TAbdiukov
commented
5 months ago Following the analysis above, the following changes are needed:
-
[x] p-CarmageddonTDR2000_killTimer.py - Check
-
[x] p-CarmageddonTDR2000_killTimer.py -Deprecate
-
[x] p-CarmageddonTDR2000_killTimer.py - patch v2 - 004A09C0 jump made unconditional, same jump as after flt dec routine, found in 004A09D2 - safe on CPU AND FPU stack
- Before:
- After:
- Before:
-
[x] Deprecate p-Swype.exe_unLim+noDX10.py DX10 v1 in code
-
[x] Deprecate p-Swype.exe_unLim+noDX10.py DX10 v1 in releases
[x] p-AlcatelContentManager_uncripple.py - NOPs out bad jump - safe on stack
[x] p-AltServer_preWin10support.py - very basic string patch - stack-safe
[x] p-CarmageddonTDR2000_killTimer.py - safe on CPU stack, but theoretically UNSAFE on FPU register stack. The game appears to use FPU in JIT manner, nonetheless: v2 patch is made.
[x] p-CarmageddonTDR2000_reverseTimer.py - FPU (x87): 0x64 [float sub] -> 0x44 [float add] for reverse function - Both CPU and FPU stack-safe
[x] p-K10stat_anyCPUpatch.py - Replacing conditional jumps to UNconditional and NOPing some other jumps - Safe on stack
[x] p-Swype.exe_unLim+noDX10.py MAIN - patches (NOPs) out
CMP, JNZ, CMP JNZcluster - safe on stack, and (following the next CMP instruction), safe on registry flags![x] [FLAG_UNSAFE] p-Swype.exe_unLim+noDX10.py DX10 v1 - Right in the function beginning,
push ecx; push esiare replaced byret 4. INSIDE function, patch is stack safe. HOWEVER, in function calls, there ispush ebx, making the patch stack-UNSAFE (slow stack corruption)ret 4part) in IDA Pro:[x] p-Swype.exe_unLim+noDX10.py DX10 v2 - conditional jump is made UNconditional - stack-safe