by Tdarcos » Thu Apr 25, 2024 6:05 pm
I have the feeling the source code of all of these - Hugo Compiler, Hugo Execution (Run Time System or RTS) are either trying to hide what they are doing, or, they're trying for first prize in the obfuscated C code contest.
The book explains how the start of the executable carries certain information about the tables. So I wrote a program, using QB64 Phoenix Edition, to load a Hugo Executable and display this information. When I saw that I had correctly read the table to get the number of entries in the dictionary, and I match what the compiler said when I compiled it, I felt pretty good.
Until I got to the dictionary. I'm doing something wrong, and I'm not sure what. Okay, the dictionary is located at bytes 0x15 and 0x16 (21 and 22) in the file. The number is retrieved by taking the second byte, multiplying it by 256, and adding the first byte. Hugo uses a "segmented" address, and to get around handling files as big as 1 meg, or in any case, bigger than 32,767 or 65,536 bytes, the number is indexed to the next 16-byte segment by dividing by 16. So the prior number has to be multiplied by 16,
Okay, so far, so good. Loading the entire file into a byte array, variable Dictionary = Bytes (0x16*256)+Bytes(0x15) * 16. Going to tha address, Byte(Dictionary+1)*256 + Byte(Dictionary), I get the dictionary size. Immediately following this is a null string, a byte of 0. Now, there are 2-byte addresses for each of the dictionary entries. So I look at the first one. I tried using that as a specific byte in the file. I processed the string by using the magic constant of -0x14 applied to each byte. I know the first byte is length, but in any case, it's garbage both raw and decrypted. So I tried as a byte in the file, offset by the start of the dictionary table. Same thing, no soap. So I thought maybe the dictionary table addresses are indexed, but multiplying the address by 16 exceeds the size of the file.
So I'm not sure what I'm doing wrong. But I'll keep trying.
I have the feeling the source code of all of these - Hugo Compiler, Hugo Execution (Run Time System or RTS) are either trying to hide what they are doing, or, they're trying for first prize in the obfuscated C code contest.
The book explains how the start of the executable carries certain information about the tables. So I wrote a program, using QB64 Phoenix Edition, to load a Hugo Executable and display this information. When I saw that I had correctly read the table to get the number of entries in the dictionary, and I match what the compiler said when I compiled it, I felt pretty good.
Until I got to the dictionary. I'm doing something wrong, and I'm not sure what. Okay, the dictionary is located at bytes 0x15 and 0x16 (21 and 22) in the file. The number is retrieved by taking the second byte, multiplying it by 256, and adding the first byte. Hugo uses a "segmented" address, and to get around handling files as big as 1 meg, or in any case, bigger than 32,767 or 65,536 bytes, the number is indexed to the next 16-byte segment by dividing by 16. So the prior number has to be multiplied by 16,
Okay, so far, so good. Loading the entire file into a byte array, variable Dictionary = Bytes (0x16*256)+Bytes(0x15) * 16. Going to tha address, Byte(Dictionary+1)*256 + Byte(Dictionary), I get the dictionary size. Immediately following this is a null string, a byte of 0. Now, there are 2-byte addresses for each of the dictionary entries. So I look at the first one. I tried using that as a specific byte in the file. I processed the string by using the magic constant of -0x14 applied to each byte. I know the first byte is length, but in any case, it's garbage both raw and decrypted. So I tried as a byte in the file, offset by the start of the dictionary table. Same thing, no soap. So I thought maybe the dictionary table addresses are indexed, but multiplying the address by 16 exceeds the size of the file.
So I'm not sure what I'm doing wrong. But I'll keep trying.