I have uncovered multiple vulnerabilities, including a severe Remote Code Execution (RCE) vulnerability, in the link cable communication module of “The Legend of Zelda: Oracle of Seasons” for the Game Boy Color. The vulnerability is caused by a failure to sanitize inputs received over the link cable.

Yesterday, there was a huge leak of Nintendo assets. Particularly, source code and prototypes have been leaked for a huge number of games. These include source code for Star Fox, Star Fox 2, Yoshi’s Island, Mario Kart, and more recently some N64 games including Super Mario 64 and Ocarina of Time, and more…

On this day, 5 years ago, I made my first commit in the oracles-disasm project; a full disassembly for “The Legend of Zelda: Oracle of Ages and Seasons” for the Gameboy. I’ve never talked about it much publicly outside of a few tweets, so I thought this would be a good time to tell the world about it.

Google Summer of Code officially ended last Monday, August 6th. My project was to reimplement Star Trek: 25th Anniversary in ScummVM.

Last week I worked on mission 6, “That Old Devil Moon”. It features some interesting lore of two ancient civilizations that annihilated each other through the use of nuclear weaponry. What a totally, uh, alien and unthinkable prospect, haha…

This past week has been spent on space; trying to make heads or tails of the game’s “pseudo-3d” engine. And, while it hasn’t been entirely unsuccessful, progress on this front has been relatively slow.

Last week was mostly focused on finishing up the second part of the “Feathered Serpent” mission, in which Quetzalcoatl is put on trial by the klingons for spreading messages of peace. Kirk agrees to go through a set of trials to prove his honor or something so that Quetzalcoatl can go free.

This week, in addition to finishing up the Harry Mudd mission, I’ve done the first half of mission 5, “Feathered Serpent”. This is the only mission to be divided into two “away mission” segments, with another ship segment between the two.

Mission 4: “Love’s Labor Jeopardized”, is an odd one. You don’t really need to do very much to complete the mission; most of the challenge comes from getting the maximum number of points possible by discovering as much as you can about an alien ship.

Mission 3: Love’s Labor Jeopardized. It’s about 90% finished.

Star Trek’s second mission, “Hijacked”, is finished. It’s very short, only consisting of 4 rooms. Despite this, the devs didn’t fail to insert a number of bugs into the mission, most of them in the final room.

The main task of this last week was to implement saving. This had a surprising amount of nuance to it, since I need to provide ScummVM with various metadata, including a thumbnail of the savefile, the savegame description, etc… fortunately it wasn’t too difficult to use other engines as templates on how to accomplish this. I’m quite glad I found out about ScummVM’s built-in serializer before starting on this, as it reduces the amount of redundant code by a lot (saving and loading is done with the same code).

My work this week has been the repetitive and somewhat tedious task of rewriting the code for Mission 1. It did take a while, but hardly the entire month my original schedule called for! My original schedule didn’t anticipate that I would finish the entire game within GSoC, but at this rate, it seems quite possible.

It’s been a week and change since GSoC started. When we left off, I’d just finished implementing pathfinding. In the week since then, I’ve been busy implementing the action system, which is central to any adventure game.

Google Summer of Code officially started yesterday; but, since I got started a bit early, I already have a week’s worth of things to talk about. If I want to support both Star Trek: 25th Anniversary and Star Trek: Judgment Rites, I need to get moving!

This summer, I’ve been accepted into Google Summer of Code to work on the ScummVM project. My task: to reverse-engineer Star Trek: 25th Anniversary and rewrite the game’s code in C++ as part of ScummVM’s framework.

People who know me online know that I love the Oracle games, that is, The Legend of Zelda: Oracle of Ages and Seasons for the gameboy. I used to have speedrun records for both games, though my only record still standing today is my 100% record. I wonder why…