EDIT: There's a minor bug in that some tiles will be flipped horizontally.
Nothing new, just decided to map out what terrain looks like before and after the Player 20 Map Revealer/Interceptor/Scarab trick for each tileset.
Here's a sample:
http://www.mediafire.com/?0bq92f9p980xpw7Here's the VR4's so you can set it up to appear even in the map editor.
http://www.mediafire.com/?okh3b1cco1bt9ggTechnical
0x00628444 - void *vr4FileHandle; // pointer to vr4 image data for tiles
The glitch changes this to the value of 0x59CCA8.
Basically I just dumped the contents of 0x59CCA8 into the capacity of the VR4's, and rendered the entire tilesets with it unmodified and modified.
Note however that the terrain data can change unpredictably during game, as memory arbitrarily changes.
None.
SDE, BWAPI owner, hacker.
0x0059CCA8 is the beginning of the unit array.
.data:0059CCA8 ; CUNIT units[1700]
Actually, as a matter of fact I have figured out this specific overflow entirely.
.data:006283F8 ; CUNIT *playerUnitPointers[12]
If we create a unit for Player 20, then we are referencing playerUnitPointers[19] then it is pointing directly to 0x00628444.
Here is a chart of extended players and what is being modified (using only this specific overflow, this does not include several other overflows).
Player: Name/description of address modified
13: CUNIT *LastHiddenUnitPointer
14: CUNIT *unknownPointer?
15: CUNIT *FirstUnitPointer
16: CUNIT *LastScannerSweepPointer
17: CUNIT *firstEmptyUnitPointer
18: CUNIT *lastEmptyUnitPointer
19: DWORD unused memory (safe)
20: void *vr4FileHandle
21: DWORD screenX (position)
22: DWORD unused memory (safe)
23: DWORD gwMapPixWidth (map width in pixels)
24: char *gameMapDataForBlit (not entirely known, but is a storage for blitting terrain info to the screen)
25: char *vx4FileHandle
26,27,28,29: DWORD unused memory (safe)
30: void *unknownStars1 (unknown pointer used for stars in the space tileset)
31: DWORD screenY (position)
32,33,34,35: DWORD unused memory (safe)
36: void *unknownStars2 (unknown pointer used for stars in the space tileset)
37: DWORD maxX (maximum x position in pixels for moving the screen)
38: DWORD moveToX (for moving the screen position)
39: DWORD parallaxSomethingWidth (should contain (640 + 8)*256)
40: WORD *mapTilesetHandle (don't remember)
41: DWORD unknownMoveX (something about screen moving)
42: DWORD parallaxSomethingHeight (should contain (480 + 8)*256)
43: rect fullMapPixelDimensions (x,y)
44: rect fullMapPixelDimensions (w,h)
45: DWORD moveToY
46: DWORD unknownMoveY
47: DWORD maxY
48: DWORD gwMapPixHeight
// CUNIT *CurrentUnitSelection[12]
49: CurrentUnitSelection[0]
50: CurrentUnitSelection[1]
51: CurrentUnitSelection[2]
52: CurrentUnitSelection[3]
53: CurrentUnitSelection[4]
54: CurrentUnitSelection[5]
55: CurrentUnitSelection[6]
56: CurrentUnitSelection[7]
57: CurrentUnitSelection[8]
58: CurrentUnitSelection[9]
59: CurrentUnitSelection[10]
60: CurrentUnitSelection[11]
// CUNIT *AllPlayerSelectionGroups[8][12]
61: AllPlayerSelectionGroups[0][0]
62: AllPlayerSelectionGroups[0][1]
63: AllPlayerSelectionGroups[0][2]
64: AllPlayerSelectionGroups[0][3]
65: AllPlayerSelectionGroups[0][4]
66: AllPlayerSelectionGroups[0][5]
67: AllPlayerSelectionGroups[0][6]
68: AllPlayerSelectionGroups[0][7]
69: AllPlayerSelectionGroups[0][8]
70: AllPlayerSelectionGroups[0][9]
71: AllPlayerSelectionGroups[0][10]
72: AllPlayerSelectionGroups[0][11]
73: AllPlayerSelectionGroups[1][0]
74: AllPlayerSelectionGroups[1][1]
75: AllPlayerSelectionGroups[1][2]
76: AllPlayerSelectionGroups[1][3]
77: AllPlayerSelectionGroups[1][4]
78: AllPlayerSelectionGroups[1][5]
79: AllPlayerSelectionGroups[1][6]
80: AllPlayerSelectionGroups[1][7]
81: AllPlayerSelectionGroups[1][8]
82: AllPlayerSelectionGroups[1][9]
83: AllPlayerSelectionGroups[1][10]
84: AllPlayerSelectionGroups[1][11]
85: AllPlayerSelectionGroups[2][0]
86: AllPlayerSelectionGroups[2][1]
87: AllPlayerSelectionGroups[2][2]
88: AllPlayerSelectionGroups[2][3]
89: AllPlayerSelectionGroups[2][4]
90: AllPlayerSelectionGroups[2][5]
91: AllPlayerSelectionGroups[2][6]
92: AllPlayerSelectionGroups[2][7]
93: AllPlayerSelectionGroups[2][8]
94: AllPlayerSelectionGroups[2][9]
95: AllPlayerSelectionGroups[2][10]
96: AllPlayerSelectionGroups[2][11]
97: AllPlayerSelectionGroups[3][0]
98: AllPlayerSelectionGroups[3][1]
99: AllPlayerSelectionGroups[3][2]
100: AllPlayerSelectionGroups[3][3]
101: AllPlayerSelectionGroups[3][4]
102: AllPlayerSelectionGroups[3][5]
103: AllPlayerSelectionGroups[3][6]
104: AllPlayerSelectionGroups[3][7]
105: AllPlayerSelectionGroups[3][8]
106: AllPlayerSelectionGroups[3][9]
107: AllPlayerSelectionGroups[3][10]
108: AllPlayerSelectionGroups[3][11]
109: AllPlayerSelectionGroups[4][0]
110: AllPlayerSelectionGroups[4][1]
111: AllPlayerSelectionGroups[4][2]
112: AllPlayerSelectionGroups[4][3]
113: AllPlayerSelectionGroups[4][4]
114: AllPlayerSelectionGroups[4][5]
115: AllPlayerSelectionGroups[4][6]
116: AllPlayerSelectionGroups[4][7]
117: AllPlayerSelectionGroups[4][8]
118: AllPlayerSelectionGroups[4][9]
119: AllPlayerSelectionGroups[4][10]
120: AllPlayerSelectionGroups[4][11]
121: AllPlayerSelectionGroups[5][0]
122: AllPlayerSelectionGroups[5][1]
123: AllPlayerSelectionGroups[5][2]
124: AllPlayerSelectionGroups[5][3]
125: AllPlayerSelectionGroups[5][4]
126: AllPlayerSelectionGroups[5][5]
127: AllPlayerSelectionGroups[5][6]
128: AllPlayerSelectionGroups[5][7]
129: AllPlayerSelectionGroups[5][8]
130: AllPlayerSelectionGroups[5][9]
131: AllPlayerSelectionGroups[5][10]
132: AllPlayerSelectionGroups[5][11]
133: AllPlayerSelectionGroups[6][0]
134: AllPlayerSelectionGroups[6][1]
135: AllPlayerSelectionGroups[6][2]
136: AllPlayerSelectionGroups[6][3]
137: AllPlayerSelectionGroups[6][4]
138: AllPlayerSelectionGroups[6][5]
139: AllPlayerSelectionGroups[6][6]
140: AllPlayerSelectionGroups[6][7]
141: AllPlayerSelectionGroups[6][8]
142: AllPlayerSelectionGroups[6][9]
143: AllPlayerSelectionGroups[6][10]
144: AllPlayerSelectionGroups[6][11]
145: AllPlayerSelectionGroups[7][0]
146: AllPlayerSelectionGroups[7][1]
147: AllPlayerSelectionGroups[7][2]
148: AllPlayerSelectionGroups[7][3]
149: AllPlayerSelectionGroups[7][4]
150: AllPlayerSelectionGroups[7][5]
151: AllPlayerSelectionGroups[7][6]
152: AllPlayerSelectionGroups[7][7]
153: AllPlayerSelectionGroups[7][8]
154: AllPlayerSelectionGroups[7][9]
155: AllPlayerSelectionGroups[7][10]
156: AllPlayerSelectionGroups[7][11]
Everything else: Spans char gameResultText[3072] (safe, overwritten)
