "..unit_stats:GetSquadName() ) for i in prereq:GetUnfulfilledPrerequisites() do aitrace("Type of data: "..type (i) ) aitrace("Name: "..i.name ) aitrace("Build Type: "..i.btype ) aitrace("Prereq Fulfilled?: "..tostring( i.prereq_fulfilled ) ) end end end
and post here the results for anyone of the races?
Edited by Polaris, 22 June 2005 - 01:46 PM.
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users