Building minors ships after membership

Building minors ships after membership (option); support/discussion/questions

Moderator: thunderchero

Post Reply
User avatar
thunderchero
Site Administrator aka Fleet Admiral
Site  Administrator aka Fleet Admiral
Posts: 7940
Joined: Fri Apr 25, 2008 2:00 am
Location: On a three month training mission, in command of the USS Valiant.

Building minors ships after membership

Post by thunderchero »

This topic was split from "All The Ages Mod: FINAL RELEASE."

severenth wrote:Would it be possible ( in the modding area of the forum ) to show/explain/go through how you have changed the trek.exe to allow the building of minors?

or link to where its already shown
Thanks to DCER, :wink: he has made change very easy to do with UE.
this is only available using UE 0.7.0dev1
load trek.exe with UE
go to EDIT/GAME/Ship Building
then select "buildable minor ships inaddition to empire ships(major code modifactions)

this is out for testing this is why it has not become part of installer yet.

thunderchero
Last edited by thunderchero on Thu Apr 30, 2009 11:03 pm, edited 1 time in total.
Gh0st
Lieutenant-Junior Grade
Lieutenant-Junior Grade
Posts: 67
Joined: Fri Jan 16, 2009 3:00 am

Post by Gh0st »

Thanks alot DCER & Thunderchero. Buildable minor ships are a great expansion to the orignal game and it was long dream for many of us!
User avatar
DCER
Code Master
Code Master
Posts: 683
Joined: Sat Apr 26, 2008 2:00 am

Post by DCER »

severenth wrote:As great as UE is, and as much as a pain in the ass of a request it is, I personally think any modifacations to exe's could be described / listed / detailed as to how they work and what to do IF someone wants to do it without UE

Its similar to the making Large maps Huge, personally i'd like to see how this is done in the code ( and so I can build it into future mods I may decide to make )
I agree with your take on this.

As it's being done now the function sub_4F3D70 has to be rewritten.

At 0xF3170 paste this to replace sub_4F3D70 (works only on exe's based on Jokers patch in other versions of trek.exe it would look different):

Code: Select all

53 51 52 56 57 55 81 EC 30 01 00 00 BD 44 00 00 00 8B 3D A8 5D 59 00 8B 77 1A C1 FE 10 69 F6 28 03 00 00 A1 C8 36 5A 00 01 C6 31 C0 8A 04 2E 3C 04 77 0A 83 FD 4C 74 18 E9 8A 00 00 00 55 BD 10 20 5A 00 6B C0 40 8B 44 28 3C 5D 83 F8 01 74 E8 8A 04 2E E8 38 17 F6 FF E8 33 7D 02 00 89 C1 85 C0 0F 84 60 00 00 00 66 8B 59 04 31 C0 89 E2 88 D8 E8 DA BB F7 FF 8B 54 24 68 66 83 FA 06 74 3A 66 83 FA 07 74 34 BA 03 00 00 00 31 C0 66 89 9C 24 28 01 00 00 66 8B 84 24 1C 01 00 00 89 94 24 20 01 00 00 89 84 24 2C 01 00 00 8D 94 24 20 01 00 00 8B 47 38 E8 C6 6F 02 00 89 C8 E8 6F 79 02 00 89 C1 85 C0 75 A0 83 FD 44 75 08 83 C5 08 E9 3D FF FF FF 81 C4 30 01 00 00 5D 5F 5E 5A 59 5B C3 00
In a disassembler it looks like this:

Code: Select all

AUTO:004F3D70 sub_4F3D70      proc near
AUTO:004F3D70
AUTO:004F3D70 var_E0          = dword ptr -0E0h
AUTO:004F3D70 var_2C          = word ptr -2Ch
AUTO:004F3D70 var_28          = dword ptr -28h
AUTO:004F3D70 var_20          = word ptr -20h
AUTO:004F3D70 var_1C          = dword ptr -1Ch
AUTO:004F3D70
AUTO:004F3D70                 push    ebx
AUTO:004F3D71                 push    ecx
AUTO:004F3D72                 push    edx
AUTO:004F3D73                 push    esi
AUTO:004F3D74                 push    edi
AUTO:004F3D75                 push    ebp
AUTO:004F3D76                 sub     esp, 130h
AUTO:004F3D7C                 mov     ebp, 44h
AUTO:004F3D81
AUTO:004F3D81 loc_4F3D81:
AUTO:004F3D81                 mov     edi, ds:dword_595DA8
AUTO:004F3D87                 mov     esi, [edi+1Ah]
AUTO:004F3D8A                 sar     esi, 10h
AUTO:004F3D8D                 imul    esi, 328h
AUTO:004F3D93                 mov     eax, ds:dword_5A36C8
AUTO:004F3D98                 add     esi, eax
AUTO:004F3D9A                 xor     eax, eax
AUTO:004F3D9C                 mov     al, [esi+ebp]
AUTO:004F3D9F                 cmp     al, 4
AUTO:004F3DA1                 ja      short loc_4F3DAD
AUTO:004F3DA3                 cmp     ebp, 4Ch
AUTO:004F3DA6                 jz      short loc_4F3DC0
AUTO:004F3DA8
AUTO:004F3DA8 loc_4F3DA8:
AUTO:004F3DA8                 jmp     loc_4F3E37
AUTO:004F3DAD ; ---------------------------------------------------------------------------
AUTO:004F3DAD
AUTO:004F3DAD loc_4F3DAD:
AUTO:004F3DAD                 push    ebp
AUTO:004F3DAE                 mov     ebp, offset dword_5A2010
AUTO:004F3DB3                 imul    eax, 40h
AUTO:004F3DB6                 mov     eax, [eax+ebp+3Ch]
AUTO:004F3DBA                 pop     ebp
AUTO:004F3DBB                 cmp     eax, 1
AUTO:004F3DBE                 jz      short loc_4F3DA8
AUTO:004F3DC0
AUTO:004F3DC0 loc_4F3DC0:
AUTO:004F3DC0                 mov     al, [esi+ebp]
AUTO:004F3DC3                 call    sub_455500
AUTO:004F3DC8                 call    sub_51BB00
AUTO:004F3DCD                 mov     ecx, eax
AUTO:004F3DCF                 test    eax, eax
AUTO:004F3DD1                 jz      loc_4F3E37
AUTO:004F3DD7
AUTO:004F3DD7 loc_4F3DD7:
AUTO:004F3DD7                 mov     bx, [ecx+4]
AUTO:004F3DDB                 xor     eax, eax
AUTO:004F3DDD                 mov     edx, esp
AUTO:004F3DDF                 mov     al, bl
AUTO:004F3DE1                 call    sub_46F9C0
AUTO:004F3DE6                 mov     edx, [esp+148h+var_E0]
AUTO:004F3DEA                 cmp     dx, 6
AUTO:004F3DEE                 jz      short loc_4F3E2A
AUTO:004F3DF0                 cmp     dx, 7
AUTO:004F3DF4                 jz      short loc_4F3E2A
AUTO:004F3DF6                 mov     edx, 3
AUTO:004F3DFB                 xor     eax, eax
AUTO:004F3DFD                 mov     [esp+148h+var_20], bx
AUTO:004F3E05                 mov     ax, [esp+148h+var_2C]
AUTO:004F3E0D                 mov     [esp+148h+var_28], edx
AUTO:004F3E14                 mov     [esp+148h+var_1C], eax
AUTO:004F3E1B                 lea     edx, [esp+148h+var_28]
AUTO:004F3E22                 mov     eax, [edi+38h]
AUTO:004F3E25                 call    sub_51ADF0
AUTO:004F3E2A
AUTO:004F3E2A loc_4F3E2A:
AUTO:004F3E2A                 mov     eax, ecx
AUTO:004F3E2C                 call    sub_51B7A0
AUTO:004F3E31                 mov     ecx, eax
AUTO:004F3E33                 test    eax, eax
AUTO:004F3E35                 jnz     short loc_4F3DD7
AUTO:004F3E37
AUTO:004F3E37 loc_4F3E37:
AUTO:004F3E37                 cmp     ebp, 44h
AUTO:004F3E3A                 jnz     short loc_4F3E44
AUTO:004F3E3C                 add     ebp, 8
AUTO:004F3E3F                 jmp     loc_4F3D81
AUTO:004F3E44 ; ---------------------------------------------------------------------------
AUTO:004F3E44
AUTO:004F3E44 loc_4F3E44:
AUTO:004F3E44                 add     esp, 130h
AUTO:004F3E4A                 pop     ebp
AUTO:004F3E4B                 pop     edi
AUTO:004F3E4C                 pop     esi
AUTO:004F3E4D                 pop     edx
AUTO:004F3E4E                 pop     ecx
AUTO:004F3E4F                 pop     ebx
AUTO:004F3E50                 retn
AUTO:004F3E50 sub_4F3D70      endp
This will make flagships not work if pasted over the flagship mod and also special ships are gone as well (had to be removed to gain space for new code).
and part of code depends on shiplist size
No, I'm sorry if I made the impression it did. This should generally work for any mod. Unless the function called by this function were moved or edited in some way that would break this one.

The main reason it hasn't been posted yet was because of the testing. Bugs could still pop up. I was also worried about the part where races taken by force won't allow you to build their ships. The new function is getting data from the alienInfo file which hasn't been researched in depth yet.



User avatar
PTRACER
Ensign
Ensign
Posts: 37
Joined: Mon May 18, 2009 2:00 am

Re: Building minors ships after membership

Post by PTRACER »

I know DCER is not around anymore, but if there was enough space in the EXE, would this code allow the "Special Ships" to spawn on the map?

Ollydbg says there is space in the code at this address but when I pop this code there I get a crash.

Code: Select all

Address   Hex dump          Command                                  Comments
005735C3      53            PUSH EBX
005735C4      51            PUSH ECX
005735C5      52            PUSH EDX
005735C6      56            PUSH ESI
005735C7      57            PUSH EDI
005735C8      55            PUSH EBP
005735C9      81EC 30010000 SUB ESP,130
005735CF      BD 44000000   MOV EBP,44
005735D4      8B3D A85D5900 MOV EDI,DWORD PTR DS:[595DA8]
005735DA      8B77 1A       MOV ESI,DWORD PTR DS:[EDI+1A]
005735DD      C1FE 10       SAR ESI,10
005735E0      69F6 28030000 IMUL ESI,ESI,328
005735E6      A1 C8365A00   MOV EAX,DWORD PTR DS:[5A36C8]
005735EB      01C6          ADD ESI,EAX
005735ED      31C0          XOR EAX,EAX
005735EF      8A042E        MOV AL,BYTE PTR DS:[EBP+ESI]
005735F2      3C 04         CMP AL,4
005735F4      77 0A         JA SHORT 00573600
005735F6      83FD 4C       CMP EBP,4C
005735F9      74 18         JE SHORT 00573613
005735FB      E9 C0000000   JMP 005736C0
00573600      55            PUSH EBP
00573601      BD 10205A00   MOV EBP,OFFSET 005A2010
00573606      6BC0 40       IMUL EAX,EAX,40
00573609      8B4428 3C     MOV EAX,DWORD PTR DS:[EBP+EAX+3C]
0057360D      5D            POP EBP
0057360E      83F8 01       CMP EAX,1
00573611    ^ 74 E8         JE SHORT 005735FB
00573613      8A042E        MOV AL,BYTE PTR DS:[EBP+ESI]
00573616      E8 E41EEEFF   CALL 004554FF
0057361B      E8 DF84FAFF   CALL 0051BAFF
00573620      89C1          MOV ECX,EAX
00573622      85C0          TEST EAX,EAX
00573624      0F84 96000000 JE 005736C0
0057362A      8A46 4C       MOV AL,BYTE PTR DS:[ESI+4C]
0057362D      E8 CD1EEEFF   CALL 004554FF
00573632      E8 C884FAFF   CALL 0051BAFF
00573637      89C1          MOV ECX,EAX
00573639      85C0          TEST EAX,EAX
0057363B      0F84 8C000000 JE 005736CD
00573641      66:8B59 04    MOV BX,WORD PTR DS:[ECX+4]
00573645      31C0          XOR EAX,EAX
00573647      89E2          MOV EDX,ESP
00573649      88D8          MOV AL,BL
0057364B      E8 6FC3EFFF   CALL 0046F9BF
00573650      8B5424 68     MOV EDX,DWORD PTR SS:[ESP+68]
00573654      66:83FA 06    CMP DX,6
00573658      74 59         JE SHORT 005736B3
0057365A      66:83FA 07    CMP DX,7
0057365E      74 53         JE SHORT 005736B3
00573660      807E 4C 01    CMP BYTE PTR DS:[ESI+4C],1
00573664      75 19         JNE SHORT 0057367F
00573666      66:83FB 1A    CMP BX,1A
0057366A      75 6D         JNE SHORT 005736D9
0057366C      31C0          XOR EAX,EAX
0057366E      BA 26000000   MOV EDX,26
00573673      8A46 4C       MOV AL,BYTE PTR DS:[ESI+4C]
00573676      E8 0484ECFF   CALL 0043BA7F
0057367B      85C0          TEST EAX,EAX
0057367D      74 34         JE SHORT 005736B3
0057367F      BA 03000000   MOV EDX,3
00573684      31C0          XOR EAX,EAX
00573686      66:899C24 280 MOV WORD PTR SS:[ESP+128],BX
0057368E      66:8B8424 1C0 MOV AX,WORD PTR SS:[ESP+11C]
00573696      899424 200100 MOV DWORD PTR SS:[ESP+120],EDX
0057369D      898424 2C0100 MOV DWORD PTR SS:[ESP+12C],EAX
005736A4      8D9424 200100 LEA EDX,[ESP+120]
005736AB      8B47 38       MOV EAX,DWORD PTR DS:[EDI+38]
005736AE      E8 3C77FAFF   CALL 0051ADEF
005736B3      89C8          MOV EAX,ECX
005736B5      E8 E580FAFF   CALL 0051B79F
005736BA      89C1          MOV ECX,EAX
005736BC      85C0          TEST EAX,EAX
005736BE    ^ 75 81         JNE SHORT 00573641
005736C0      83FD 44       CMP EBP,44
005736C3      75 2F         JNE SHORT 005736F4
005736C5      83C5 08       ADD EBP,8
005736C8    ^ E9 07FFFFFF   JMP 005735D4
005736CD      81C4 30010000 ADD ESP,130
005736D3      5F            POP EDI
005736D4      5E            POP ESI
005736D5      5A            POP EDX
005736D6      59            POP ECX
005736D7      5B            POP EBX
005736D8      C3            RETN
005736D9      66:83FB 1B    CMP BX,1B
005736DD    ^ 74 8D         JE SHORT 0057366C
005736DF      66:83FB 22    CMP BX,22
005736E3    ^ 74 87         JE SHORT 0057366C
005736E5      66:83FB 29    CMP BX,29
005736E9    ^ 74 81         JE SHORT 0057366C
005736EB      66:83FB 2A    CMP BX,2A
005736EF    ^ 0F84 77FFFFFF JE 0057366C
005736F5    ^ EB 88         JMP SHORT 0057367F 

EDIT: Original:

Code: Select all

Address   Hex dump              Command                                  Comments
004F3D70      53                PUSH EBX
004F3D71      51                PUSH ECX
004F3D72      52                PUSH EDX
004F3D73      56                PUSH ESI
004F3D74      55                PUSH EBP

004F3D75      81EC 30010000     SUB ESP,130

004F3D7B      8B3D A85D5900     MOV EDI,DWORD PTR DS:[595DA8]
004F3D81      8B77 1A           MOV ESI,DWORD PTR DS:[EDI+1A]
004F3D84      C1FE 10           SAR ESI,10
004F3D87      69F6 28030000     IMUL ESI,ESI,328
004F3D8D      A1 C8365A00       MOV EAX,DWORD PTR DS:[5A36C8]
004F3D92      01C6              ADD ESI,EAX
004F3D94      31C0              XOR EAX,EAX















004F3D96      8A46 4C           MOV AL,BYTE PTR DS:[ESI+4C]

004F3D99      E8 6217F6FF       CALL 00455500
004F3D9E      E8 5D7D0200       CALL 0051BB00
004F3DA3      89C1              MOV ECX,EAX
004F3DA5      85C0              TEST EAX,EAX
004F3DA7      0F84 7F000000     JZ 004F3E2C
004F3DAD      66:8B59 04        MOV BX,WORD PTR DS:[ECX+4]
004F3DB1      31C0              XOR EAX,EAX
004F3DB3      89E2              MOV EDX,ESP
004F3DB5      88D8              MOV AL,BL
004F3DB7      E8 04BCF7FF       CALL 0046F9C0
004F3DBC      8B5424 68         MOV EDX,DWORD PTR SS:[ESP+68]
004F3DC0      66:83FA 06        CMP DX,6
004F3DC4      74 59             JE SHORT 004F3E1F
004F3DC6      66:83FA 07        CMP DX,7
004F3DCA      74 53             JE SHORT 004F3E1F

004F3DCC      807E 4C 01        CMP BYTE PTR DS:[ESI+4C],1
004F3DD0      75 19             JNE SHORT 004F3DEB
004F3DD2      66:83FB 1A        CMP BX,1A
004F3DD6      75 60             JNE SHORT 004F3E38
004F3DD8      31C0              XOR EAX,EAX
004F3DDA      BA 26000000       MOV EDX,26
004F3DDF      8A46 4C           MOV AL,BYTE PTR DS:[ESI+4C]
004F3DE2      E8 997CF4FF       CALL 0043BA80
004F3DE7      85C0              TEST EAX,EAX
004F3DE9      74 34             JZ SHORT 004F3E1F

004F3DEB      BA 03000000       MOV EDX,3
004F3DF0      31C0              XOR EAX,EAX
004F3DF2      66:899C24 2801000 MOV WORD PTR SS:[ESP+128],BX
004F3DFA      66:8B8424 1C01000 MOV AX,WORD PTR SS:[ESP+11C]
004F3E02      899424 20010000   MOV DWORD PTR SS:[ESP+120],EDX
004F3E09      898424 2C010000   MOV DWORD PTR SS:[ESP+12C],EAX
004F3E10      8D9424 20010000   LEA EDX,[ESP+120]
004F3E17      8B47 38           MOV EAX,DWORD PTR DS:[EDI+38]
004F3E1A      E8 D16F0200       CALL 0051ADF0
004F3E1F      89C8              MOV EAX,ECX
004F3E21      E8 7A790200       CALL 0051B7A0
004F3E26      89C1              MOV ECX,EAX
004F3E28      85C0              TEST EAX,EAX
004F3E2A    ^ 75 81             JNZ SHORT 004F3DAD






004F3E2C      81C4 30010000     ADD ESP,130
004F3E32      5F                POP EDI
004F3E33      5E                POP ESI
004F3E34      5A                POP EDX
004F3E35      59                POP ECX
004F3E36      5B                POP EBX
004F3E37      C3                RETN
004F3E38      66:83FB 1B        CMP BX,1B
004F3E3C    ^ 74 9A             JE SHORT 004F3DD8
004F3E3E      66:83FB 22        CMP BX,22
004F3E42    ^ 74 94             JE SHORT 004F3DD8
004F3E44      66:83FB 29        CMP BX,29
004F3E48    ^ 74 8E             JE SHORT 004F3DD8
004F3E4A      66:83FB 2A        CMP BX,2A
004F3E4E    ^ 74 88             JE SHORT 004F3DD8
004F3E50    ^ EB 99             JMP SHORT 004F3DEB

My notes:

Code: Select all

This is the first part of the code

CPU Disasm
Address   Hex dump          Command                                  Comments
004F3D70      53            PUSH EBX
004F3D71      51            PUSH ECX
004F3D72      52            PUSH EDX
004F3D73      56            PUSH ESI
004F3D74      57            PUSH EDI
004F3D75      55            PUSH EBP
004F3D76      81EC 30010000 SUB ESP,130
004F3D7C      BD 44000000   MOV EBP,44
004F3D81      8B3D A85D5900 MOV EDI,DWORD PTR DS:[595DA8]
004F3D87      8B77 1A       MOV ESI,DWORD PTR DS:[EDI+1A]
004F3D8A      C1FE 10       SAR ESI,10
004F3D8D      69F6 28030000 IMUL ESI,ESI,328
004F3D93      A1 C8365A00   MOV EAX,DWORD PTR DS:[5A36C8]
004F3D98      01C6          ADD ESI,EAX
004F3D9A      31C0          XOR EAX,EAX
004F3D9C      8A042E        MOV AL,BYTE PTR DS:[EBP+ESI]
004F3D9F      3C 04         CMP AL,4
004F3DA1      77 0A         JA SHORT 004F3DAD				----> PUSH EBP just below
004F3DA3      83FD 4C       CMP EBP,4C
004F3DA6      74 18         JE SHORT 004F3DC0				----> MOV AL,BYTE PTR DS:[EBP+ESI]
004F3DA8      E9 8A000000   JMP 004F3E37 				----> CMP EBP,44
004F3DAD      55            PUSH EBP
004F3DAE      BD 10205A00   MOV EBP,OFFSET 005A2010
004F3DB3      6BC0 40       IMUL EAX,EAX,40
004F3DB6      8B4428 3C     MOV EAX,DWORD PTR DS:[EBP+EAX+3C]
004F3DBA      5D            POP EBP
004F3DBB      83F8 01       CMP EAX,1
004F3DBE    ^ 74 E8         JE SHORT 004F3DA8
004F3DC0      8A042E        MOV AL,BYTE PTR DS:[EBP+ESI]
004F3DC3      E8 3817F6FF   CALL 00455500
004F3DC8      E8 337D0200   CALL 0051BB00
004F3DCD      89C1          MOV ECX,EAX
004F3DCF      85C0          TEST EAX,EAX
004F3DD1      0F84 60000000 JE 004F3E37 				----> CMP EBP,44

53 51 52 56 57 55 81 EC 30 01 00 00 BD 44 00 00
00 8B 3D A8 5D 59 00 8B 77 1A C1 FE 10 69 F6 28
03 00 00 A1 C8 36 5A 00 01 C6 31 C0 8A 04 2E 3C
04 77 0A 83 FD 4C 74 18 E9 8A 00 00 00 55 BD 10
20 5A 00 6B C0 40 8B 44 28 3C 5D 83 F8 01 74 E8
8A 04 2E E8 38 17 F6 FF E8 33 7D 02 00 89 C1 85
C0 0F 84 60 00 00 00

Original code next:

Address   Hex dump          Command                                  Comments
004F3D96      8A46 4C       MOV AL,BYTE PTR DS:[ESI+4C]		
004F3D99      E8 6217F6FF   CALL 00455500
004F3D9E      E8 5D7D0200   CALL 0051BB00
004F3DA3      89C1          MOV ECX,EAX
004F3DA5      85C0          TEST EAX,EAX
004F3DA7      0F84 7F000000 JZ 004F3E2C				     	----> ADD ESP,130
004F3DAD      66:8B59 04    MOV BX,WORD PTR DS:[ECX+4]
004F3DB1      31C0          XOR EAX,EAX
004F3DB3      89E2          MOV EDX,ESP
004F3DB5      88D8          MOV AL,BL
004F3DB7      E8 04BCF7FF   CALL 0046F9C0
004F3DBC      8B5424 68     MOV EDX,DWORD PTR SS:[ESP+68]
004F3DC0      66:83FA 06    CMP DX,6					
004F3DC4      74 59         JE SHORT 004F3E1F				----> MOV EAX,ECX
004F3DC6      66:83FA 07    CMP DX,7					
004F3DCA      74 53         JE SHORT 004F3E1F				----> MOV EAX,ECX
004F3DCC      807E 4C 01    CMP BYTE PTR DS:[ESI+4C],1
004F3DD0      75 19         JNE SHORT 004F3DEB				----> MOV EDX,3
004F3DD2      66:83FB 1A    CMP BX,1A
004F3DD6      75 60         JNE SHORT 004F3E38				----> CMP BX,B1
004F3DD8      31C0          XOR EAX,EAX
004F3DDA      BA 26000000   MOV EDX,26
004F3DDF      8A46 4C       MOV AL,BYTE PTR DS:[ESI+4C]
004F3DE2      E8 997CF4FF   CALL 0043BA80
004F3DE7      85C0          TEST EAX,EAX
004F3DE9      74 34         JZ SHORT 004F3E1F				----> MOV EAX,ECX

8A 46 4C E8 62 17 F6 FF E8 5D 7D 02 00 89 C1 85
C0 0F 84 7F 00 00 00 66 8B 59 04 31 C0 89 E2 88
D8 E8 04 BC F7 FF 8B 54 24 68 66 83 FA 06 74 59
66 83 FA 07 74 53 80 7E 4C 01 75 19 66 83 FB 1A
75 60 31 C0 BA 26 00 00 00 8A 46 4C E8 99 7C F4
FF 85 C0 74 34


CPU Disasm
Address   Hex dump          Command                                  Comments
004F3DEB      BA 03000000   MOV EDX,3
004F3DF0      31C0          XOR EAX,EAX
004F3DF2      66:899C24 280 MOV WORD PTR SS:[ESP+128],BX
004F3DFA      66:8B8424 1C0 MOV AX,WORD PTR SS:[ESP+11C]
004F3E02      899424 200100 MOV DWORD PTR SS:[ESP+120],EDX
004F3E09      898424 2C0100 MOV DWORD PTR SS:[ESP+12C],EAX
004F3E10      8D9424 200100 LEA EDX,[ESP+120]
004F3E17      8B47 38       MOV EAX,DWORD PTR DS:[EDI+38]
004F3E1A      E8 D16F0200   CALL 0051ADF0
004F3E1F      89C8          MOV EAX,ECX
004F3E21      E8 7A790200   CALL 0051B7A0
004F3E26      89C1          MOV ECX,EAX
004F3E28      85C0          TEST EAX,EAX
004F3E2A    ^ 75 81         JNZ SHORT 004F3DAD				----> MOV BX,WORD PTR DS:[ECX+4]

BA 03 00 00 00 31 C0 66 89 9C 24 28 01 00 00 66
8B 84 24 1C 01 00 00 89 94 24 20 01 00 00 89 84
24 2C 01 00 00 8D 94 24 20 01 00 00 8B 47 38 E8
D1 6F 02 00 89 C8 E8 7A 79 02 00 89 C1 85 C0 75
81


New code

CPU Disasm
Address   Hex dump          Command                                  Comments
004F3E37      83FD 44       CMP EBP,44
004F3E3A      75 08         JNE SHORT 004F3E44				----> MOV BX,WORD PTR DS:[ECX+4]
004F3E3C      83C5 08       ADD EBP,8
004F3E3F    ^ E9 3DFFFFFF   JMP 004F3D81				----> MOV EDI,DWORD PTR DS:[595DA8]

83 FD 44 75 08 83 C5 08 E9 3D FF FF FF


Original code

CPU Disasm
Address   Hex dump          Command                                  Comments
004F3E2C      81C4 30010000 ADD ESP,130
004F3E32      5F            POP EDI
004F3E33      5E            POP ESI
004F3E34      5A            POP EDX
004F3E35      59            POP ECX
004F3E36      5B            POP EBX
004F3E37      C3            RETN
004F3E38      66:83FB 1B    CMP BX,1B
004F3E3C    ^ 74 9A         JE SHORT 004F3DD8				----> XOR EAX,EAX followed by MOV EDX,26
004F3E3E      66:83FB 22    CMP BX,22
004F3E42    ^ 74 94         JE SHORT 004F3DD8				----> XOR EAX,EAX followed by MOV EDX,26
004F3E44      66:83FB 29    CMP BX,29
004F3E48    ^ 74 8E         JE SHORT 004F3DD8				----> XOR EAX,EAX followed by MOV EDX,26
004F3E4A      66:83FB 2A    CMP BX,2A
004F3E4E    ^ 74 88         JE SHORT 004F3DD8				----> XOR EAX,EAX followed by MOV EDX,26
004F3E50    ^ EB 99         JMP SHORT 004F3DEB				----> MOV EDX,3

81 C4 30 01 00 00 5F 5E 5A 59 5B C3 66 83 FB 1B
74 9A 66 83 FB 22 74 94 66 83 FB 29 74 8E 66 83
FB 2A 74 88 EB 99




The full thing from ******

53 51 52 56 57 55 81 EC 30 01 00 00 BD 44 00 00 00 8B 3D A8 5D 59 00 8B 77 1A C1 FE 10 69 F6 2803 00 00 A1 C8 36 5A 00 01 C6 31 C0 8A 04 2E 3C04 77 0A 83 FD 4C 74 18 E9 C0 00 00 00 55 BD 1020 5A 00 6B C0 40 8B 44 28 3C 5D 83 F8 01 74 E88A 04 2E E8 E4 1E EE FF E8 DF 84 FA FF 89 C1 85C0 0F 84 96 00 00 00 8A 46 4C E8 CD 1E EE FF E8C8 84 FA FF 89 C1 85 C0 0F 84 8C 00 00 00 66 8B59 04 31 C0 89 E2 88 D8 E8 6F C3 EF FF 8B 54 2468 66 83 FA 06 74 59 66 83 FA 07 74 53 80 7E 4C01 75 19 66 83 FB 1A 75 6D 31 C0 BA 26 00 00 008A 46 4C E8 04 84 EC FF 85 C0 74 34 BA 03 00 0000 31 C0 66 89 9C 24 28 01 00 00 66 8B 84 24 1C01 00 00 89 94 24 20 01 00 00 89 84 24 2C 01 0000 8D 94 24 20 01 00 00 8B 47 38 E8 3C 77 FA FF89 C8 E8 E5 80 FA FF 89 C1 85 C0 75 81 83 FD 4475 2F 83 C5 08 E9 07 FF FF FF 81 C4 30 01 00 005F 5E 5A 59 5B C3 66 83 FB 1B 74 8D 66 83 FB 2274 87 66 83 FB 29 74 81 66 83 FB 2A 74 08 EB 8C00 E9 48 FF FF FF E9 6E FF FF FF

Change this ref to CALL 00*******
Address   Hex dump          Command                                  Comments
004F4D96  |.  E8 D5EFFFFF   CALL 004F3D70
Post Reply

Return to “Building minors ships after membership (option)”