I’ve been watching video game speed runs, specifically Legend of Zelda: Ocarina of Time, and the user beats it in less than 15min by using a glitch called Stale Reference Manipulation. How can someone even discover that or do it? Do you need hardware besides the game console to do it?
In: Technology
No, they would discover it completely by accident, often by trying how to recreate a glitch. So Link has his boomerang, and I’m not too familiar but it can carry objects (or actors) with it. When he throws his boomerang, it briefly switches places with that actor, and sometimes a glitch happens and the actor now has past values for its postion, direction etc. If you know how to regularly cause that glitch, you can cause arbitrary code execution because you can change the actor Link or his boomerang is carrying.
You can do some of this by smartly using just faults the software, but to do truly arbitrary code execution, you need to modify the game itself (such as changing the item in a treasure chest).
Overall, it seems like the second would disqualify most speedrun catagories.
So you’re a computer. You run programs. Your programs count on when they store a piece of information, it stays the same. If someone changes one of these values on you, you don’t know and blissfully run the program with the new, cheat information.
Stale memory reference is a variable in memory that is not supposed to be used anymore, but the hacker puts new information in, which then confuses the program.
Most of these sort of exploits are bugs. The programmers fail to predict, for example, someone could walk out of a room while the boomerang is still in the air. This creates a situation where unexpected things happen, because the programmers goofed.
In the case of SRM, profoundly large unintended consequences can result.
To discover these things, you need luck, knowledge of how programs work, or know how to think like a programmer. A common tactic anyone can use is to find “edge cases.” An edge case is an unexpected set of circumstances. What if I jump through a door and then crouch mid air? What happens if I shoot a live grenade with a rocket launcher?
From what I understand, the Zelda SRM bug is about how Nintendo implements its stack. That is a very specific detail you would only know if you worked at Nintendo writing operating system code. So this would be very hard to find by looking for it, because you wouldn’t know it is there.
Usually these things are discovered by accident.
It is likely people discovered the bug, kept experimenting, and ultimately figured out what was happening.
Latest Answers