Return Bug

From WarCraft3

< wc3
Jump to: navigation, search

The return bug is an inconsistency in the way the game engine handled function returns. When they check code for syntax errors, they only check the type of the last return value. However, when the code actually ran, the game engine would end the function at the first return, and automatically convert the type. This bug allowed any type to be converted into another, whether it was valid or not.

Contents

Most Known Uses

H2I 

function H2I takes handle h returns integer
    return h
    return 0
endfunction

This function can typecast a handle and return its ID. The ID of a handle can then be used for many things.

The first and most notable use of this function was in Local Handle Vars by KaTTaNa, but since that system relies on gamecache, it is slow and is no longer used in most maps.

As of patch 1.24, Blizzard has provided a native H2I, GetHandleId.

I2H 

function I2H takes integer i returns handle
    return i
    return null
endfunction

I2H is the opposite of H2I - it typecasts a handle ID back into a handle. Because this does not increase the reference count for the given handle, it is possible that handles returned by this function become recycled (invalid). Therefore, the I2H function shouldn't be used.

String2Int 

function String2Int takes string s returns integer
    return s
    return 0
endfunction

String2Int takes a string, and returns the index for it in the Warcraft III engine's String Table.

Int2String 

function Int2String takes integer i returns string
    return i
    return null // or return ""
endfunction

Int2String is the inverse of String2Int, taking the index to a string in the String Table, and returning the string held in that slot.

C2I 

function C2I takes code c returns integer
    return c
    return 0
endfunction

The C2I function is used to typecast a code into the position in the map code. This function in combination with I2C was used to create code arrays (out of integers).[1]

I2C 

function I2C takes integer i returns code
    return i
    return null
endfunction

The I2C function is used to typecast any integer into a code variable. However, an exploit was soon found, which allowed arbitrary byte code to be executed.[Citation Needed] This arguably caused the need for Patch 1.24.

History

Patch 1.24

As of Patch 1.24, the traditional return bug no longer works. To cover up the lost functionality, the functions GetHandleId (compare to H2I) and StringHash (compare to String2Int) have been introduced.

When releasing the patch Blizzard also noted a native with the name H2I will be added in the future[2]:

We ask map makers to not create a GetHandleId alias function with the name H2I, as we will add a native H2I function to JASS in the future.

An alternative return bug, which can be used to typecast, that works both before and after Patch 1.24 has been invented by Jesus4Lyf and Azlier. It is one function call less efficient than the traditional return bug functions. This bug was fixed in Patch 1.24c.

A different approach was discovered by weaaddar. It uses the ConvertFogState native and hashtable functions to do casts from integer to handle.

Retrieved from "http://wiki.thehelper.net/wc3/Return_Bug"
Personal tools