Qhimm.com Forums

Miscellaneous Forums => Scripting and Reverse Engineering => Topic started by: Myria kitty on 2008-01-02 08:38:41

Title: Minor registry bug in ff7.exe
Post by: Myria kitty on 2008-01-02 08:38:41

There's a double-close of a registry handle in ff7.exe:

Code: [Select]

.text:00407625 8B 55 E4                                mov     edx, [ebp+hKey]
.text:00407628 52                                      push    edx             ; hKey
.text:00407629 FF 15 10 60 7B 00                       call    ds:RegCloseKey
.text:0040762F 89 45 F0                                mov     [ebp+var_10], eax
.text:00407632 EB 07                                   jmp     short loc_40763B
...
.text:0040763B                         loc_40763B:                             ; CODE XREF: sub_4075B0+82j
.text:0040763B 8B 45 E4                                mov     eax, [ebp+hKey]
.text:0040763E 50                                      push    eax             ; hKey
.text:0040763F FF 15 10 60 7B 00                       call    ds:RegCloseKey

This sets off the debugger.  The patch is simple: EB 07 -> EB 11 to skip that code when doing that jump.

Title: Re: Minor registry bug in ff7.exe
Post by: Myria kitty on 2008-01-02 08:43:52

Same thing at 004076BA, EB 07 -> EB 11.

Title: Re: Minor registry bug in ff7.exe
Post by: dziugo on 2008-01-02 12:13:34

These kind of errors are handled by FF7. Of course it's harder to start the game through some decent debugger, but there are more serious errors than those :). Oh, and if you post offsets, also state which version of ff7.exe you're using.