Author Topic: The worst TI code I've ever seen  (Read 9314 times)

0 Members and 1 Guest are viewing this topic.

Offline thepenguin77

  • z80 Assembly Master
  • LV10 31337 u53r (Next: 2000)
  • **********
  • Posts: 1594
  • Rating: +823/-5
  • The game in my avatar is bit.ly/p0zPWu
    • View Profile
The worst TI code I've ever seen
« on: September 18, 2011, 01:27:11 am »
A while ago when I was making my boot code 1.03 exploit, I was looking through the app security code when I found absolutely horrendous code. The whole system of app trials appears to be written by someone who has been programming z80 for less than a week. The worst part though is that this person was assigned to write code that protects paid apps and is run on a privileged page. But of all the app trials code, this one routine just sticks out as the worst TI code I've ever seen.

Here it is in it's entirety:
Code: [Select]
transformA:
push bc
ld c, 11h
sub c
jp nc, loc_4F03
or a
adc a, c
cp 0
jr z, loc_4F03
cp 1
jr z, loc_4F03
ld b, a
dec b
ld a, 2

loc_4EFA:
sla a
djnz loc_4EFA
ld b, 1
sub b
jr loc_4F05

loc_4F03:
ld a, 0

loc_4F05:
pop bc
ret

First off, what is the purpose of this routine? It is a really complicated way to calculate the number of trials an app should have, I'll show the code that calls it at the end. But let's try to figure out what this routine does. (To be honest, I didn't figure it out until just now.)

The expected results are given by this table:
if A = 0-16  result = 2^A - 1
if A >= 17  result = 0

However, since the result is returned in A, the real table is:
if A = 0-8  result = 2^A - 1
if A >= 9-16  result = 255
if A >= 17  result = 0


Now, let's break this down and see where they went so wrong.

Code: [Select]
transformA:
push bc
ld c, 11h
sub c
jp nc, loc_4F03
or a
adc a, c

When you see this, your expected response should be "wtf." What are they doing? First off, why don't they just do CP 11h \ JR NC, loc_4F03? Then, why do they use ADC? I honestly believe the person who wrote this code didn't know that ADD existed.

Code: [Select]
cp 0
jr z, loc_4F03
cp 1
jr z, loc_4F03
ld b, a
dec b
ld a, 2

Again, horrible. CP 0 is a no. CP 1 is acceptable, but DEC A is preferred. And would you look at that, they DEC A anyways!

Code: [Select]
loc_4EFA:
sla a
djnz loc_4EFA
ld b, 1
sub b
jr loc_4F05

They actually did the loop correct, which is a surprise. But what on earth are they doing at the end. Again, I don't think this programmer knew that you are allowed to do actions to A, like ADD and SUB. But the worst part is that they could have used DEC A, but what really sets this apart is that they have already used DEC once! It's not like they didn't know it existed.

Code: [Select]
loc_4F03:
ld a, 0

loc_4F05:
pop bc
ret

They finally wrap it up with this. XOR A would be preferred, but the programmer probably didn't know what XOR does.

For comparison, here's how the routine should look:
Code: [Select]
transformA:
or a
ret z
cp 11h
jr c, notOver17
xor a
ret
notOver17:
ld b, a ;b is trash anyways
ld a, 1
shiftLoop:
add a, a
djnz shiftLoop
dec a
ret

Ok, but it doesn't stop there, here's the code that calls it.

Code: [Select]
call getCertByte

loc_4E55:
push af
ld b, 9
sub b
jr c, loc_4E6B
pop af
ld b, 8
sub b
call transfromA
ld d, a
ld a, 8
call transformA
ld e, a
jr loc_4E72

loc_4E6B:
ld d, 0
pop af
call transformA
ld e, a

loc_4E72:

It should be noted that LD A, 8 \ CALL transformA is the equivalent of LD A, 255.


Well, I hope you enjoyed that. Hopefully this will help to explain the dislike of TI that the more advanced assembly programmers share. It is code like this that causes Err:Version and Err:Bad Address, and the OS is full of it.

Edit:
   Hey, what an awesome post to be number 1000.
« Last Edit: September 18, 2011, 02:22:57 pm by thepenguin77 »
zStart v1.3.013 9-20-2013 
All of my utilities
TI-Connect Help
You can build a statue out of either 1'x1' blocks or 12'x12' blocks. The 1'x1' blocks will take a lot longer, but the final product is worth it.
       -Runer112

Offline meishe91

  • Super Ninja
  • LV11 Super Veteran (Next: 3000)
  • ***********
  • Posts: 2946
  • Rating: +115/-11
    • View Profile
    • DeviantArt
Re: The worst TI code I've ever seen
« Reply #1 on: September 18, 2011, 01:43:53 am »
Oh how I wish I knew Assembly...
Spoiler For Spoiler:



For the 51st time, that is not my card! (Magic Joke)

Offline BrandonW

  • LV4 Regular (Next: 200)
  • ****
  • Posts: 115
  • Rating: +38/-1
    • View Profile
Re: The worst TI code I've ever seen
« Reply #2 on: September 18, 2011, 01:50:19 am »
Yeah, it's pretty obvious that the security code was written by one or more other people, probably with a stronger background in security than Z80 coding.

I've gone nuts more than a few times over disassembling some of this stuff, but I started to realize that perhaps I'm nitpicking a little bit. We're heavily analyzing code that was probably done in a hurry 15 years ago.

Offline XVicarious

  • LV6 Super Member (Next: 500)
  • ******
  • Posts: 485
  • Rating: +45/-28
  • I F**king Love Twisty Puzzles
    • View Profile
    • XVicarious
Re: The worst TI code I've ever seen
« Reply #3 on: September 18, 2011, 01:50:44 am »
Same lol. I do understand it to a point. I know how much we despise TI for what they do to the community, but some of our best ASM programmers should apply to TI and maybe fix TI-OS lol. Updates for all of the z80 calcs. Even the TI-83 lol.

Offline shmibs

  • しらす丼
  • Administrator
  • LV11 Super Veteran (Next: 3000)
  • ***********
  • Posts: 2132
  • Rating: +281/-3
  • try to be ok, ok?
    • View Profile
    • shmibbles.me
Re: The worst TI code I've ever seen
« Reply #4 on: September 18, 2011, 02:27:15 am »
wows, even i can see what's going wrong there.
brandonw does have a point, but they should have at least looked back through it afterwards and cleaned it up.

Offline NanoWar

  • LV4 Regular (Next: 200)
  • ****
  • Posts: 140
  • Rating: +18/-6
    • View Profile
Re: The worst TI code I've ever seen
« Reply #5 on: September 18, 2011, 11:14:33 am »
It's not a bug, it's just coded by a newbie. That doesnt make this any better though...

Offline p2

  • LV8 Addict (Next: 1000)
  • ********
  • Posts: 849
  • Rating: +51/-11
  • I'm back :)
    • View Profile
Re: The worst TI code I've ever seen
« Reply #6 on: September 18, 2011, 12:16:32 pm »
Er...
It's not really about the code (which I don't understand - I don't know ASM)
But what do you mean with paid apps??
So It should protect apps for which you've paid??? Why should I pay for an app? I can get everything for free, I want to have!!
And it should protect the apps. But, of what?? Of archieve-clears??? Of editing them???
*insert supercool signature*

Offline calc84maniac

  • eZ80 Guru
  • Coder Of Tomorrow
  • LV11 Super Veteran (Next: 3000)
  • ***********
  • Posts: 2912
  • Rating: +471/-17
    • View Profile
    • TI-Boy CE
Re: The worst TI code I've ever seen
« Reply #7 on: September 18, 2011, 02:00:32 pm »
Another thing, sla a should probably be add a,a (and like you said, the programmer probably didn't know about add :P)
"Most people ask, 'What does a thing do?' Hackers ask, 'What can I make it do?'" - Pablos Holman

Offline sqrt(Time)

  • LV2 Member (Next: 40)
  • **
  • Posts: 37
  • Rating: +4/-0
    • View Profile
Re: The worst TI code I've ever seen
« Reply #8 on: September 18, 2011, 02:01:11 pm »
TI originally designed a whole system for app signing, where you could either sign it with a free key and distribute it freely... or you could sell your app, but in order to do that you would need to buy an a key to sign it with from TI. Frankly, I don't think TI ever sold ever more than 2 of those keys tops...
As you may have deduced, everyone here uses the free key. (And yes, you CAN get everything good for free. ^_^)

Offline Xeda112358

  • they/them
  • Moderator
  • LV12 Extreme Poster (Next: 5000)
  • ************
  • Posts: 4704
  • Rating: +719/-6
  • Calc-u-lator, do doo doo do do do.
    • View Profile
Re: The worst TI code I've ever seen
« Reply #9 on: September 18, 2011, 02:06:43 pm »
It is almost scary how good some of the programmers are, here. I think that if they all designed an OS, it would be ridiculously amazing and more stable (though the TI-OS is pretty stable).

Offline thepenguin77

  • z80 Assembly Master
  • LV10 31337 u53r (Next: 2000)
  • **********
  • Posts: 1594
  • Rating: +823/-5
  • The game in my avatar is bit.ly/p0zPWu
    • View Profile
Re: The worst TI code I've ever seen
« Reply #10 on: September 18, 2011, 02:23:20 pm »
Another thing, sla a should probably be add a,a (and like you said, the programmer probably didn't know about add :P)

Good call ;)
zStart v1.3.013 9-20-2013 
All of my utilities
TI-Connect Help
You can build a statue out of either 1'x1' blocks or 12'x12' blocks. The 1'x1' blocks will take a lot longer, but the final product is worth it.
       -Runer112

Offline Hot_Dog

  • CoT Emeritus
  • LV12 Extreme Poster (Next: 5000)
  • *
  • Posts: 3006
  • Rating: +445/-10
    • View Profile
Re: The worst TI code I've ever seen
« Reply #11 on: September 18, 2011, 04:00:44 pm »
Most of the stuff here is stuff anyone would do if they had little experience, but I feel that SUB instead of CP is unforgivable, especially since SUB destroys whatever was inside of register A

Offline ben_g

  • Hey cool I can set a custom title now :)
  • LV9 Veteran (Next: 1337)
  • *********
  • Posts: 1002
  • Rating: +125/-4
  • Asm noob
    • View Profile
    • Our programmer's team: GameCommandoSquad
Re: The worst TI code I've ever seen
« Reply #12 on: September 18, 2011, 04:03:36 pm »
Most of the stuff here is stuff anyone would do if they had little experience,...
but still: only TI does 'or   a \ adc   a, c'. Everyone that knows what a z80 is uses 'add a, c'.
My projects
 - The Lost Survivors (Unreal Engine) ACTIVE [GameCommandoSquad main project]
 - Oxo, with single-calc multiplayer and AI (axe) RELEASED (screenshot) (topic)
 - An android version of oxo (java)  ACTIVE
 - A 3D collision detection library (axe) RELEASED! (topic)(screenshot)(more recent screenshot)(screenshot of it being used in a tilemapper)
Spoiler For inactive:
- A first person shooter with a polygon-based 3d engine. (z80, will probably be recoded in axe using GLib) ON HOLD (screenshot)
 - A java MORPG. (pc) DEEP COMA(read more)(screenshot)
 - a minecraft game in axe DEAD (source code available)
 - a 3D racing game (axe) ON HOLD (outdated screenshot of asm version)

This signature was last updated on 20/04/2015 and may be outdated

Offline thepenguin77

  • z80 Assembly Master
  • LV10 31337 u53r (Next: 2000)
  • **********
  • Posts: 1594
  • Rating: +823/-5
  • The game in my avatar is bit.ly/p0zPWu
    • View Profile
Re: The worst TI code I've ever seen
« Reply #13 on: September 18, 2011, 04:12:09 pm »
Most of the stuff here is stuff anyone would do if they had little experience,...
but still: only TI does 'or   a \ adc   a, c'. Everyone that knows what a z80 is uses 'add a, c'.

Don't forget about LD B, 1 \ SUB B.
zStart v1.3.013 9-20-2013 
All of my utilities
TI-Connect Help
You can build a statue out of either 1'x1' blocks or 12'x12' blocks. The 1'x1' blocks will take a lot longer, but the final product is worth it.
       -Runer112

Offline ben_g

  • Hey cool I can set a custom title now :)
  • LV9 Veteran (Next: 1337)
  • *********
  • Posts: 1002
  • Rating: +125/-4
  • Asm noob
    • View Profile
    • Our programmer's team: GameCommandoSquad
Re: The worst TI code I've ever seen
« Reply #14 on: September 18, 2011, 04:24:59 pm »
I often do that too. I sometimes forget you can do it directely.
« Last Edit: September 18, 2011, 04:26:20 pm by ben_g »
My projects
 - The Lost Survivors (Unreal Engine) ACTIVE [GameCommandoSquad main project]
 - Oxo, with single-calc multiplayer and AI (axe) RELEASED (screenshot) (topic)
 - An android version of oxo (java)  ACTIVE
 - A 3D collision detection library (axe) RELEASED! (topic)(screenshot)(more recent screenshot)(screenshot of it being used in a tilemapper)
Spoiler For inactive:
- A first person shooter with a polygon-based 3d engine. (z80, will probably be recoded in axe using GLib) ON HOLD (screenshot)
 - A java MORPG. (pc) DEEP COMA(read more)(screenshot)
 - a minecraft game in axe DEAD (source code available)
 - a 3D racing game (axe) ON HOLD (outdated screenshot of asm version)

This signature was last updated on 20/04/2015 and may be outdated