diff --git a/src/SendCommands.cc b/src/SendCommands.cc index b96fe47a..ddf9c658 100644 --- a/src/SendCommands.cc +++ b/src/SendCommands.cc @@ -846,9 +846,10 @@ static std::shared_ptr> send_brutal_peeps_h constexpr uint32_t scan_start = 0x16760000; constexpr uint32_t scan_end = 0x16A90000; - constexpr uint32_t signature_size = 64; + constexpr uint32_t signature_offset = 0x00002800; + constexpr uint32_t signature_size = 0x80; - if (bp_entry->size < signature_size) { + if (bp_entry->size < (signature_offset + signature_size)) { c->log.warning_f("Skipping Brutal Peeps HP client patch: BattleParamEntry_on.dat too small for signature"); return nullptr; } @@ -863,9 +864,10 @@ static std::shared_ptr> send_brutal_peeps_h std::string suffix; append_u32l(suffix, scan_start); append_u32l(suffix, scan_end); + append_u32l(suffix, signature_offset); append_u32l(suffix, signature_size); append_u32l(suffix, 0); // patched below after diff generation - suffix.append(vanilla_data, signature_size); + suffix.append(vanilla_data + signature_offset, signature_size); uint32_t patch_entry_count = 0; for (uint32_t offset = 0; offset < target_data.size(); offset++) { @@ -880,10 +882,10 @@ static std::shared_ptr> send_brutal_peeps_h patch_entry_count++; } - suffix[12] = static_cast(patch_entry_count & 0xFF); - suffix[13] = static_cast((patch_entry_count >> 8) & 0xFF); - suffix[14] = static_cast((patch_entry_count >> 16) & 0xFF); - suffix[15] = static_cast((patch_entry_count >> 24) & 0xFF); + suffix[16] = static_cast(patch_entry_count & 0xFF); + suffix[17] = static_cast((patch_entry_count >> 8) & 0xFF); + suffix[18] = static_cast((patch_entry_count >> 16) & 0xFF); + suffix[19] = static_cast((patch_entry_count >> 24) & 0xFF); auto fn = s->client_functions->get("PsoPeepsBrutalPeepsHP", c->specific_version); @@ -900,8 +902,8 @@ static std::shared_ptr> send_brutal_peeps_h c->enabled_flags |= fn->client_flag; - c->log.info_f("Brutal Peeps HP client patch sent: tier={} mult={:g} patch_entries={} scan={:08X}-{:08X}", - tier, mult, patch_entry_count, scan_start, scan_end); + c->log.info_f("Brutal Peeps HP client patch sent: tier={} mult={:g} patch_entries={} signature_offset={:05X} scan={:08X}-{:08X}", + tier, mult, patch_entry_count, signature_offset, scan_start, scan_end); return promise; diff --git a/system/client-functions/PsoPeepsBrutalPeepsHPBB.s b/system/client-functions/PsoPeepsBrutalPeepsHPBB.s index 0350735d..fb40fc2c 100644 --- a/system/client-functions/PsoPeepsBrutalPeepsHPBB.s +++ b/system/client-functions/PsoPeepsBrutalPeepsHPBB.s @@ -14,28 +14,27 @@ start: push esi push edi push ebp - push 0 # [esp] = last matched table base / 0 jmp get_data_ptr get_data_ptr_ret: - pop ebx # ebx = suffix payload + pop ebx # ebx = suffix payload - mov esi, [ebx] # scan_start + mov esi, [ebx] # scan_start, scans for signature address, not table base scan_again: - mov edx, [ebx + 4] # scan_end - mov ecx, [ebx + 8] # signature_size - sub edx, ecx # scan limit = end - sig_size + mov edx, [ebx + 4] # scan_end + mov ecx, [ebx + 12] # signature_size + sub edx, ecx # scan limit = end - sig_size cmp esi, edx - ja return + ja not_found xor ebp, ebp - lea edi, [ebx + 16] # signature ptr + lea edi, [ebx + 20] # signature ptr compare_again: cmp ebp, ecx - jae found_table + jae found_signature mov al, [esi + ebp] cmp al, [edi + ebp] @@ -48,33 +47,35 @@ next_candidate: inc esi jmp scan_again -found_table: - # esi = one matching BattleParam table base - mov [esp], esi # remember last match for return_value +found_signature: + # esi = signature address; table base = esi - signature_offset + mov ebp, esi + sub ebp, [ebx + 8] # ebp = BattleParam table base - mov ecx, [ebx + 12] # patch entry count - mov edi, [ebx + 8] # signature_size - lea edi, [ebx + edi + 16] # patch entries after header+signature + mov ecx, [ebx + 16] # patch entry count + mov edi, [ebx + 12] # signature_size + lea edi, [ebx + edi + 20] # patch entries after header+signature patch_again: test ecx, ecx - jz after_patch + jz done - mov edx, [edi] # offset from table base - mov al, [edi + 4] # byte value - mov [esi + edx], al + mov edx, [edi] # offset from table base + mov al, [edi + 4] # byte value + mov [ebp + edx], al add edi, 5 dec ecx jmp patch_again -after_patch: - inc esi # continue scanning after this match - jmp scan_again +done: + mov eax, ebp # return found table base + jmp return + +not_found: + xor eax, eax return: - mov eax, [esp] # 0 if none found, else last matched base - add esp, 4 pop ebp pop edi pop esi @@ -87,9 +88,10 @@ get_data_ptr: # Server suffix starts here: # uint32_t scan_start # uint32_t scan_end +# uint32_t signature_offset # uint32_t signature_size # uint32_t patch_entry_count -# signature bytes +# signature bytes from table+signature_offset # repeated patch entries: # uint32_t offset # uint8_t value