问题描述

（我很抱歉，如果这是错误的地方问这个，我认为这绝对是编程相关的，但如果这属于其他网站，请让我知道）

我长大了玩神奇宝贝红色和蓝色，这些游戏非常有趣，但由于存在大量可利用的故障而出现臭名昭着（例如，请参见，ZZAZZ小故障的工作原理如下：

这种分析是有道理的，但是作为程序员，我不禁想知道程序员如何编写代码来实现这一点。如果输入不是一个有效的十六进制编码的十进制数，编写一个将十六进制编码的十进制数转换为十进制数的函数将无法开始用0x9999填充随机存储块。

我的问题是 - 没有专门设计算法以这种方式失败，是否存在从十六进制编码的十进制转换为十进制的直接实现，可能会导致此类内存损坏如果以无效价格喂食？

同样，如果这是脱离主题，我的道歉。我的想法是，这个网站上的其他程序员可能也已经长大了玩这个游戏，这听起来像是一个有趣的反向工程练习，试图找出这样的故障是如何可能的。

神秘解决了！它看起来像。

当游戏尝试计算一个非常大的整数时触发毛刺。在内部，游戏有一个例程，它反复增加值来模拟乘法。它看起来像写入字节一样，在输出写入位置上移动。该代码旨在切断任何超过0x009999的值，以便玩家在教练的战斗中获得的收益不超过9999美元（值以十六进制编码的十进制数存储）。然而，游戏在这种情况下忘记重置输出指针，所以如果产生一个非常大的数字，游戏将通过移动写入指针并将0x99写入每三个字节中的两个字节来重复地在RAM上写入模式0x009999。

希望这有助于！

(I apologize if this is the wrong place to ask this. I think it's definitely programming related, though if this belongs on some other site please let me know)

I grew up playing Pokémon Red and Blue, games that were great fun but are somewhat notorious for having numerous exploitable glitches (for example, see this ridiculous speedrun of the game that uses memory corruption to turn the item screen into a hex editor).

Recently, I found an interesting speedrun of the game that uses a glitch called the "ZZAZZ glitch" to corrupt important memory locations and allow the player to almost immediately win the game. According to the author's description of the speedrun, the ZZAZZ glitch works as follows:

This analysis makes sense, but as I programmer I can't help but wonder how on earth the programmers wrote the code that would make this possible. No approach I can think of for writing a function that converts a hexadecimal-encoded decimal number to decimal would ever start filling random blocks of memory with 0x9999 if the input wasn't a valid hexadecimal-encoded decimal number.

My question is - without specifically designing the algorithm to fail this way, is there a straightforward implementation of a conversion from hexadecimal-coded decimal to decimal that could result in this sort of memory corruption when fed in an invalid value?

Again, if this is off-topic, my apologies. My thoughts are that other programmers on this site may have also grown up playing this game, and it sounds like an interesting exercise in reverse-engineering to try to figure out how a glitch like this could be possible.

Mystery solved! It looks like user TheZZAZZGlitch figured out what causes this.

The glitch is triggered when the game tries to compute an extremely large integer. Internally, the game has a routine that repeatedly adds values to simulate a multiplication. It seems to write bytes as it goes, shifting over an output write position. The code is designed to cut off any value that exceeds 0x009999 so that the player doesn't earn more than $9999 from a trainer battle (the values are stored in hexadecimally-coded decimal). However, the game forgets to reset the output pointer when this occurs, so if an extremely large number is generated, the game will repeatedly write the pattern 0x009999 across RAM by shifting the write pointer over and writing 0x99 to two out of every three bytes.

Hope this helps!

这篇关于解构神奇宝贝毛刺？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！