Re: Gachaste! Dino Device (Red and Blue)
Posted: Thu Nov 26, 2009 2:37 am
I haven't hacked Dino Device before, but GBA pointers are pretty straightforward (at least compared to GB/GBC pointers). Usually, pointers point to the address of the first element of something (e.g. the first letter in a block of text).
For example, let's say that one line of text starts at address 0x00123456. To find the pointer, you would add 0x08000000 (this is unique to GBA; each system has their own unique way of doing this) to get 0x08123456. On some GBA games, such as Telefang 2, you have to break each byte apart (which is 2 nibbles long) and reverse the order, e.g. 08 12 34 56 will become 56 34 12 08. Then you start at the beginning of the ROM and do a hex search for either 08 12 34 56 (if it's forwards/big endian) or 56 34 12 08 (if it's reversed/little endian) -- if you don't know whether a game reverses the bytes or not, then you have to try both until you find a match. (Of course, once you figure out the endianness of one pointer, then you'll know how the game orders all other pointers.)
You'll know when you'll have found a pointer table when every fourth byte is 08 (since every pointer is 4 bytes long, and will always have 08 in it), and the other three bytes have some pattern to them, usually increasing (since the address they point to will be close to each other). You can then edit these pointers to readjust lengths of text.
Oh, and the beauty of GBA is, since pointers are 4 bytes long (unlike any other system that I've seen, like (ugh) GB/GBC), you can point them ANYWHERE in the ROM, so any blank space is fair game. This is unlike GB/GBC games, where you're confined to a block of 0x4000 bytes, which is why Telefang (and pretty much any other GB/GBC game) has constant space issues with text, despite having loads of unused space. (Thankfully SNES isn't as bad as GB/GBC...)
For example, let's say that one line of text starts at address 0x00123456. To find the pointer, you would add 0x08000000 (this is unique to GBA; each system has their own unique way of doing this) to get 0x08123456. On some GBA games, such as Telefang 2, you have to break each byte apart (which is 2 nibbles long) and reverse the order, e.g. 08 12 34 56 will become 56 34 12 08. Then you start at the beginning of the ROM and do a hex search for either 08 12 34 56 (if it's forwards/big endian) or 56 34 12 08 (if it's reversed/little endian) -- if you don't know whether a game reverses the bytes or not, then you have to try both until you find a match. (Of course, once you figure out the endianness of one pointer, then you'll know how the game orders all other pointers.)
You'll know when you'll have found a pointer table when every fourth byte is 08 (since every pointer is 4 bytes long, and will always have 08 in it), and the other three bytes have some pattern to them, usually increasing (since the address they point to will be close to each other). You can then edit these pointers to readjust lengths of text.
Oh, and the beauty of GBA is, since pointers are 4 bytes long (unlike any other system that I've seen, like (ugh) GB/GBC), you can point them ANYWHERE in the ROM, so any blank space is fair game. This is unlike GB/GBC games, where you're confined to a block of 0x4000 bytes, which is why Telefang (and pretty much any other GB/GBC game) has constant space issues with text, despite having loads of unused space. (Thankfully SNES isn't as bad as GB/GBC...)