Skip to navigation

Elite on the BBC Micro and NES

Version analysis of David23

This code appears in the following versions (click to see it in the source code):

Code variations between these versions are shown below.

       Name: David23
       Type: Variable
   Category: Copy protection
    Summary: Address pointer to the start of the 6502 stack



 This two-byte address points to the start of the 6502 stack, which descends
 from the end of page 2, less LEN bytes, which comes out as &01DF. So when we
 push 33 bytes onto the stack (LEN being 33), this address will point to the
 start of those bytes, which means we can push executable code onto the stack
 and run it by calling this address with a JMP (David23) instruction. Sneaky
 stuff!



.David23

Code variation 1 of 1Specific to an individual platform

Tap on a block to expand it, and tap it again to revert.

Cassette
Electron
 EQUW (512-LEN)         \ The address of LEN bytes before the start of the stack

 EQUW 6                 \ This value is not used in this unprotected version of
                        \ the loader, though why the crackers set it to 6 is a
                        \ mystery