UPK file format

wghost81 · December 18, 2013

Seems, I found the meaning of "junk" at the end of function (after 0x53 token).

53 — end of function
00 00 00 — zeros
XX XX XX XX — function flags
YY YY YY YY — function name (index to namelist table)
00 00 00 00 — zeros

According to UE Explorer, 0x00000400 flag is Native function flag. So, theoretically, if we switch this flag off, we will be able to re-write native function...

EliotVU · December 18, 2013

Seems, I found the meaning of "junk" at the end of function (after 0x53 token).
53 — end of function
00 00 00 — zeros
XX XX XX XX — function flags
YY YY YY YY — function name (index to namelist table)
00 00 00 00 — zeros
According to UE Explorer, 0x00000400 flag is Native function flag. So, theoretically, if we switch this flag off, we will be able to re-write native function...

Shouldn't work because there are thousands of bytecodes still assuming its a Native function.

Edited December 18, 2013 by EliotVU

wghost81 · December 18, 2013

Not thousands... :smile: Not always thousands... :smile:

Drakous79 · December 18, 2013

Thank you Mr. Ghost :smile:

// changed
native static final function bool IsConsoleAllowed();

// to
simulated function bool IsConsoleAllowed()
{
   return true;
    //return ReturnValue;    
}

with help of PatcherGUI. Expanded, corrected virtual size and used function flags from Actor.CanActorPlayFaceFXAnim.Function.

// native static final function bool
01 24 02 00

// simulated function bool
02 01 02 00

Works! I can finaly type console commands.

http://i.imgur.com/Mm2cKJO.jpg

Mod file for EW Patch 1 and PatcherGUI:

DESCRIPTION=Enables Console and Developer's Shell for XCOM Enemy Within

UPK_FILE=Engine.upk

{ Expand function IsConsoleAllowed }
EXPAND_FUNCTION=Engine.IsConsoleAllowed:72

FUNCTION=Engine.IsConsoleAllowed

{ New virtual size }
REL_OFFSET=0x28
[MODDED_HEX]
0D

{ Return true and ReturnValue }
REL_OFFSET=0x30
[MODDED_HEX]
04 27 04 3A 95 2C 00 00

{ Function's flags }
REL_OFFSET=0x3C
[MODDED_HEX]
02 01 02

Mod file for EW Patch 2 and PatcherGUI 2.1 and higher:

DESCRIPTION=Enables Console and Developer's Shell for XCOM Enemy Within

UPK_FILE=Engine.upk

{ IsConsoleAllowed will be moved and expanded }
OBJECT=Engine.IsConsoleAllowed:AUTO

{ New virtual and physical size }
REL_OFFSET=0x28
[MODDED_HEX]
0D 00 00 00 09 00 00 00

{ Return true and ReturnValue }
REL_OFFSET=0x30
[MODDED_HEX]
04 27 04 3A B4 2B 00 00

{ EOS and zeros }
53 00 00 00

{ Function's flags }
02 01 02 00

{ The rest }
00 26 00 00 00 00 00 00

Mod file for EW all patches and PatcherGUI (tested with v5.2):

DESCRIPTION=Enables Console and Developer's Shell for XCOM Enemy Within.

UPK_FILE=Engine.upk
OBJECT=Engine.IsConsoleAllowed:AUTO

// Return true and ReturnValue. Virtual and serial size will be updated.
[bEFORE_CODE]
0B
[AFTER_CODE]
04 27 04 3A <Engine.IsConsoleAllowed.ReturnValue>

// Function's flags
REL_OFFSET=0x3c
MODDED_HEX=02 01 02 00

Edit (26. 2. 2014): Corrected ReturnValue from 84 03 00 00 to 95 2C 00 00 for EW P1. Added EW P2 mod file.

Edit (9. 9. 2014): Added EW all patches mod file.

Edited September 9, 2014 by Drakous79

Bertilsson · December 18, 2013

Works! I can finaly type console commands.

Sweet!

dubiousintent · December 19, 2013

Good news, indeed. Is that mod applicable to all patched versions of EW, or specific to one? (Updated the UPK File Format wiki article with the post token 53 info.) Also posting the PatcherGUI mod to the Editing Developer Console wiki article.

-Dubious-

Drakous79 · December 19, 2013

Dubious, should be compatible with vanilla EW and Patch 1 - hex of original functions match.

wghost81 · December 19, 2013

Drakous79, fixed bugs in PatcherGUI (icon and spaces in paths), should work now.

Good work with console, missed it very much!

Edited December 19, 2013 by wghost81

Hobbes77 · December 19, 2013

Works! I can finaly type console commands.

Great work! I really needed the console to start taking overhead images of the new maps :)

wghost81 · December 19, 2013

Here is some more info on function flags.

Function flags are related to Unreal Function Specifiers. I found a good description of specifiers here: http://udn.epicgames.com/Three/UnrealScriptFunctions.html#Function%20Specifiers

Flags are by definition a bits which are used to store a binary value (yes/no). Flags are combined using bitwise OR operation.

Function flags to specifiers mapping:

0x00002000 Static

0x00000020 Singular

0x00000400 Native

0x00004000 NoExport

0x00000200 Exec

0x00000008 Latent

0x00000004 Iterator

0x00000100 Simulated

0x00200000 Server

0x01000000 Client

0x00000080 Reliable

??? Unreliable

0x00020000 Public

0x00040000 Private

0x00080000 Protected

0x00001000 Operator

0x00000010 PreOperator

??? PostOperator

0x00000800 Event

0x00008000 Const

0x00000001 Final

There is also "Defined" flag in UE Explorer:

0x00000002 Defined

I haven't found any reliable information on this, but as it seems to me, this flag is set if function is not empty, i.e. "defined".

So, it seems, if we want to re-define native function as scripted, we need to remove Native flag and add Defined flag.

UPK file format

Recommended Posts

Link to comment

Share on other sites

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Recently Browsing 0 members