Th125/Binary hacks

From Touhou Patch Center
< Th125
Revision as of 22:12, 27 January 2014 by NamelessLegacy (talk | contribs) (Wat. It's 2014 and there's *still* games without safe sprintf()? Also, ID consistency for that Ruby compatibility hack.)
Jump to navigation Jump to search

Bugs

Safe sprintf (call)
(sprintf_call)
Address
v1.00aRx5f8dc
Code
50
e8 [strings_vsprintf]
8944e4 14
push eax
call [strings_vsprintf]
mov dword ptr ss:[esp+0x14],eax
Safe sprintf (replace pointer)
(sprintf_rep)
Address
v1.00aRx5f903
Code
8b54e4
mov edx, dword ptr ss:[esp+

Logging

Restore the game's built-in logging
(log_restore)
Description Very useful for debugging.
Address
v1.00a0x4653c0
Code
e9 [log_printf]
jmp [log_printf]

Spells

Spell card alignment
(spell_align)
Description ... and fixing the buffer overflow bug while we're at it.
Address
v1.00a0x45f979
Code
8b8e 88040000
8bbe fc030000
d947 38
c1e9 04
83e1 01
51
8b94e4 b0000000
52
ffb4e4 a8000000
ffb4e4 a8000000
ff35 08094d00
52
e8 [GetTextExtentForFont]
50
db04e4
58
eb 2e
90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90
90 90 90 90 90 90
mov ecx,dword ptr ds:[esi+488]
mov edi,dword ptr ds:[esi+3FC]
fld dword ptr ds:[edi+38]
shr ecx,4
and ecx,00000001
push ecx
mov edx,dword ptr ss:[esp+0B0]
push edx
push dword ptr ss:[esp+0A8]
push dword ptr ss:[esp+0A8]
push dword ptr ds:[th125.4d0908] ; spell font
push edx
call [GetTextExtentForFont]
push eax
fild dword ptr ss:[esp]
pop eax
jmp short +0x2e
nop (*0x2e)

Compatibility

Ensure correct size of ruby font
(font_ruby_size)
Description The English patch uses a larger size for the ruby text font. I don't know why, probably some leftover debugging code. This sets it back to its normal size.
Address
v1.00a0x44cfcb
Code
6a 0f
push 0f

Ruby

Render ruby text in one pass
(skip_ruby_loop)
Description Same hack as for th11.
Address
v1.00a0x44d0e0
Code
90
90
nop
nop