[Bug-Fix] Minus Guild Points

[janicka]

Hmm, maybe its becouse GS count SP from killing mobs as GP? BTW its normal. Not only donation makes GP :-)

[#HB]

Hey there,

Well, I can tell why now. This is actually my first time to know that killing monsters gets your guild skill points too

Well, that makes my fix in-fluent, I have done modifications to allow you to donate if the GP is already minus. You can decrease GP limit to "0x6FFFFFFF", but you'll still catch the bug later. You'll need to modify game server at this case, apparently, game server needs couple of patches anyways.

I'll have a look and maybe update the topic with game server modification instead of sro client.

[WolfgangNeverDie]

Quote:

Originally Posted by #HB

Hey there,

It's been a while, but guess what... Hi.

Most of you should've faced this bug already, the bug is basically because joymax did not limit guild skill points or even make it unsigned.

The first thing that crossed my mind was doing it through game server, I did it actually but after testing in a live server, it actually caused a disconnect problem. Then I realized that it was because the value stored in the game server that I modified was fine, but SQL was not

I actually still could do it through game server, but a better idea crossed my mind, why don't we do it through sro client instead!

So, basically this limits guild point donation to provide positive values only. However, the bug can still occur if somebody donates with a packet injector unless you fix it in server-side too, but anyways who wants to harm himself with minus GP? Client-side shall be enough.

CInterfaceNetSender.h:

Code:

#pragma once
#include <iostream>

class CInterfaceNetSender
{
private:
	char pad_0000[8504]; //0x0000
	unsigned int GuildSkillPoints; //0x2138
	char pad_2140[8]; //0x213C
	std::wstring GuildName; //0x2140
	std::wstring CharName; //0x2160

public:
	void DonateGuildPoints(unsigned int GP);
};

CInterfaceNetSender.cpp:

Code:

#define GP_LIMIT 0x7FFFFFFF

void CInterfaceNetSender::DonateGuildPoints(unsigned int GP)
{
	if (GuildSkillPoints == GP_LIMIT)
	{
		CGInterface* g_interface = CGInterface::GetInterface();
		if (g_interface)
		{
			g_interface->HandleSystemMessages(1, L"You have reached maximum limit of guild skills points.");
			g_interface->ShowBlueNotify(L"You have reached maximum limit of guild skills points.");
		}
	}
	else
	{
		unsigned int TotalGP = GuildSkillPoints + GP;
		if (TotalGP > GP_LIMIT && GuildSkillPoints < GP_LIMIT)
			GP = GP_LIMIT - GuildSkillPoints;
		reinterpret_cast<void(__thiscall*)(CInterfaceNetSender*, unsigned int)>(0x0081FAB0)(this, GP);
	}
}

A small hook of flo's:

Code:

replaceOffset(0x0070BCF2, addr_from_this(&CInterfaceNetSender::DonateGuildPoints));

flo's lib, in case you're interested:

And that's it, good luck.

Special Thanks To: florian0

Hi #HB
Goodwork, i can't donate when reach limit but How to stop gain GP on training?

[#HB]

Quote:

Originally Posted by WolfgangNeverDie

Hi #HB
Goodwork, i can't donate when reach limit but How to stop gain GP on training?

Well, I kinda forgot about this topic. The content of this thread is kinda useless since the bug still occurs by time, so I'll have a look today to create some codecave script in game server to limit the GP.

[gmhasan13]

#HB we are waiting

[Basha Masr]

Nice job

[WolfgangNeverDie]

Quote:

Originally Posted by #HB

This wasn't actually the easy way, editing game server was way easier to fix that, literally 6 assembly lines:

Code:

00AD8D5E | 8B 48 3C                 | mov ecx,dword ptr ds:[eax+3C]                    |
00AD8D61 | 03 CE                    | add ecx,esi                                      | esi:".$"
00AD8D63 | 81 F9 FF FF FF 7F        | cmp ecx,7FFFFFFF                                 |
00AD8D69 | 0F 86 CB B3 AE FF        | jbe sr_gameserver.5C413A                         |
00AD8D6F | B9 FF FF FF 7F           | mov ecx,7FFFFFFF                                 |
00AD8D74 | E9 C1 B3 AE FF           | jmp sr_gameserver.5C413A                         |

i can't find this in my game server!

[#HB]

Offical Global Fix

As the topic went, apparently my client hotfix won't work because GP is increased on killing monsters too.

I've implemented a server files patch since its the only way to fix this annoying bug in SRO files.

I posted before the game server fix, and I declared after testing the game server patch only that it causes disconnect issues and database isn't affected by the patch and stays minus.

I've scanned both GS and shard manager memories and found out that shard manager is the one responsible for modifying database value and also has stored memory for guilds instances just like GS.

So, I applied a patch for shard manager too, and it seems to be working fine now, SQL and memory values are equivalent. I'm gonna be testing it in a live productive server and posting a feedback whether there were any errors or issues after applying both GS and shard manager patches.

How The Patch Works: It basically prevents GP from exceeding maximum integer value (2147483647 | 7FFFFFFF).

Patch Details:
Using the GP reference in GS/SM, I've hooked where GP is modified, and did some conditions to check if GP exceeded INT_MAX (aka went minus), then will re-set it to INT_MAX.

Note: Please make sure your apply both GS and SM patches, otherwise you'll have some trouble going in.

Download: x64dbg patch is attached.

[#HB]

Feedback: Shard Manager seems to be bugged, spamming this msg (probably on farming SP from mobs):

Code:

SP DONATION FAILED!! GUILDID[%d] CHAR[%d] STUFF[1148] ERROR[2]

Will be digging deeper to find out, once I have some free time.

[#HB]

Final Patch

After exploring, it seemed like a normal message that I had to skip, but in case of GP intended donation, shard manager needs to respond to game server, otherwise user will be frozen for 10 ~ 15 seconds.

So anyways, I handled both cases and modified the old shard manager patch, this is probably the last patch to maintain this original bug.

Download: Shard manager patch has been updated in main post.

Have fun.

[-[Anxi]-]

awesome release as always