OllyDbg questions

[poiuy_qwert]

I've been learning reversing with OllyDbg for a bit now and I have had a couple questions along the way, so i'll be using this thread to ask various questions about it when i have them.

Right now i'm trying to find a way to play a wav in starcraft, which is located in one of starcrafts mpqs. I've found where the Play WAV trigger (for custom maps) is located and have stepped through a lot of it figuring out what is going on. I have tried calling it with my own custom data (the data is correct), but it isn't playing the sound. What I want to do is find where in the function its deviating from when I play the wav normally with a trigger. I've tried stepping through both ways until it goes somewhere I don't recognize, but there is just too much to check. Is there an easier way to do this? The "Trace" options stand out but I don't really know how to use them.

Thanks in advance!

[zonemikel]

If you wanted to play a sound i would hook research how direct x sound works, figure out how to use it in cpp, then when you start olly click the 'e' look for dsound right click then hit view names and look for the function that plays the sound, you can bp on it and execute till return and see what actually calls it.

this is all theory of course.

[poiuy_qwert]

I already have what calls it as stated in my first post (the Play WAV custom map trigger), i just was looking for an easy way to find where two calls to a function with different parameters, deviate in execution. Also, I found why the sound wasn't playing (i had the wrong file path for the WAV in the MPQ :/) so it works now, but that was just an example, my question still stands.

[zonemikel]

Well im not sure exactly what your question is, if its how to find other things that call a function then ill try and answer that. Sorry, sometimes when we ask questions we know what we are asking but when others read it its kinda misty.

Anyway to find other functions that call a function go to the first line of the function in question, normally like push ebp or something then right click and "find references to" then "selected command". That will find every function that calls that command.

Also Ida debugger has a graphing thing that shows how the functions all link together. Also immunity debugger has a simpler graphing thing, immunity is based off olly, it looks the same.

hope that helps

[poiuy_qwert]

No, thats not what i meant. I was saying, if I am calling a function with two different sets of parameters, and I want to easily find out where in that function the execution is different. For example i have the function "void test(int a,int b)" and i do "test(1,2)" and it does one thing, and i do "test(2,1)" and it does another. I want to easily find the CMP/TEST or whatever is responsible for the difference.

[zonemikel]

No, thats not what i meant. I was saying, if I am calling a function with two different sets of parameters, and I want to easily find out where in that function the execution is different. For example i have the function "void test(int a,int b)" and i do "test(1,2)" and it does one thing, and i do "test(2,1)" and it does another. I want to easily find the CMP/TEST or whatever is responsible for the difference.

Oh gotcha ! Yes thats what the "hit trace" is for, what the hit trace will do is set a bp on every command in the proc and highlight it differently if it was "hit" or not. This shows you which execution took place in the function. Like which stuff was jumped over and such.

Its in the help docu for immunity, not sure about olly.

[poiuy_qwert]

Ahhh. I see, I read the readme wrong for the trace stuff, makes sense now. Thanks!