10 February 2011, 10:46 | #1 |
Junior Member
Join Date: Dec 2002
Location: The Streets
Age: 39
Posts: 2,731
|
Got a patch for Putty but having trouble initiating it.
After extensive playing about with this game, I managed to get a patch intended for placing at $C0 as follows:
Code:
ADDA.L #71110,A0 ;points to JMP instruction for copylock MOVE.L #11FC00FF,(A0) ;replaces code with MOVE.B #FF,100.S MOVE.W #0100,4(A0) ;replaces code with MOVE.B #FF,100.S SUBA.L #71110,A0 ;restores A0 to original value RTS ;returns to whre it left off If I insert a BRA loop in the spot on the bootblock where JMP 400.S resides, I can see that my patch instructions to insert my new opcodes into $C0 exists within memory at that time, somewhere in the $70000 region. Only problem, my patch code never seems to start at a static address. It's like the loader code shuffles the data about into a random address in the $7A000-$7E000 range just before jumping to $400. Therefore there's only the odd chance that my code may be accessed upon bootup, with all other times causing a guru. Is there any specific tricks I should be using to rectify this? Thanks. Last edited by MethodGit; 10 February 2011 at 17:46. |
12 February 2011, 16:31 | #2 |
Junior Member
Join Date: Dec 2002
Location: The Streets
Age: 39
Posts: 2,731
|
dfghsdlaf HERP DERP
Forget it. Turns out the address where my code starts is conveniently stored in A1 each time. A JMP (A1) later and one is home sailing.
So that leaves me with Silly Putty (yes, the other Putty 1 title in SPS) to deal with. I'm finding this a lot trickier to patch - it does things the same way but reads code differently and I can't seem to find a spot where I could load patch code from (my trick is usually to find all the long blank spaces in the ADF through a hex editor and fill them with a replicated byte of my choice, then find them within AR/HRTMon before a specific JMP). I can't even seem to get away with overwriting some of the starting boot code with a loader routine to load stuff from $400 or $1600 either. Any solutions? |
12 February 2011, 22:52 | #3 |
Banned
Join Date: Aug 2008
Location: 1
Posts: 114
|
I don't know how big your patch is, but its gotta be REALLY big!!!
You got the whole copylock track for your use |
13 February 2011, 00:05 | #4 |
move.w #$4489,$dff07e
Join Date: Sep 2005
Location: Norfolk, UK
Age: 42
Posts: 2,351
|
Maybe I'm old fashioned but I think you'd learn a lot more on these cracking adventures you're having if you worked more at finding the solution to all your questions by yourself. Sure it might take some time and it might drive you crazy for a while but it's a useful experience. I mean there is no time limit here... all these games are long cracked years ago so you must only be doing it for your own learning and amusement? (And there is absolutely nothing wrong with that - good stuff)
My first MFM crack took me a couple of days to get right but I did it myself without any help and I learnt valuable lessons. Sure Sting, Galahad, Codetapper and other guys here are good resources but I think all your threads requesting help and answers are missing the point. Just my tuppence worth and anyway what do I know |
13 February 2011, 02:32 | #5 | |
move.l #$c0ff33,throat
Join Date: Dec 2005
Location: Berlin/Joymoney
Posts: 6,863
|
Well said Musashen, I totally agee.
Quote:
Last edited by StingRay; 13 February 2011 at 03:44. |
|
14 February 2011, 11:29 | #6 | |
Junior Member
Join Date: Dec 2002
Location: The Streets
Age: 39
Posts: 2,731
|
Quote:
Am without a working computer atm however, so I can't really look into Silly Putty as of this time. |
|
14 February 2011, 11:38 | #7 |
move.l #$c0ff33,throat
Join Date: Dec 2005
Location: Berlin/Joymoney
Posts: 6,863
|
|
29 July 2011, 21:11 | #8 |
Junior Member
Join Date: Dec 2002
Location: The Streets
Age: 39
Posts: 2,731
|
Sorry to bump an old thread, but I was looking into Silly Putty again today and decided that (since nothing else I could think of worked) a track loader routine at bootup would surely help. Here's how I've laid it out so far:
Code:
rt 0 1 70000 7000C = LEA DFF000,A0 (default start instruction by game, left here mainly as bumper) 70012 = CLR.W DFF180 (turns the screen black) 70018 = MOVE.L #C0,28(A1) (set $C0 as target destination) 70020 = MOVE.L #400,2C(A1) (copy code from offset $400 on disk) 70028 = MOVE.L #14,24(A1) (copy 14 bytes worth of said code) 70030 = JSR -1C8(A6) (start copy process) |
29 July 2011, 21:49 | #9 |
Registered User
Join Date: May 2004
Location: Somewhere secret
Age: 50
Posts: 365
|
I'm not going to go into why this is complete overkill for what you want to do, but afaik you can only specify sector-aligned file sizes here... so rather than #14, you probably want #$200 (512 decimal, the size of a normal sector) instead.
|
29 July 2011, 23:39 | #10 |
Puttymoon inhabitant
|
Everything Putty related interests me, but I absolutelly have no idea what patch you guys are talking about. If it will be usefull we could share it through our Puttymoon website
|
30 July 2011, 07:28 | #11 | ||
Junior Member
Join Date: Dec 2002
Location: The Streets
Age: 39
Posts: 2,731
|
Quote:
Quote:
However(!), it seems setting it to 200 has resulted in $2C0 bytes of data being copied, which is too much, and I think it's had an effect on the boot process as well, as I now find the game stuck in a BNE loop within the $400 area, something that had never happened before. What's the smallest possible working size I could set? |
||
30 July 2011, 07:28 | #12 |
move.w #$4489,$dff07e
Join Date: Sep 2005
Location: Norfolk, UK
Age: 42
Posts: 2,351
|
|
30 July 2011, 08:27 | #13 |
2 contact me: email only!
Join Date: May 2001
Location: Auckland / New Zealand
Posts: 3,182
|
MethodGit: It doesn't help that you are confusing decimal and hex numbers. Action Replay is a bit useless in my opinion due to it leaving the $ sign off disassembly. You yourself are confusing things when you write this:
70020 = MOVE.L #400,2C(A1) (copy code from offset $400 on disk) 70028 = MOVE.L #14,24(A1) (copy 14 bytes worth of said code) One minute you say it's copying data from offset #400 (meaning hex), the next time you say #14 means 14 decimal. A real assembler will not let you get away with assuming # means hex numbers! If you have told the game to load $200 of data, it will not load $2c0 bytes. Paste your code here and I'm sure the bug will be obvious. Or better, pretend you're explaining your code to your sister or something and as you step through it, you'll probably see the error in your code. |
30 July 2011, 10:41 | #14 | |
Banned
Join Date: Aug 2008
Location: 1
Posts: 114
|
Quote:
|
|
30 July 2011, 11:45 | #15 | |
move.l #$c0ff33,throat
Join Date: Dec 2005
Location: Berlin/Joymoney
Posts: 6,863
|
Quote:
Edit: and you need to use a multiple of 512 for the length. Loading 14 bytes with trackdisk won't work either (which is why nothing is loaded at all). |
|
30 July 2011, 16:09 | #16 | |||
Junior Member
Join Date: Dec 2002
Location: The Streets
Age: 39
Posts: 2,731
|
Quote:
Quote:
Quote:
Later update: Arrrrggghhh. Still no luck. Looks like I was wrong about my copying to $C0 causing the game to get stuck in a routine on track 14. I copied my code to $70000 and the same thing happens. I then tried putting my code in at $1600 (the former copylock track) on the disk and copying from there, and it didn't change the situation. I've tried examining the routine it loops around in and I can't notice anything unusual going on (this routine is accessed a lot during the loading process). Please don't tell me the bootblock is protected by a checksum of sorts? This is how the start of the bootblock looks normally, without alterrations: Code:
7000C = LEA DFF000,A0 70012 = MOVE.W #7FFF,96(A0) 70018 = MOVE.W #7FFF,9A(A0) 7001E = MOVE.W #7FFF,9C(A0) 70024 = MOVE.B #7F,BFED01 7002C = MOVE.B #7F,BFDD00 70034 = MOVE.W #0,180(A0) 7003A = LEA 70054(PC),A0 7003E = LEA 7A800,A1 70044 = MOVE.W #3FF,D0 70048 = MOVE.B (A0)+,(A1)+ 7004A = DBF D0,70048 7004E = JMP 7A800 ... Last edited by MethodGit; 30 July 2011 at 21:46. |
|||
30 July 2011, 16:15 | #17 | |
Registered User
Join Date: Sep 2009
Location: Norway
Posts: 1,710
|
Quote:
No, I don't know anything about it, but I want to see if a tut on Flashtro really would do such an obvious mistake. |
|
30 July 2011, 16:18 | #18 | |
Junior Member
Join Date: Dec 2002
Location: The Streets
Age: 39
Posts: 2,731
|
Quote:
And now my last post looks funny due to my later words being combined into it. |
|
30 July 2011, 16:20 | #19 |
HOL/FTP busy bee
Join Date: Sep 2006
Location: Germany
Age: 46
Posts: 31,528
|
|
30 July 2011, 16:27 | #20 |
move.l #$c0ff33,throat
Join Date: Dec 2005
Location: Berlin/Joymoney
Posts: 6,863
|
Read carefully, I didn't say that using a trackloader to load data to low mem is bad, I wrote that using the trackdisk.device for that is a bad idea. With a normal hardware trackloader (which doesn't need any OS functions) you can load data to any address you want.
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
Thread Tools | |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Putty Input Lag - New Patch Possible? | manic23 | Games images which need to be WHDified | 8 | 18 May 2013 21:27 |
three in one? (SCSI Patch,Mac Patch,MapRom) | RogerWilco09 | support.Apps | 0 | 05 May 2009 16:56 |
Putty Squad / Silly Putty 2 | derSammler | HOL contributions | 14 | 23 February 2006 23:07 |
Putty | method | project.Sprites | 0 | 12 February 2006 22:38 |
Putty | Xtreem | request.Old Rare Games | 5 | 24 May 2002 06:44 |
|
|