Demon's Souls RPCS3 US version table

[StockpileThomas]

New here. Currently using build 7372 of RPCS3 and would love a table that allows you to max out soul count. I cannot seem to find souls using 4 byte endian or regular 4 byte.

Any help will be appreciated, thanks.

Edit USA version of Demon's Souls

[zachillios]

If I remember correctly in terms of Demon Soul's, you have to find the value as a 2 byte little endian, cap it out as high as it can go; 65,535, then get 1 more soul and you can properly edit it. Also be aware that changing the way emulator runs will change your addresses even within the same build.

[StockpileThomas]

If I remember correctly in terms of Demon Soul's, you have to find the value as a 2 byte little endian, cap it out as high as it can go; 65,535, then get 1 more soul and you can properly edit it. Also be aware that changing the way emulator runs will change your addresses even within the same build.

How do I get 2 byte little endian? I have 2 and 4 byte big endian, but could not find 2 or 4 byte little endian.

[zachillios]

If I remember correctly in terms of Demon Soul's, you have to find the value as a 2 byte little endian, cap it out as high as it can go; 65,535, then get 1 more soul and you can properly edit it. Also be aware that changing the way emulator runs will change your addresses even within the same build.

How do I get 2 byte little endian? I have 2 and 4 byte big endian, but could not find 2 or 4 byte little endian.

Add this as a scan type.

Code: Select all

alloc(TypeName,256)
alloc(ByteSize,4)
alloc(ConvertRoutine,1024)
alloc(ConvertBackRoutine,1024)

TypeName:
db '2 Byte Big Endian',0

ByteSize:
dd 2

//The convert routine should hold a routine that converts the data to an integer (in eax)
//function declared as: stdcall int ConvertRoutine(unsigned char *input);
//Note: Keep in mind that this routine can be called by multiple threads at the same time.
ConvertRoutine:
//jmp dllname.functionname
[64-bit]
//or manual:
//parameters: (64-bit)
//rcx=address of input
xor eax,eax
mov ax,[rcx] //eax now contains the bytes 'input' pointed to
xchg ah,al //convert to big endian

ret
[/64-bit]

[32-bit]
//jmp dllname.functionname
//or manual:
//parameters: (32-bit)
push ebp
mov ebp,esp
//[ebp+8]=input
//example:
mov eax,[ebp+8] //place the address that contains the bytes into eax
mov ax,[eax] //place the bytes into eax so it's handled as a normal 4 byte value
and eax,ffff //cleanup
xchg ah,al //convert to big endian

pop ebp
ret 4
[/32-bit]

//The convert back routine should hold a routine that converts the given integer back to a row of bytes (e.g when the user wats to write a new value)
//function declared as: stdcall void ConvertBackRoutine(int i, unsigned char *output);
ConvertBackRoutine:
//jmp dllname.functionname
//or manual:
[64-bit]
//parameters: (64-bit)
//ecx=input
//rdx=address of output
//example:
xchg ch,cl //convert the little endian input into a big endian input
mov [rdx],cx //place the integer the 4 bytes pointed to by rdx

ret
[/64-bit]

[32-bit]
//parameters: (32-bit)
push ebp
mov ebp,esp
//[ebp+8]=input
//[ebp+c]=address of output
//example:
push eax
push ebx
mov eax,[ebp+8] //load the value into eax
mov ebx,[ebp+c] //load the address into ebx

//convert the value to big endian
xchg ah,al

mov [ebx],ax //write the value into the address
pop ebx
pop eax

pop ebp
ret 8
[/32-bit]