Reverse Engineering References

**Skarma** · October 28th, 2009 11:38 PM

Reversed from Halo CE 1.08 using OllyDbg, IDA Pro, Hexrays, and msdn.

Initializes a cache data header, calculates crc32 of the cache size, and updates the next available cache offset.

Code:

//----- (0053B780) --------------------------------------------------------
struct Identity
{
 union
 {
   uint32 Ident;
 
   struct
   {
     int16 Index;
     int16 Salt;
   };
 };
};

struct DataHeader
{
 unsigned char Name[32];
 WORD Max;
 WORD Size;
 bool IsValid;
 bool IdentifierZeroInvalid;
 WORD Padding;
 DWORD Signature;
 short NextIndex;
 short LastIndex;
 Identity Next;
 DWORD First;
};
 
DWORD *CacheBaseAddress = (DWORD *)0x0067DCC0;
DWORD *CacheNextAvailOffset = (DWORD *)0x0067DCC4;
DWORD *CacheCrc32 = (DWORD *)0x0067DCCC;
 
DWORD InitCacheDataHeader(DWORD ElementCount, DWORD ElementSize, constchar *CacheName)
{
 DWORD CacheSize = sizeof(DataHeader) + (ElementCount * ElementSize);
 DWORD CacheAddress = *CacheBaseAddress + *CacheNextAvailOffset;
 *CacheNextAvailOffset += CacheSize;
 
 CalcCrc32(CacheCrc32, (constchar*)&CacheSize, 4);
 
 memset((void*)CacheAddress, 0, sizeof(DataHeader));
 strncpy_s((char*)CacheAddress, 31, CacheName, 31);
 //Sub005C8DA0(CacheAddress, CacheName, 31);
 // Actual call^, IDA says it's stncpy. 
 // When compared in olly, they look similar and achieve same results
 // Guess they wrote their own strncpy func? heh
 
 DataHeader *newDataHeader = (DataHeader*)CacheAddress;
 newDataHeader->Max = (WORD)ElementCount;
 newDataHeader->Size = (WORD)ElementSize;
 newDataHeader->Signature = 'd@t@';
 newDataHeader->First = CacheAddress + sizeof(DataHeader);
 newDataHeader->IsValid = false;
 
 return CacheAddress;
}

Thread: Reverse Engineering References

Thread Tools

Search Thread

Display

Threaded View

Re: [INFO] Reverse Engineering References

Thread Information

Users Browsing this Thread

Bookmarks

Bookmarks

Posting Permissions