Well, with the recent TAS's regarding arbitrary code execution, it made me wonder if the glitch shown in the current Telefang TAS can lead to a way to do such. I would love to investigate, but unfortunately I don't know what's going on much (most of the effects were from the result of me smashing random keys).
Anyone with the technical knowledge of this game want to help?
Possible total control?
Re: Possible total control?
IIRC, it's making a mess of memory - copying a large chunk of data from one SRAM bank to another, but the bank is different than it expects. The data contains, among other things, the coordinates. So I don't think it's actually *executing* garbage. And I don't think Telefang has any callbacks in memory, either. Still, might be worth it to actually inspect the bug closely.
-
- Posts: 166
- Joined: Wed Dec 24, 2008 7:57 pm
Re: Possible total control?
This glitch was made by going to some acress of Denjuu World with Gameshark for Walk throght walls.
Re: Possible total control?
When you open the menu, $c480~$c4c0 is copied to $c260, and then $c0a0~$c3a0 is copied to SRAM bank 3 temporarily. Then when the map is loading the whole area at $c0a0~$c3a0 is nulled. It's then used for map stuff like cursor position. This is recovered after returning from the menu.
Not sure what happens on call yet.
And what exactly is stored there typically? Indeed, things like sprite data and overworld position, and also stuff like grass particles. Terribly exciting.
Incidentally, though, object data does seem to include script callbacks which get called every frame. In particular, $C2BE, $C2CE etc. seem to be examples.
Not sure what happens on call yet.
And what exactly is stored there typically? Indeed, things like sprite data and overworld position, and also stuff like grass particles. Terribly exciting.
Incidentally, though, object data does seem to include script callbacks which get called every frame. In particular, $C2BE, $C2CE etc. seem to be examples.