Anonymous user
OAM DMA hijacking: Difference between revisions
→Setup (OAM sprite manipulation)
Line 37:
By simply changing the value at FF81 (normally the C3 in ld a,C3); the player can change the source of OAM sprites from C300 to XX00. In particular, this is useful for [[Party scrolling memory corruption#HRAM manipulation|party scrolling memory corruption]]; a glitch where scrolling beyond slot 6 in the party menu will attempt to animate those sprites and corrupt the memory. OAM sprite manipulation increases the range of corruptible memory addresses that would otherwise be possible.
This method can also be used for a creative purpose; for the player to add their own sprites to the screen; for example changing it to D300 will touch the start of the inventory items; D31C (the last Pokédex seen flag controls the y-coordinate of the eighth entry, D31D (the number of items) controls the x-coordinate of the entry, D31E (the first item) controls the sprite, D31F (the first item quantity) controls the attribute of that sprite). More control however starts at item 2 (D320) (or the ninth entry) and onward; two item pairs consisting of the item and its quantity will control one OAM entry (four bytes), so by adding specific items the player can display their own sprites on the screen. Note
In this case, it may be possible to animate them with additional code to change the items. Animations of the OAM entries are normally done by other routines (such as the overworld loop which is meant to change C3XX), but the player could for instance use [[map script arbitrary code execution]] to run their own sprite animation routine.
| |||