Pages

2008-12-14

Exploiting in-game logic flaws

Another one of my favorite games of days gone by is Maelstrom. I first discovered this my sophomore year of high school. Someone had installed it on quite a few Macs in the computer lab. It's a 3D-looking Asteroids rip-off. When I finally built my first Linux system for home use in the mid-90s, this was one of the first games I found that worked well. It had been open-sourced.


It's got all the features you'd expect of an Asteroids clone: Shields, UFOs that shoot at you from time to time, and... asteroids. There are also comets (shoot for more bonus points), surprise packages (catch them with your ship to get different weapons or other surprises, some good, some bad), metal asteroids you can't destroy, and the occasional black hole (or Maelstrom, if you will)


One thing I noticed early on, is that if you ever blow your ship up on the last asteroid, you don't actually lose a life, but any special weapons you have will go away.


But, if you look, your shields get replenished back to new when you start the next wave (level)


This happened because there are some logic problems at play. Primarily, the logic to reduce your lives by 1 (or to end the game if you're at 0 like I was) does not run as part of the block of code that initializes the ship's options to default when it's struck, and is somehow missed because of the end of a level. Was it intentional? I have no idea without checking the source code. It's always possible stuff like this is actually an easter egg.

This is the kind of bug that slips through the cracks and is only noticeable during code audits or caught with fuzzing or other black-box testing methods. Often, by invoking conditions that happen rarely, you can get unexpected results. If you can leverage those conditions to happen easily, you can reproduce the results as frequently as you wish. In Maelstrom, it's as simple as sacrificing your ship to knock out that last asteroid, knowing you'll get rewarded with shields for the next round. The same applies to operating systems, the firmware running on your mobile phone and cable box, and pretty much anything else that's been programmed by a human.

Have you found any little game bugs worth exploiting?

4 comments:

  1. Sure, many times, and in many games.

    First, I also found the bug you described, although I didn't try to use it intentionally, as it's rarely worth it.

    In Might and Magic you could sometimes shoot through closed doors, maybe because you could shoot through the crack, or maybe because when you stood close enough to the door the projectile's start position was beyond the door.

    IIRC, Diablo 1 had some useful bug that people used to duplicate items.

    ReplyDelete
  2. It's true about not being worth it. Once you have rapid triple-fire, you really don't need shields for anything :)

    Quite a few games also had the flaw of being able to shoot through walls and doors, although like you I'm not sure what the logic flaw was. I always assumed it was due to the projectile starting a bit in front of you, beyond the wall.

    There were some fun bugs in text adventure BBS games as well. I used to know quite a few for Trade Wars 2002 and Legend Of The Red Dragon.

    ReplyDelete
  3. The best one I stumbled on was in the PC port of "Spider Man: Separation Anxiety". If you died during the level boss's death animation, you went on to the next level with one fewer life. If you died during the level boss's death animation on your last life, you went on to the next level with 1,023 lives.

    Personally, the "aha" moment wasn't when I discovered the bug, but five years later when I finally realized the significance of that (at the time) very odd-seeming number.

    ReplyDelete
  4. Dude, if you used to like playing TradeWars 2002, check out the new web based remake at http://www.tradewarsrising.com

    It's pretty cool...

    ReplyDelete