This starts by trying to find where the 0xA00 value is coming from.Īfter some trace back and analysis, using execution and data write breakpoints as needed, determined after the dig into the code and not obvious now. More memory in order to avoid the buffer overrun.ģ) Other.
There are at first 2 possible ways to go on that:ġ) Based on the fact that this could be due to the color expanding, avoid the problemīy having increments of 0x500 inside the destination buffer instead of 0xA00.Ģ) Find the place where the buffer is allocated, and patch the allocation to include To dig into it and try to patch it by hand, directly in the ASM. Given that there is not anymore support for this product, there is no other choice than (= 640 * 2 = 0x280 * 2), and 0xA00 at destination (= 640 * 4 = 0x280 * 4).Īt the moment where the process breaks, 0x46 or 0x45 lines are yet to be copied, to aīuffer which appears to have a size of 0x100400 bytes = a little more than 1 MB. This can be seen by the increments applied after each line copy, which is 0x500 at source converting fromĢ bytes pixels (16 bits color ?) to 4 bytes (32 bits color ?). The destination data seems to be twice the size of the source data, i.e. That moment trying to copy video data from one place to another, by 480 lines of 640 pixels
which is not physicallyĪllocated and mapped in the process space.Ĭoming back a little in the code and in the stack, it can be seen that the code is at It is trying to access a memory region which doesn't exist, i.e. Patched to 1.2 with ROGUE12.EXE of 1 316 556 bytes).
And here is what I know about the crash after every mission bug and its fix:Īfter the medal panel, the 1.2 patched game crashes at instruction 0x004EA2B0 (game