Speaking of false evidence...

[Terry McCracken]

Should be interesting to see how the accusers respond to this!

I hope that they respond as follows:
1. Download the disassembly tools or use their favorite disassembler.
2. Disassemble the binaries themselves.
3. Examine the resulting listings carefully.
4. Form their own conclusions.

I will be genuinely interested in what they have to say if they actually perform these steps. I am not interested in discourse with anyone who has not done so, because they are running on hearsay evidence and evidence I believe to be largely fabricated.

I wonder if any of them have the guts to back down if they're proven wrong.

There you go- getting silly again.

Dont know about you- but if Dann Corbit tells me it is going to snow in the middle of August- im getting out my long johns, cover-alls and insulated boots

How foolish...

[Terry McCracken]

Should be interesting to see how the accusers respond to this!

I hope that they respond as follows:
1. Download the disassembly tools or use their favorite disassembler.
2. Disassemble the binaries themselves.
3. Examine the resulting listings carefully.
4. Form their own conclusions.

I will be genuinely interested in what they have to say if they actually perform these steps. I am not interested in discourse with anyone who has not done so, because they are running on hearsay evidence and evidence I believe to be largely fabricated.

I wonder if any of them have the guts to back down if they're proven wrong.

There you go- getting silly again.

Dont know about you- but if Dann Corbit tells me it is going to snow in the middle of August- im getting out my long johns, cover-alls and insulated boots

I am wrong often enough to make it a bad idea.

But whatever the case may be, it is always a good idea to keep the attitude for which the "Show-me" state of Missouri is famous.

Zack is trying to. Look!

[Zach Wegner]

Should be interesting to see how the accusers respond to this!

I hope that they respond as follows:
1. Download the disassembly tools or use their favorite disassembler.
2. Disassemble the binaries themselves.
3. Examine the resulting listings carefully.
4. Form their own conclusions.

I will be genuinely interested in what they have to say if they actually perform these steps. I am not interested in discourse with anyone who has not done so, because they are running on hearsay evidence and evidence I believe to be largely fabricated.

I wonder if any of them have the guts to back down if they're proven wrong.

Graham, I wonder if you and your friend George will have the guts to do the same thing. Both of you have repeatedly expressed skepticism at what we are posting, when you have both been extremely selective in what you hear. I really have no idea how you would get the impression that I was "absolutely convinced that Vas has broken the rules".

As soon as someone posts any HINT of skepticism, both of you are on board, railing against reason. The lynch mob attitude is there, but it is on your side. I have done nothing but post objectively and reasonably, and I have been endlessly attacked for it. I have admitted mistakes at least twice in this debacle (the question of when I'll leave as an exercise to the readers). Now the ball is in your court, Graham. Will YOU admit that you were wrong to question me, wrong to have such a smug attitude when it appears there might be a drop of a chance that I'm wrong? I would try to ask your colleague as well, but I know what the response will be...

I have done EXACTLY what Dann has said. I have shown evidence when requested, and will show more. It really is that simple.

[Dann Corbit]

Sorry again Dann, but you are again wrong. It is there, without the function name.

Please Dann, if you are going to say that what I post is "whimsical fabrications", please investigate it a little more.

Code: Select all

.text:0040EDDB strtok          proc near               ; CODE XREF: start_go+A9p
.text:0040EDDB                                         ; start_go+B4p ...
.text:0040EDDB
.text:0040EDDB var_2C          = dword ptr -2Ch
.text:0040EDDB var_28          = dword ptr -28h
.text:0040EDDB var_24          = dword ptr -24h
.text:0040EDDB var_4           = dword ptr -4
.text:0040EDDB arg_0           = dword ptr  8
.text:0040EDDB arg_4           = dword ptr  0Ch
.text:0040EDDB
.text:0040EDDB                 push    ebp
.text:0040EDDC                 mov     ebp, esp
.text:0040EDDE                 sub     esp, 2Ch
.text:0040EDE1                 mov     eax, dword_663608
.text:0040EDE6                 xor     eax, ebp
.text:0040EDE8                 mov     [ebp+var_4], eax
.text:0040EDEB                 mov     eax, [ebp+arg_0]
.text:0040EDEE                 push    ebx
.text:0040EDEF                 push    esi
.text:0040EDF0                 mov     esi, [ebp+arg_4]
.text:0040EDF3                 push    edi
.text:0040EDF4                 mov     [ebp+var_2C], eax
.text:0040EDF7                 call    sub_411438
.text:0040EDFC                 push    8
.text:0040EDFE                 pop     ecx
.text:0040EDFF                 mov     [ebp+var_28], eax
.text:0040EE02                 xor     eax, eax
.text:0040EE04                 lea     edi, [ebp+var_24]
.text:0040EE07                 push    7
.text:0040EE09                 rep stosd
.text:0040EE0B                 pop     edi
.text:0040EE0C
.text:0040EE0C loc_40EE0C:                             ; CODE XREF: strtok+4Aj
.text:0040EE0C                 mov     dl, [esi]
.text:0040EE0E                 movzx   ecx, dl
.text:0040EE11                 mov     eax, ecx
.text:0040EE13                 and     ecx, edi
.text:0040EE15                 mov     bl, 1
.text:0040EE17                 shl     bl, cl
.text:0040EE19                 shr     eax, 3
.text:0040EE1C                 lea     eax, [ebp+eax+var_24]
.text:0040EE20                 or      [eax], bl
.text:0040EE22                 inc     esi
.text:0040EE23                 test    dl, dl
.text:0040EE25                 jnz     short loc_40EE0C
.text:0040EE27                 mov     edx, [ebp+var_2C]
.text:0040EE2A                 test    edx, edx
.text:0040EE2C                 jnz     short loc_40EE3B
.text:0040EE2E                 mov     eax, [ebp+var_28]
.text:0040EE31                 mov     edx, [eax+18h]
.text:0040EE34                 jmp     short loc_40EE3B
.text:0040EE36 ; ---------------------------------------------------------------------------
.text:0040EE36
.text:0040EE36 loc_40EE36:                             ; CODE XREF: strtok+77j
.text:0040EE36                 test    al, al
.text:0040EE38                 jz      short loc_40EE54
.text:0040EE3A                 inc     edx
.text:0040EE3B
.text:0040EE3B loc_40EE3B:                             ; CODE XREF: strtok+51j
.text:0040EE3B                                         ; strtok+59j
.text:0040EE3B                 mov     al, [edx]
.text:0040EE3D                 movzx   esi, al
.text:0040EE40                 xor     ebx, ebx
.text:0040EE42                 mov     ecx, esi
.text:0040EE44                 and     ecx, edi
.text:0040EE46                 inc     ebx
.text:0040EE47                 shl     ebx, cl
.text:0040EE49                 shr     esi, 3
.text:0040EE4C                 mov     cl, byte ptr [ebp+esi+var_24]
.text:0040EE50                 test    bl, cl
.text:0040EE52                 jnz     short loc_40EE36
.text:0040EE54
.text:0040EE54 loc_40EE54:                             ; CODE XREF: strtok+5Dj
.text:0040EE54                 mov     ebx, edx
.text:0040EE56                 jmp     short loc_40EE70
.text:0040EE58 ; ---------------------------------------------------------------------------
.text:0040EE58
.text:0040EE58 loc_40EE58:                             ; CODE XREF: strtok+98j
.text:0040EE58                 movzx   esi, byte ptr [edx]
.text:0040EE5B                 xor     eax, eax
.text:0040EE5D                 mov     ecx, esi
.text:0040EE5F                 and     ecx, edi
.text:0040EE61                 inc     eax
.text:0040EE62                 shl     eax, cl
.text:0040EE64                 shr     esi, 3
.text:0040EE67                 mov     cl, byte ptr [ebp+esi+var_24]
.text:0040EE6B                 test    al, cl
.text:0040EE6D                 jnz     short loc_40EE77
.text:0040EE6F                 inc     edx
.text:0040EE70
.text:0040EE70 loc_40EE70:                             ; CODE XREF: strtok+7Bj
.text:0040EE70                 cmp     byte ptr [edx], 0
.text:0040EE73                 jnz     short loc_40EE58
.text:0040EE75                 jmp     short loc_40EE7B
.text:0040EE77 ; ---------------------------------------------------------------------------
.text:0040EE77
.text:0040EE77 loc_40EE77:                             ; CODE XREF: strtok+92j
.text:0040EE77                 mov     byte ptr [edx], 0
.text:0040EE7A                 inc     edx
.text:0040EE7B
.text:0040EE7B loc_40EE7B:                             ; CODE XREF: strtok+9Aj
.text:0040EE7B                 mov     eax, [ebp+var_28]
.text:0040EE7E                 mov     ecx, [ebp+var_4]
.text:0040EE81                 mov     [eax+18h], edx
.text:0040EE84                 mov     eax, ebx
.text:0040EE86                 sub     eax, edx
.text:0040EE88                 neg     eax
.text:0040EE8A                 sbb     eax, eax
.text:0040EE8C                 pop     edi
.text:0040EE8D                 and     eax, ebx
.text:0040EE8F                 pop     esi
.text:0040EE90                 xor     ecx, ebp
.text:0040EE92                 pop     ebx
.text:0040EE93                 call    sub_4116F5
.text:0040EE98                 leave
.text:0040EE99                 retn
.text:0040EE99 strtok          endp

Vas's UCI parser does call this routine, but it is clearly not strtok() because it only passes two parameters:
[/code]
; ÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛ S U B R O U T I N E ÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛ


sub_40EAE0 proc near ; CODE XREF: sub_4092E0+10p
; sub_4092E0+1Dp ...

arg_0 = dword ptr 4
arg_4 = dword ptr 8

mov ecx, [esp+arg_4]
push edi
push ebx
push esi
mov dl, [ecx]
mov edi, [esp+0Ch+arg_0]
test dl, dl
jz short loc_40EB60
mov dh, [ecx+1]
test dh, dh
jz short loc_40EB4D

loc_40EAF8: ; CODE XREF: sub_40EAE0+58j
; sub_40EAE0+6Bj
mov esi, edi
mov ecx, [esp+0Ch+arg_4]
mov al, [edi]
add esi, 1
cmp al, dl
jz short loc_40EB1E
test al, al
jz short loc_40EB18

loc_40EB0B: ; CODE XREF: sub_40EAE0+36j
mov al, [esi]
add esi, 1

loc_40EB10: ; CODE XREF: sub_40EAE0+45j
cmp al, dl
jz short loc_40EB1E
test al, al
jnz short loc_40EB0B

loc_40EB18: ; CODE XREF: sub_40EAE0+29j
pop esi
pop ebx
pop edi
xor eax, eax
retn
; ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ

loc_40EB1E: ; CODE XREF: sub_40EAE0+25j
; sub_40EAE0+32j
mov al, [esi]
add esi, 1
cmp al, dh
jnz short loc_40EB10
lea edi, [esi-1]

loc_40EB2A: ; CODE XREF: sub_40EAE0+69j
mov ah, [ecx+2]
test ah, ah
jz short loc_40EB59
mov al, [esi]
add esi, 2
cmp al, ah
jnz short loc_40EAF8
mov al, [ecx+3]
test al, al
jz short loc_40EB59
mov ah, [esi-1]
add ecx, 2
cmp al, ah
jz short loc_40EB2A
jmp short loc_40EAF8
; ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ

loc_40EB4D: ; CODE XREF: sub_40EAE0+16j
xor eax, eax
pop esi
pop ebx
pop edi
mov al, dl
jmp loc_40EB86
; ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ

loc_40EB59: ; CODE XREF: sub_40EAE0+4Fj
; sub_40EAE0+5Fj
lea eax, [edi-1]
pop esi
pop ebx
pop edi
retn
; ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ

loc_40EB60: ; CODE XREF: sub_40EAE0+Fj
mov eax, edi
pop esi
pop ebx
pop edi
retn
sub_40EAE0 endp

; ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
align 10h
; START OF FUNCTION CHUNK FOR sub_40EB80

loc_40EB70: ; CODE XREF: sub_40EB80+1Fj
lea eax, [edx-1]
pop ebx
retn
; END OF FUNCTION CHUNK FOR sub_40EB80
; ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
align 10h
[/code]

Where is the code that you claim to be strtok() or the entry point?
If the strtok() routine were in the CRT runtime DLL, we would see the reference or the program would not work.
If the strtok() routine were included from the CRT library, we would see the code inline with the _strtok symbol name. There could be a clone of strtok() somewhere. Will you show me where it is?

[Graham Banks]

I wonder if any of them have the guts to back down if they're proven wrong.

Graham, I wonder if you and your friend George will have the guts to do the same thing. Both of you have repeatedly expressed skepticism at what we are posting, when you have both been extremely selective in what you hear. I really have no idea how you would get the impression that I was "absolutely convinced that Vas has broken the rules".

As soon as someone posts any HINT of skepticism, both of you are on board, railing against reason. The lynch mob attitude is there, but it is on your side. I have done nothing but post objectively and reasonably, and I have been endlessly attacked for it. I have admitted mistakes at least twice in this debacle (the question of when I'll leave as an exercise to the readers). Now the ball is in your court, Graham. Will YOU admit that you were wrong to question me, wrong to have such a smug attitude when it appears there might be a drop of a chance that I'm wrong? I would try to ask your colleague as well, but I know what the response will be...

I have done EXACTLY what Dann has said. I have shown evidence when requested, and will show more. It really is that simple.

Zach - I have already told you that I'd be amongst the first to eat humble pie if your assumptions are correct.
However, I honestly believe that you're being led up the garden path.
I'm basing that on what I've heard from a few widely respected programmers in offline conversations.
Hopefully, they'll post at some stage.

Cheers, Graham.

[Zach Wegner]

Sorry again Dann, but you are wrong.

Vas's UCI parser does call this routine, but it is clearly not strtok() because it only passes two parameters:

?????
strtok only has two parameters.

Where is the code that you claim to be strtok() or the entry point?
If the strtok() routine were in the CRT runtime DLL, we would see the reference or the program would not work.
If the strtok() routine were included from the CRT library, we would see the code inline with the _strtok symbol name. There could be a clone of strtok() somewhere. Will you show me where it is?

The symbols are stripped Dann.

It's easy enough to find where the code is in the Rybka binary (the code addresses are on the side). Here's a piece of where it is called, which exactly corresponds with where it is called in Fruit and Strelka:

Code: Select all

.text:004095F0 loc_4095F0:                             ; CODE XREF: start_go+C6j
.text:004095F0                                         ; start_go+29Ej
.text:004095F0                 mov     edi, offset aWinc ; "winc"
.text:004095F5                 mov     esi, ebp
.text:004095F7                 mov     ecx, 5
.text:004095FC                 xor     edx, edx
.text:004095FE                 repe cmpsb
.text:00409600                 jnz     short loc_40961F
.text:00409602                 push    offset asc_661F8C ; " "
.text:00409607                 push    ebx
.text:00409608                 call    strtok
.text:0040960D                 push    eax
.text:0040960E                 call    atoi
.text:00409613                 add     esp, 0Ch
.text:00409616                 mov     [esp+2Ch+winc], eax
.text:0040961A                 jmp     loc_4097AC
.text:0040961F ; ---------------------------------------------------------------------------
.text:0040961F
.text:0040961F loc_40961F:                             ; CODE XREF: start_go+E0j
.text:0040961F                 mov     edi, offset aWtime ; "wtime"
.text:00409624                 mov     esi, ebp
.text:00409626                 mov     ecx, 6
.text:0040962B                 xor     eax, eax
.text:0040962D                 repe cmpsb
.text:0040962F                 jnz     short loc_409653
.text:00409631                 push    offset asc_661F8C ; " "
.text:00409636                 push    ebx
.text:00409637                 call    strtok
.text:0040963C                 push    eax
.text:0040963D                 call    atoi
.text:00409642                 add     esp, 0Ch
.text:00409645                 sub     eax, 1388h
.text:0040964A                 mov     [esp+2Ch+wtime], eax
.text:0040964E                 jmp     loc_4097AC

I will also note that the Strelka assembly you posted does not contain the word strtok.

[Zach Wegner]

Zach - I have already told you that I'd be amongst the first to eat humble pie if your assumptions are correct.
However, I honestly believe that you're being led up the garden path.
I'm basing that on what I've heard from a few widely respected programmers in offline conversations.
Hopefully, they'll post at some stage.

Cheers, Graham.

Graham,

Why is it me who is being led up the garden path? Why are these anonymous programmers who are "widely respected" more credible than me, Christophe, Bob, Tony, and others?

Again, I am posting evidence so that people can decide. I would hope that people would refrain from posting things like "some people I am talking to say you are wrong". All it does is create more unanswered questions in everyone's minds. If someone has some arguments against me, then by all means, bring them forward. I want them to, as it might make the level of this discussion climb a bit. Gerd Isenberg did exactly that. Dann tried to, but unfortunately framed it as "this is false! you are being misled!!!". And he was wrong. But until your anonymous friends come, your comments only create more conflict. And that is exactly what this forum does not need right now.

Who knows, I could be wrong. You could be wrong too, so I suggest that neither party makes any assumptions yet. I will still respect you for your work, though I am afraid to say that I will not do the same for Mr. Speight.

Regards,
Zach

P.S. this is getting far too heated. I have no ill will towards you Graham. I just ask that speculative comments are kept to a minimum, and you seem to be one of the few here who is reasonable enough to listen.

[Zach Wegner]

Exactly what world did you wake up in Graham- if it is the truth- which i am quite certain it is- they will ignore it and/or divert attention away from it. This was never a quest for truth- merely a witchhunt.

George,

When can I expect my apology?

[geots]

Should be interesting to see how the accusers respond to this!

I hope that they respond as follows:
1. Download the disassembly tools or use their favorite disassembler.
2. Disassemble the binaries themselves.
3. Examine the resulting listings carefully.
4. Form their own conclusions.

I will be genuinely interested in what they have to say if they actually perform these steps. I am not interested in discourse with anyone who has not done so, because they are running on hearsay evidence and evidence I believe to be largely fabricated.

I wonder if any of them have the guts to back down if they're proven wrong.

Graham, I wonder if you and your friend George will have the guts to do the same thing. Both of you have repeatedly expressed skepticism at what we are posting, when you have both been extremely selective in what you hear. I really have no idea how you would get the impression that I was "absolutely convinced that Vas has broken the rules".

As soon as someone posts any HINT of skepticism, both of you are on board, railing against reason. The lynch mob attitude is there, but it is on your side. I have done nothing but post objectively and reasonably, and I have been endlessly attacked for it. I have admitted mistakes at least twice in this debacle (the question of when I'll leave as an exercise to the readers). Now the ball is in your court, Graham. Will YOU admit that you were wrong to question me, wrong to have such a smug attitude when it appears there might be a drop of a chance that I'm wrong? I would try to ask your colleague as well, but I know what the response will be...

I have done EXACTLY what Dann has said. I have shown evidence when requested, and will show more. It really is that simple.

Which proves you dont know me at all. If i were to be wrong- and Vas is highly guilty- i will be there to tell you i was wrong. But knowing that will not happen, i will also be there for you when you must admit you acted hastily. And believe me, others will then be distancing themselves from you like rats jumping from a sinking ship. They are experts at that. But i will still be there for you. You have much much promise as a programmer- and i for one want to see you excel and reach your highest expectations. You just need to be really really careful- try not to burn bridges you may need to cross one day.

[bob]

I am not quite sure where you are headed with this post.

NAME
strtok, strtok_r - extract tokens from strings

SYNOPSIS
#include <string.h>

char *strtok(char *str, const char *delim);


Looks like 2 arguments is _exactly_ what it needs. At least if you look at the Crafty source, which also uses strtok(), I pass two arguments, a pointer to the string to parse, a pointer to a string of delimiters to parse with.

Would you not want to check such before posting? I suppose one could go through the asm routine you posted to verify that it is strtok(). I'm willing if need be, although I would probably go get the source for strtok() and compile that for comparison...

Disassembling is not a trivial task. Understanding what has been disassembled is even harder.