ZX Format #04 14 июня 1996

TR-DOS     Программирование

Programmers - Adapting programs for TR-DOS # 2.

         Adaptation # 2.

(C) Rzhavelschik.
________________________________


   Publish the continuation of the saga of
adaptation (see ZX-Format # 3).

        ________________


   So, go on. Using
materials of the first series, you have
opportunity to learn to adapt to the disk defenseless and 
protected programs with traditional organization (ie bootloader 
that runs to victory the end of the body, with whom he works). 
Last comment: mention the fact that the TR-DOS does not like 
INT MODE 2, was its purpose is transparent hint

You that in order to avoid a tragic misunderstanding between 
you and monoloaderom DOS'om costs up the download is done IM1

(Of course if you are using for
loading procedure, most DOS).

   Now we leave the world a healthy and integrated programs to
look at the Tomb of mutilated,
where rest unsuccessful programs, raped by all
"Multifeysami and mutilated
hackers of those places that lie between our country and the 
producers of these programs. Most proliferation clinical 
picture looks like this: a client There is one small such

LOAD'er and one monolithic body
(More small), which is loaded and continuously from the 
beginning RAM. Ie from savers and

almost until the end of memory. I believe that many people, 
following my instruction, brutally tore

this body into two - three parts and
swept away the remains of the disk (by the way,
I congratulate those who guessed
rewrite DISMEMBER '& -> MACTER
on your scratch disk to find
that of the magazine, they do not run).

   After this operation is required to sew pieces of a file
into one whole, leaving the screen saver
separately. You can do this, say this: write in a row all
parts in their original order
(As they were in a file on
tape), then go to the doctor and
turn up title of the first piece,
solemnly give it length
in the sectors of equal length all
pieces. It is also useful to adjust its size in bytes. So
do not bother adding, length
sectors can be found by checking
crosslinkable all files in a directory
(CONVER and other commander'y show the number of tagged
sectors). Making these things a few simple steps, it is better 
to rewrite a new file to the disk (on the

the same) and erase that from which he
was obtained (not to confuse
at hand) can be overwritten
osushestvlyat boot'om who understands the length in sectors 
(CONVER need to switch, and his regime

it does not show). Obtained
so the file should be assigned to the load address # 5b00 (if 
the game had oznachennuyu clinic). The preparation phase is 
completed. 

   After the undertaken option you
caught up with the owners of ZS-256
that got rid of the program on
the disc from your monitor. But
Now the fun begins - creating LOAD'era. I recall that the 
loader should do: 

   1. Put the program into memory at the address.

   2. Run, run.


   We begin with the launch. What you need
to run the program? As a minimum you need to know the starting 
address. To conduct inquiries turn to band LOAD'eru.



   1. Working codes.

   There is a normal boot code, which when run is transferred 
to the most senior addresses that are not covered by the 
program at startup. In the same area and placed the stack.

On a similar has been said in
the first series. The variant
only when the stack is transferred to
nenakryvaemuyu zone, and the codes are still there where it 
says. In this If the program is run through the stack (done PUSH

start address and JP in the download procedure ROM). In both 
cases, the loader contains the required address explicitly.



   2. Running through the changes
stack.

   Bootloader code is
any method for downloading from the ROM, but the stack when it 
has such an address that during loading the game file on it and 
naedet move. In this case, the stack will be requested address 
at which you will return from the ROM. In order to find a 
starter address you need to know the address

stack. If it is not installed loader, then it means that
it has a default value
you can learn from the system variable at
23730. Having learned the address stack, which takes place 
during the boot program, write it in protocol. Further, the 
owners of Scorpion upload a file via the monitor, the owners of 
128 x and more - loaded cross-linked file in the STS, and while

happy nick 48k go buy ADM_2.7, watching the contents of
file at the above address
stack. (Those who already have ADM,
can do the same thing, rewind the cursor to the address 
manually. The physical address is displayed in the bottom left 
of your screen). 

   This address contains what
we are looking for - entry point address
in the program. The last time I remind that the hacker's head 
is not given so that it is, and for

In order to think. So if
in a given place, you have found 0
(ITP), it means you're looking for
is not there (hint: look in the vicinity of SP). In any case,
address should be checked for validity, ie look for
him the contents of the file. If the address points to the 
table of an interruption or a sprite, it's worth questioning 
its validity. 


   3. BASIC.

   Sometimes there are BASIC -
loaders, similarly using
run on the amended SP. They
look like this:

 0 CLEAR 30000: LOAD "" CODE


   In this case, the address entry
sought as in paragraph 2.

   Extended ones of the second option: gruzyaschiysya file 
contains a new BASIC (naturally, it also contains the system 
variables needed to run BASIC). In

Then you should find
address of the LOAD command in the original
loader (ADM'om or STS'om,
remembering that the BASIC from a tape is loaded at 23,755 (# 
5CCB)). Writing the address of the LOAD, ship the file

and see what is behind it.
Most likely there will be a team
RANDOMIZE USR ... (# F9 # C0 ...).
How to watch on the BASIC code, I have already explained 
somewhere and I think that you will not be difficult know the 
starting address of BASIC'a.


   The last option (from the region
bad fiction): loader resets variable ERR_SP
(23,613) so that at the end
loading machine, stumbled on
coded garbage, not printing "Nonsense in basic", and produces
Start the game (frankly, I
such a perverted never met).


   Thus, the starting address is found.
Remained a mere trifle - Download games from TR-DOS. It was then
and there is a problem: the file is small longish. Before 
falling back to tear it apart, it is worth carefully consider 
the entire file for reductions. We start with a field boot. If 
the client is being loaded the covered BASIC, then the codes do 
not start from the end of the screen, and, with at least the 
end of Basic. Hence the entire piece of # 5b00

and before the start of the program codes may be omitted. Next 
is look at the senior address,

ranging from about # E000. If
Dumb with addresses there will
zeros, then checked - is not
Is this place a sprite, it can be
discard. Checking for hum ..
sprite can be produced
using the program or FDE
SCE (in my opinion FDE is much more convenient). Ends with the 
file, as should generally be used

stack, which can be ignored because startup
The program will put it to SP
needed. Even if the apparent end of the code is not there, 
carefully disassemble all the procedures that you will find at 
these addresses. If the program is referred to the clinic and 
there we can find a program that with which the game was 
brought to this form. If you find this podprogrammki can drop 
anything from it, however, carefully check the starter

address - it may be small lazhovym.

   Study: Game TLL, in the case of cuts in this most 
protsedurki, published in the initial menu, but when I select 
"START" is reset. A close examination it was found that 
treatment IM2 began her address with a # FFFF, where the 
original file stood # 18 (JR). When starting the game

at excavated from BASIC, it does not set interrupt. This 
procedure makes setting up a start to break, and after the 
transition (JP) on this address.

# By the way, "cuts" the file is reduced simply to the option 
"SAVE" to desired address, if you have advanced SPECCY, and if 
you have 48 th, we will have to resort to

lengthy manipulations on the tape.


   After all the manipulations you zaimeli greatly reduced file
which can load and run. To restore luster is
skompressovat this file. Very
convenient and efficient for this
case LPC. The most difficult case:
all the data from # 5B00 to # FFFF,
are a useful information that is not subject to reduction (or 
you well, very lazy deal). Then we can do this: cut off from 
the beginning File length piece in 1704 (# 6A8);

balance with terrible force kompressuem; ship saver ship
packaged part, deploy
her extinguish the screen, will ship the piece
1704 in the display area, transfer the balance of the loader 
there, (to space, of course)

make the transition to it, put
SP and drag the desired cut
bytes to their native place, after
then perform the launch of the program.
Longest part of the file will start with 25000, which will make 
the entire load from BASIC, writing codes just to transfer

and run. Do not forget to move
protsedurku in this screen as
by placing the cut bytes
loader will be served and will not be able to run the program.


   Now consider something nasty, like this:

   The game has a decent file
size, but suspiciously like
to throw MAGIC'om (stain screen and after loading does POP
all registers of the "dirt"). The files contain a lot of this 
game "Excesses" by throwing out that

You can win much in volume.
Also, these things have left the phenomenon
address start. About the extra
bytes can not say anything concrete, since they will
not filled with zeros. It is necessary to search the work area 
(buffer), shadow screen (/ windows) and system variables BASIC. 
From the first location a little easier: we must first look

setting IM2. Finding procedures
settings, you must look for links
on them, as well as where he goes after the program 
implementation. Can with certainty that

If you find podprogrammku
setting interrupts, ending with JP, which no one
refers, then this is the point
entrance. The starting point may look like a series of CALL, 
some of whom are setting interrupts. If the game does not use 
the IM2 (>;->), Then find how to print the initial menu, and 
make sure the path to it. Ie in any case need to find the first 
link in CALL'ov chain. Find the point

input, we can immediately discard
"Garbage" data about the state of
registers, which spoils saver. Throwing everything superfluous, 
you can write a loader to your usual pattern, on which 
adaptation in general, is ending. 

        ________________


   Well, perhaps on the part of the actual adaptation programs
drive and there is nothing more to say.
Summing up the grand total, I can only say
one thing: the assembler, assembler, and more
time assembler.


   P.S. Can not help but add a couple of
words about the software - although I am
ZS-256, I still use
STS'om, which in many ways more convenient scorp'ovogo shadow 
businesses. Well, since I started, then about gland Seen: 
Owners of the 48's! If you can work a soldering iron, then 
dovesit memory up to 128 will cost you a maximum of 15 tonnes

and two hours unpretentious work
but you will receive at their disposal a powerful system like
STS and TASM!