Hacker News new | ask | show | jobs
by jsnell 2469 days ago
The story of making the Starcraft 1 custom maps work on the remaster is pretty amazing:

http://0xeb.net/wp-content/uploads/2018/02/StarCraft_EUD_Emu...

Basically a lot of the maps were using a buffer overflow in the scripting to read and write all kinds of internal data structures in the game engine. If you're rewriting a game from scratch, how can you possibly make the new engine bug-compatible with the original to this extent? A single data structure's layout or a single variable's location changing will break everything.

I wonder whether there are any similar landmines in Warcraft 3?
5 comments
lep 2469 days ago
No. We mostly played by the rules in wc3. Back in the day we used the so called return bug which years later was shown to be able to be used for arbitrary code execution. This was quickly fixed but we got new natives to account for this loss. [1] Not as long ago there was another bug found which could be abused to run arbitrary bytecode [2] but that again was fixed a patch or two later and nowadays i don't know of any way to run any non-jass/non-lua code. We mostly get changes in the natives provided by wc3 in newer patches which sometimes break backwards compability. [3]

[1]: https://en.wikipedia.org/wiki/JASS#Return_Bug_Security_Vulne...

[2]: https://www.hiveworkshop.com/threads/accessing-memory-from-t...

[3]: https://www.hiveworkshop.com/threads/1-28-x-era-versions-bre...

link
taneq 2469 days ago
> If you're rewriting a game from scratch, how can you possibly make the new engine bug-compatible with the original to this extent?

Well you have the original source so you can derive the memory map and then just create an artificial "buffer overflow area" where the maps can write to that you then copy into the actual game data.

link
jsnell 2469 days ago
According to the slides that plan fails already at step 1 :)

> Unfortunately, we did not have private or public symbols for StarCraft 1.16.1.

And then there are all kinds of complications that make the naive approach insufficient. Ok, you have a static memory map. But that's not really enough when the buffer overflows are being used to poke at dynamically allocated data structures (e.g. linked lists and GUI elements).

So you need to basically emulate the full original game and constantly sync the state (in both directions) between the emulation and the real game.

link
comex 2469 days ago
Yep, and that's exactly what StarCraft: Remastered did, according to that PDF. It wasn't easy, though.
link
toxik 2469 days ago
Art and creativity thrives with constraints, this is truly an impressive feat of breakout artistry. It reminds me of that tool-assisted speedrun of Pokemon where they reprogram the game to become Super Mario.
link
kingbirdy 2469 days ago
Do know where these slides were presented? I'd like to find a recording if possible.
link
jsnell 2469 days ago
At REcon Brussels, in 2018: https://recon.cx/2018/brussels/talks/Starcraft.html

If you find a recording, I'd love to see it too.

link
kingbirdy 2467 days ago
~20 min of googling didn't turn anything up unfortunately - I could only find recordings from the year before.
link
trollied 2469 days ago
Wow, really enjoyed reading that. Thank you!
link