400_functions

; when save+exit game:

; FN game.4584C0 ; func game.4584C0 ( ; esp, ; *ebx, // some global ptr? ; ) push ebp ; stack.push(ebp) mov ebp,esp ; ebp = esp sub esp,2C ; esp = esp - 2C push esi ; stack.push(esi) mov esi,dword ptr ds:[7A5164] ; esi = getInt(getInt(CONST_7A5164)) test esi,esi ; je game.458677 ; if (esi == 0) return mov ecx, dword ptr ds:[esi+4] ; ecx = getInt(getInt(esi + 4)) mov edx, dword ptr ds:[7A0638] ; edx = getInt(getInt(CONST_7A0638)) xor eax, eax ; eax = 0 mov dword ptr ss:[ebp-28],eax ; setInt(ebp - 28, 0) ... // mov dword ptr ss:[ebp-4],eax ; setInt(ebp - 4, 0) mov eax,dword ptr ds:[esi] ; eax = getInt(esi) mov dword ptr ss:[ebp-28],ecx ; setInt(ebp - 28, ecx) mov ecx,dword ptr ds:[esi+8] ; ecx = getInt(esi + 8) mov dword ptr ss:[ebp-2C],eax ; setInt(ebp - 2C, eax) mov eax,dword ptr ds:[edx+4] ; eax = getInt(edx + 4) lea edx,dword ptr ss:[ebp-20] ; edx = ebp - 20 mov dword ptr ss:[ebp-24],eax ; setInt(ebp - 24, eax) call game.458440 ; game.458440(ecx, edx, *ebx) mov ecx,dword ptr ds:[esi+C] ; ecx = getInt(esi + C) lea edx,dword ptr ss:[ebp-1C] ; edx = ebp - 1C call game.458440 ; game.458440(ecx, edx, *ebx) mov ecx,dword ptr ds:[esi+10] ; ecx = getInt(esi + 10) lea edx,dword ptr ss:[ebp-18] ; edx = ebp - 18 call game.458440 ; game.458440(ecx, edx, *ebx) mov ecx,dword ptr ds:[esi+14] ; ecx = getInt(esi + 14) lea edx,dword ptr ss:[ebp-14] ; edx = ebp - 14 call game.458440 ; game.458440(ecx, edx, *ebx)

                             ; // if else thing

mov ecx,dword ptr ss:[ebp-20] ; ecx = getInt(ebp - 20) test ecx,ecx ; jne game.45855D ; if (ecx != 0) // jump mov ecx,dword ptr ss:[ebp-1C] ; ecx = getInt(ebp - 1C) text ecx,ecx ; jne game.45858B ; if (ecx != 0) // jump mov ecx,dword ptr ss:[ebp-18] ; ecx = getInt(ebp - 18) test ecx,ecx jne game.4585B9 ; if (ecx != 0) // jump mov ecx,dword ptr ss:[ebp-14] ; ecx = getInt(ebp - 14) test ecx,ecx je game.458677 ; if (ecx == 0) // jump esp = ebp // basically dont change incoming value return jmp game.4585E6 ; else // jump ; J game.45855D push 0 ; stack.push(0) push 4EA ; stack.push(4EA) mov edx,game.6D66F0 ; edx = game.6D66F0 // (ptr to string?) call game.40B380 ; game.40B380() mov ecx,[7A5164] ; ecx = getInt(CONST_7A5164) mov [ebp-10],eax ; setInt(ebp - 10, eax) mov ecx,[ecx+8] ; ecx = getInt(ecx + 8) mov [7A5154],eax ; setInt(CONST_7A5154, eax) call game.458470 ; game.458470()

mov ecx,[ebp-1C] ; ecx = getInt(ebp - 1C) test ecx,ecx je game.4585B2 ; if ecx == 0 // jump (skip data collection??) push 0 ; stack.push(0) push 4F1 ; stack.push(4F1) mov edx,game.6D66F0 ; edx = game.6D66F0 call game.40B380 ; game.40B380() mov edx,[7A5164] ; edx = getInt(CONST_7A5164) mov [ebp-C],eax ; setInt(ebp - C, eax) mov ecx, [edx+C] ; ecx = getInt(edx + C) mov [7A5154],eax ; setInt(CONST_7A5154, eax) call game.458470 ; game.458470()

; J game.4585B2 mov ecx, [ebp-18] ; ecx = getInt(ebp - 18) test ecx,ecx je game.4585DF ; if ecx == 0 // jump (skip data collection) push 0 ; stack.push(0) push 4F8 ; stack.push(4F8) mov edx,game.6D66F0 ; edx = game.6D66F0 call game.40B380 ; game.40B380() mov [ebp-8],eax ; setInt(ebp - 8, eax) mov [7A5154],eax ; setInt(CONST_7A5154, eax) mov eax,[7A5164] ; eax = getInt(CONST_7A5164) mov ecx,[eax+10] ; ecx = getInt(eax + 10) call game.458470 ; game.458470()

; J game.4585DF mov ecx, [ebp-14] ; ecx = getInt(ebp - 14) test ecx,ecx je game.45860D ; if ecx == 0 // jump (skip data collection) push 0 ; stack.push(0) push 4FF ; stack.push(4FF) mov edx, game.6D66FO ; edx = game.6D66FO call game.40B380 ; game.40B380() mov ecx,[7A5164] ; ecx = getInt(CONST_7A5164) mov [ebp-4],eax ; setInt(ebp - 4, eax) mov ecx,[ecx+14] ; ecx = getInt(ecx + 14) mov [7A5154],eax ; setInt(CONST_7A5154, eax) call game.458470 ; game.458470()

; J game.45860D push edi ; stack.push(edi) lea edi,[ebp-2C] ; edi = ebp - 2C call game.458200 ; game.458200

; FN game.458200 // long func... probably some data collection for save game?

                       ; func game.458200 (
                       ; )

push ebp ; stack.push(ebp) mov ebp,esp ; ebp = esp sub esp,19C ; esp -= 19C push esi ; stack.push(esi) call game.457F40 ; game.457F40()

; FN game.457F40 // function to save map file ? (references the map save file name) ; func game.457F40 ( ; ) push ebp ; stack.push(ebp) mov ebp,esp ; ebp = esp sub esp,328 ; esp -= 328 push ebx ; stack.push(ebx) push edi ; stack.push(edi) xor ebx,ebx ; ebx = 0 push 103 ; stack.push(103) lea eax,[ebp-223] ; eax = ebp - 223 push ebx ; stack.push(ebx) push eax ; stack.push(eax) mov byte [ebp-224],bl ; setByte(ebp-244, bl) (bl ... first 8bytes of ebx?) call game.681EF0 ; game.681EF0()

; FN game.681EF0 ; func game.681EF0( ; ) mov edx,[esp+C] ; edx = getInt(esp + C) mov ecx,[esp+4] ; ecx = getInt(esp + 4) test edx,edx ; je game.681F65 ; if edx == 0 ; eax = getInt(esp + 4) ; return xor eax,eax ; eax = 0 mov al, byte [esp+8] ; al = getByte(esp+8) test al,al ; jne game.681F1C ; if al != 0 // jump cmp edx,100 ; jb game.681F1C ; if edx < 100 // jump cmp [994C88],0 ; je game.681F1C ; if getInt(CONST_994C88) == 0 // jump jmp game.68A797 ; the long jump down ... :D

; J game.681F1C push edi ; stack.push(edi) mov edi,ecx ; edi = ecx cmp edx,4 ; jb game.681F55 ; if edx < 4 // jump neg ecx ; ecx = -ecx and ecx,3 ; ecx = ecx & 3 je game.681F37 ; if ecx == 0 // jump sub edx,ecx ; edx -= ecx

                   ; do

mov byte [edi],al ; setByte(edi, al) add edi,1 ; edi += 1 sub ecx,1 ; ecx -= 1 jne game.681F2D ; while (ecx != 0)

; J game.681F37 mov ecx,eax ; ecx = eax shl eax,8 ; eax = eax * 256 add eax,ecx ; eax += ecx mov ecx,eax ; ecx = eax shl eax,10 ; eax = eax * 1024 add eax,ecx ; eax += ecx mov ecx,edx ; ecx = edx and edx,3 ; edx = edx & 3 shr ecx,2 ; ecx = ecx / 2 // of course 1 / 2 = 0 :p int je game.681F55 ; if ecx == 0 // jump rep stosd ; wtf? .. repeat some string test edx,edx ; je game.681F5F ; if edx == 0 //

; J game.681F55 ; do mov byte [edi],al ; setByte(edi, al) add edi,1 ; edi += 1 sub edx,1 ; edx -= 1 jne game.681F55 ; while (edx != 0)

... good evening :P good night ...

; FN game.458440 ; func game.458440 ( ; ecx, ; edx, ; *ebx, // some global ptr? ; ) push esi ; stack.push(esi) mov esi,ecx ; esi = ecx test esi,esi ; push edi ; stack.push(edi) mov edi,edx ; edi = edx je game.458469 ; if (esi == 0) return lea ebx,dword ptr ds:[ebx] ; ebx = ebx (maybe needed to use some fc from other module? here ebx was kernel.76343101) ; // loop through an array of items (len 6)? ; do mov ecx,dword ptr ds:[esi+C] ; ecx = getInt(esi + C) mov edx,edi ; edx = edi call game.458440 ; game.458440(ecx, edx, ebx) // until ecx == 0 (see above) cmp dword ptr ds:[esi],0 ; jne game.458462 ; if (getInt(esi)) == 0 add dword ptr ds:[edi],6 ; setInt(edi, getInt(edi, 6)) mov esi,dword ptr ds:[esi+10] ; esi = getInt(esi + 10) test esi,esi ; jne game.458450 ; while esi != 0 pop edi ; edi = stack.pop() pop esi ; esi = stack.pop() ret ; END FN game.458440

; FN game.40B380 ; func game.40B380 ( ; esp, ; edx, ; ecx, ; ) push ebp ; stack.push(ebp) mov ebp,esp ; ebp = esp push ebx ; stack.push(ebx) mov ebx,dword ptr ss:[ebp+8] ; ebx = getInt(ebp + 8) push esi ; stack.push(esi) push edi ; stack.push(edi) mov edi,edx ; edi = edx push ebx ; stack.push(ebx) mov edx,ecx ; edx = ecx push edi ; stack.push(edi) xor ecx,ecx ; ecx = 0 call game.40A080 ; game.40A080() mov esi,eax ; esi = eax test esi,esi ; jne game.40B3AF ; if esi != 0 // jump push game.6CC837 ; stack.push(game.6CC837) push ebx ; stack.push(ebx) push edi ; stack.push(edi) push 2 ; stack.push(2) call game.408900 ; game.408900() add esp,10 ; esp += 10 mov eax,esi ; eax = esi

; J game.40B3AF pop edi ; edi = stack.pop() pop esi ; esi = stack.pop() pop ebx ; ebx = stack.pop() pop ebp ; ebp = stack.pop() ret 8 ; return (and rm 8 bytes from stack) ; END FN game.40B380

; FN game.40A080 ; func game_40A080 ( ; ecx pMempool mempool ; edx int unknownInt2 (0x3C) ; ebp+8 addr unknownArg3 (game.6E90A4) ; ebp+C int unknownInt4 (0x56A) ; ) push ebp ; mov ebp,esp ; push ebx ; mov ebx,ecx ; test ebx,ebx ; push esi ; mov esi,edx ; jne game.40A092 ; if mempool == null mov ebx,game.74F104 ; mempool = GLOBAL.Mempool

; J game.40A092 cmp dword ptr ds:[74F0E8],0 ; jne game.40A0B4 ; if GLOBAL.Unknown_74F0E8 == 0 push 8000 ; push 40000 ; push game.6CD348 ; push 0 ; call game.409DD0 ; game_409DD0( ; 0 ; game.6CD348 ; 40000 ; 8000 ; ) add esp,10 ; esp += 10

; J game.40A0B4 cmp [ebx],0 ; je game.40A0D0 ; if mempool != null ; // begin not analyzed mov eax,dword ptr ss:[ebp+C] ; eax = getInt(ebp + C) mov ecx,dword ptr ss:[ebp+8] ; ecx = getInt(ebp + 8) push eax ; stack.push(eax) push ecx ; stack.push(ecx) mov edx,esi ; edx = esi mov ecx,ebx ; ecx = ebx call game.409770 ; game.409770() pop esi ; esi = stack.pop() pop ebx ; ebx = stack.pop() pop ebp ; ebp = stack.pop() ret 8 ; return (and remove 8 bytes from stack?) ; // end not analyzed

; J game.40A0D0 mov eax,esi ; call game.4091B0 ; unknown = game_4091B0( ; eax unknownInt2 ; ) cmp eax,[ebx+1C] ; jl game.40A0F3 ; if unknown >= mempool.unknown_C ; // begin not analyzed mov edx,[ebp+C] ; edx = getInt(ebp + C) mov eax,[ebp+8] ; eax = getInt(ebp + 8) push edx ; push eax ; mov edx,esi ; edx = esi mov ecx,ebx ; ecx = ebx call game.409770 ; game.409770() pop esi ; pop ebx ; pop ebp ; ret 8 ; return (and remove 8 bytes from stack?) ; // end not analyzed

; J game.40A0F3 lea ecx,[eax+eax*2] ; shl ecx,4 ; mempool.setDataSize(0x42) // items in the datapool have size of 42 ; lea esi,[ecx+ebx+20] ; *data = mempool.DataArray_20[unknown]

push esi ; call <&RtrlEnterCriticalSection> ; // ntdll.RtlEnterCriticalSection() ?? lea edx,[ebp+C] ; push edx ; call game.409700 ; retval = game_409700( ; esi data ; ebx mempool ; ebp+8 addr(unknownInt4) ; )

cmp eax,[esi+1C] ; jl game.40A131 ; if retval >= UnknownData.unknown_C

push 4F3 ; raise ERROR 4F3

; J game.40A117 call game.408090 ; push eax ; push game.6CC837 ; call game.408A60 ; add esp,C ; push FFFFFFFF ; call game.681E09 ;

; J game.40A131 mov ecx,[ebp+C] ; test ecx,ecx ; jne game.40A146 ; if mempool == null push esi ; call <&RtrlLeaveCriticalSection> ; // ntdll.RtlLEaveCriticalSection() push 4F8 ; jmp game.40A117 ; raise ERROR 4F8

; J game.40A146 add [ecx+8],1 ; mempool.unknown_8++ mov ebx,[ecx+4] ; ebx = mempool.pMempoolFlags push edi ; mov edx,eax ; sar edx,5 ; mov edi,eax ; add edx,edx ;

and edi,1F ; index = retval & 0001 1111 mov edi,[edi*4+6CE268] ; flag = GLOBAL.Unknown_6CE268[index] add edx,edx ; edx = (retval >> 5) * 4 test [edx+ebx],edi ; je game.40A16F ; if mempool.pMempoolFlags[edx] & flag == 0 push 4FF ; jmp game.40A117 ; raise ERROR 4FF

; J game.40A16F or [edx+ebx],edi ; mempool.pMempoolFlags[edx] |= flag

add edx,ebx ; // doesnt matter mov edx,[esi+1C] ; edx = UnknownData.unknown_1C cmp [ecx+8],edx ; jl game.40A1CE ; if mempool.unknown_8 < UnknownData.unknown_1C ; goto: 40A1CE

cmp [ecx+10],0 ; je game.40A1CE ; if mempool.unknown_10 == 0 // jump ; goto: 40A1CE

                             ; // begin not analyzed

mov edi,dword ptr ds:[ecx+10] ; edi = getInt(ecx + 10) cmp dword ptr ds:[edi+8],edx ; jge game.40A1CE ; if getInt(edi + 8) >= edx // jump cmp dword ptr ds:[ecx+C],0 ; jne game.40A195 ; if getInt(ecx + C) != 0 // jump mov dword ptr ds:[esi+28],edi ; setInt(esi + 28, edi) jmp game.40A19B ; // jump mov edx,dword ptr ds:[ecx+C] ; edx = getInt(ecx + C) mov dword ptr ds:[edx+10],edi ; setInt(edx+10, edi) cmp dword ptr ds:[ecx+10],0 ; je game.40A1AA ; if getInt(ecx + 10) == 0 // jump mov edx,dword ptr ds:[ecx+10] ; edx = getInt(ecx + 10) mov edi,dword ptr ds:[ecx+C] ; edi = getInt(ecx + C) mov dword ptr ds:[edx+C],edi ; setInt(edx + C, edi) mov edx, dword ptr ds:[esi+2C] ; edx = getInt(esi + 2C) test edx,edx ; jne game.40A1BB ; if edx != 0 //jump push 50D ; jmp game.40A117 ; raise ERROR 50D

; J game.40A1BB mov dword ptr ds:[edx+10],ecx ; setInt(edx + 10, ecx) mov edx, dword ptr ds:[esi+2C] ; edx = getInt(esi + 2C) mov dword ptr ds:[ecx+C],edx ; setInt(ecx + C, edx) mov dword ptr ds:[esi+2C],ecx ; setInt(esi + 2C, ecx) mov dword ptr ds:[ecx+10],0 ; setInt(ecx + 10, 0) ; // end not analyzed

; J game.40A1CE mov edi,[esi+18] ; imul edi,eax ; add edi,[ecx] ; push esi ; call <&RtrlLeaveCriticalSection> ; // ntdll.RtlLEaveCriticalSection() ?? mov eax,edi ; pop edi ; pop esi ; pop ebx ; pop ebp ; ret 8 ; return mempool.unknown_00 + UnknownData.unknown_18 * retval ; END FN game.40A080

; START ------------------------ ; FN game.409DD0 ; ; game_409DD0 ( ; ebp+8 ??? unknownArg1 (0) ; ebp+C ??? unknownArg2 (game.6CD348) ; ebp+10 int unknownArg3 (40000) ; ebp+14 int unknownArg3 (8000) ; ) // not analyzed ; END --------------------------

; START ------------------------ ; FN game.4091B0 ; ; game_4091B0 ( ; eax int unknownInt1 (3C) ; ) push ebp mov ebp,esp push ecx cmp eax,10 ; jg game.4091BF ; if unknownInt1 <= 10 xor eax,eax ; return 0 mov esp,ebp ; pop ebp ; ret ;

; J game.4091BF cmp eax,3 ; // doesnt make sense, ; // why is this after the <= 10 check? ; // maybe some code jumps to the check jge game.4091DO ; if unknownInt1 < 3 mov eax,1 ; return -3 add eax,FFFFFFFC ; mov esp,ebp ; pop ebp ; ret ;

; J game.4091DO add eax,FFFFFFFF ; unknownInt1-- mov [ebp-4],eax ; // todo: find out why stack base data is manipulated ; // doesnt make sense ; // unknownInt1 is always >= 2 jne game.4091E3 ; if unknownInt1 == 0 xor eax,eax ; return -4 mov eax,FFFFFFFC ; mov esp,ebp ; pop ebp ; ret ;

; J game.4091E3 ; // 07 0D 00 00 ; //=0000 0000 0000 0000 0000 1101 0000 0111 ; //=> most significant bit: 0xB (11) bsr eax,[ebp-4] ; significantBitPosition = bitScanReverse(unknownInt1) // https://www.felixcloutier.com/x86/bsr inc eax ; mov [ebp-4],eax ; // todo: find out why stack base data is manipulated mov eax,[ebp-4] ; add eax,FFFFFFFC ; return significantBitPosition - 3 mov esp,ebp pop ebp ret ; ; END --------------------------

; FN game.409700 ; game_409700 ( ; esi pUnknownData unknownData ; ebx pMempool mempool ; ebp+8 int unknownIntAddr1 ; ) ; push ebp ; mov ebp,esp ; push edi ; mov edi,[esi+28] ; test edi,edi ; unknownData2 = unknownData.unknown_28 jne game.409729 ; if unknownData2 == null push esi ; mov eax,ebx ; call game.4095E0 ; retval = game_4095E0( ; eax mempool ; ebp+8 unknownData ; ) test eax,eax ; je game.409762 ; if retval == 0 ; setInt(unknownIntAddr1, mempool) ; return 0 ; mov ecx,[ebp+8] ; ecx = getInt(ebp + 8) mov [esi+2C],eax ; unknownData.unknown_2C = retval mov [esi+28],eax ; unknownData.unknown_28 = retval mov [ecx],eax ; setInt(unknownIntAddr1, retval) xor eax,eax ; return 0 pop edi ; pop ebp ; ret 4 ; ;

; J game.409729 mov eax,[esi+1C] ; cmp [edi+8],eax ; jge game.409747 ; if unknownData2.unknown_8 < unknownData.unknown_1C mov ecx,[edi+4] ; call game.409240 ; retval = game_409240( ; eax unknownData ; ecx unknownData2.unknown_4 ; )

test eax,eax ; jl game.409747 ; retval >= 0 mov edx,[ebp+8] ; mov [edx],edi ; setInt(unknownIntAddr1, *unknownData2) pop edi ; pop ebp ; ret 4 ; return retval

; J game.409747 push esi mov eax,ebx ; call game.4095E0 ; retval = game_4095E0( ; eax mempool ; ebp+8 unknownData ; ) test eax,eax je game.409762 ; if retval != 0 mov ecx,[esi+28] ; mov [eax+10],ecx ; mempool.unknown_10 = unknownData.unknown_28 mov edx,[esi+28] ; unknownData2 = unknownData.unknown_28 mov [edx+C],eax ; unknownData2.unknown_C = mempool mov [edx+28],eax ; unknownData2.unknown_28 = mempool

; J game.409762 mov ecx,[ebp+8] ; mov [ecx],eax ; setInt(unknownIntAddr1, mempool) xor eax,eax ; pop edi ; pop ebp ; ret 4 ; return 0 ; END FN game.409700

; START ------------------------ ; FN game.4095E0 ; ; game_4095E0 ( ; eax pMempool mempool ; ebp+8 ??? unknownData ; ) // not analyzed ; END --------------------------

; FN game.409240 ; game_409240( ; eax UnknownData unknownEax ; ecx ??? unknownEcx (unknownData2.unknown_4) ; ) ; push esi push edi mov edi,eax ; edi = eax mov edx,edi ; edx = edi sar edx,5 ; edx = edx / 32 (maybe with some implications ... but whatever for now) xor esi,esi ; esi = 0 or eax,FFFFFFFF ; eax = FFFFFFFF // right? mov edi,edi ; edi = edi // nothing ? cmp edx,7 ; ; do ja game.40925C ; if edx <= 7 // jump to getInt(edx4 + CONST_409348) ; // it jumps actually directly to the following codes ; // kind of like a switch case, just with lookup jmp dword ptr ds:[edx4+409348] ; cmp dword ptr ds:[ecx+1C],eax ; jne game.4092A2 ; if eax != getInt(ecx + 1C) // jump cmp dword ptr ds:[ecx+18],eax ; // edx 0 jumps here: jne game.4092B4 ; if eax != getInt(ecx + 18) // jump cmp dword ptr ds:[ecx+14],eax ; // edx 1 jumps here: jne game.4092C6 ; if eax != getInt(ecx + 14) // jump cmp dword ptr ds:[ecx+10],eax ; // edx 2 jumps here: jne game.4092D8 ; if eax != getInt(ecx + 10) // jump cmp dword ptr ds:[ecx+C],eax ; // edx 3 jumps here: jne game.4092EA ; if eax != getInt(ecx + C) // jump cmp dword ptr ds:[ecx+8],eax ; // edx 4 jumps here: jne game.4092F9 ; if eax != getInt(ecx + 8) // jump cmp dword ptr ds:[ecx+4],eax ; // edx 5 jumps here: jne game.409308 ; if eax != getInt(ecx + 4) // jump cmp dword ptr ds:[ecx],eax ; // edx 6 jumps here: jne game.409317 ; if eax != getInt(ecx) // jump cmp edx,8 ; // edx 7 jumps here: jle game.409323 ; if edx <= 8 // jump sub edx,8 ; edx -= 8 add ecx,20 ; ecx += 20 add esi,100 ; esi += 100 jmp game.409250 ; while true

; J game.4092A2 mov ecx,dword ptr ps:[ecx+1C] ; ecx = getInt(ecx + 1C) call game.409220 ; game.409220() pop edi lea eax,dword ptr ds:[eax+esi+E0] ; eax = eax + esi + E0 pop esi ret ; return

; J game.4092B4 mov ecx,dword ptr ds:[ecx+18] ; ecx = getInt(ecx + 18) call game.409220 ; game.409220() pop edi lea eax,dword ptr ds:[eax+esi+C0] ; eax = eax + esi + C0 pop esi ret ; return

; J game.4092C6 mov ecx,dword ptr ds:[ecx+14] ; ecx = getInt(ecx + 14) call game.409220 ; game.409220() pop edi lea eax,dword ptr ds:[eax+esi+A0] ; eax = eax + esi + A0 pop esi ret ; return

; J game.4092D8 mov ecx,dword ptr ds:[ecx+10] ; ecx = getInt(ecx + 10) call game.409220 ; game.409220() pop edi lea eax,dword ptr ds:[eax+esi+80] ; eax = eax + esi + 80 pop esi ret ; return

; J game.4092EA mov ecx,dword ptr ds:[ecx+C] ; ecx = getInt(ecx + C) call game.409220 ; game.409220() pop edi lea eax,dword ptr ds:[eax+esi+60] ; eax = eax + esi + 60 pop esi ret ; return

; J game.4092F9 mov ecx,dword ptr ds:[ecx+8] ; ecx = getInt(ecx + 8) call game.409220 ; game.409220() pop edi lea eax,dword ptr ds:[eax+esi+40] ; eax = eax + esi + 40 pop esi ret ; return

; J game.409308 mov ecx,dword ptr ds:[ecx+4] ; ecx = getInt(ecx + 4) call game.409220 ; game.409220() pop edi lea eax,dword ptr ds:[eax+esi+20] ; eax = eax + esi + 20 pop esi ret ; return

; J game.409317 mov ecx,dword ptr ds:[ecx] ; ecx = getInt(ecx) call game.409220 ; game.409220() pop edi add eax,esi ; eax = eax + esi pop esi ret ; return

; J game.409323 and edi,1F ; je game.409344 ; if edi == 1F ; return

mov ecx,dword ptr ds:[ecx+edx*4] ; ecx = getInt(ecx + edx * 4) cmp ecx,dword ptr ds:[edi * 4 + 6CD490] ; je game.409344 ; if ecx == getInt(edi *4 + CONST_6CD490) ; return

call game.409220 ; game.409220() mov ecx,eax ; ecx = eax mov eax,edx ; eax = edx shl eax,5 ; eax *= 32 add ecx,esi ; ecx += esi add eax,ecx ; eax += ecx pop edi ; pop esi ; ret ; return ; END FN game.409240

; FN game.409220 ; func game.409220( ; ebp, ; esp, ; ecx, ; ebx, ; ) push ebp ; stack.push(ebp) mov ebp,esp ; ebp = esp push ecx ; stack.push(ecx) push ebx ; stack.push(ebx)

mov dword ptr ss:[ebp-4],ecx ; setInt(esp-4, ecx) mov ebx,dword ptr ss:[ebp-4] ; ebx = getInt(esp-4) not ebx ; ebx = not(ebx) // bitwise not bsf eax,ebx ; eax = bitScanForward(ebx) // eax = least significant bit index mov dword ptr ss:[ebp-4],eax ; setInt(esp-4, eax) mov eax,dword ptr ss:[ebp-4] ; eax = getInt(esp-4)

pop ebx ; ebx = stash.pop() mov esp,ebp ; esp = ebp pop ebp ; ebp = stash.pop() ; // ??? less pop than push.. oO ; // original ebp remains on stack ; // note: will be popped into edi ; // after the func ret ; ; END FN game.409220

; FN game.458470 (create_????_Data) ; func game.458470( ; ) ; push esi ; stack.push(esi) mov esi,ecx ; esi = ecx test esi,esi ; je game.4584B3 ; if esi == 0 ; esi = stack.pop() ; return

; J game.458477 ; do mov ecx,[esi+C] ; ecx = getInt(esi+C) call game.458470 ; game.458470() // recursive cmp [esi],0 ; jne game.4584AC ; if getInt(esi) == 0 // jump ; // not sure about the 'short' stuff movzx ecx,word[esi+4] ; ecx = zeroExtend(getShort(esi+4)) // zeros + 2nd part of [esi+4] mov eax,[7A5154] ; eax = getInt(CONST_7A5154) mov word [eax],cx ; setShort(eax, cx) mov dx,word [esi+6] ; dx = getShort(esi + 6) add eax,2 ; eax += 2 mov word[eax],dx ; setShort(eax, dx) movzx ecx,word[esi+8] ; ecx = zeroExtend(getShort(esi + 8)) add eax,2 ; eax += 2 mov word [eax], cx ; setShort(eax, cx) add eax,2 ; eax += 2 mov [7A5154],eax ; setInt(CONST_7A5154, eax)

; J game.4584AC mov esi,[esi+10] ; esi = getInt(esi+10) test esi,esi ; jne game.458477 ; while (esi != 0)

; J game.4584B3 pop esi ; esi = stack.pop() ret ; return ; END FN game.458470

// constants that may later be useful in DiabloInterface:

CONST_7A5164: // todo: describe CONST_7A0638: // todo: describe CONST_7A5154: // some global write pointer? CONST_6CD490: // todo: describe CONST_409348: // some kind of function address index? CONST_6CE268: // todo: describe

// just random addresses and their meaning: // note: may only be true when saving the game (only seen in that context) game.7A05C4: character name game.6D6710: map savegame filename format

FN = function J = jump target/label LOC = fixed location/table somewhere in the memory

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

400_functions

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally