跳过 d2hack.script 并配合 noCleanup，已经可以启动游戏。但是 battle.net 功能不可用，点击后会在检查版本…

…号之后报unhandled exception: ACCESS_VIOLATION(c00000005)。所以原版 d2loader.exe 应该是在 d2hack.script 加载阶段干了额外的事情。例如可能有一个内嵌于 d2loader.exe 的默认 d2hack.script，打了某些Patch。
hoxily · Jul 7, 2021 · e86491d · e86491d
1 parent dd31725
commit e86491d
Show file tree

Hide file tree

Showing 3 changed files with 61 additions and 7 deletions.
diff --git a/d2loader/data-types-function-ptr.h b/d2loader/data-types-function-ptr.h
@@ -195,4 +195,15 @@ typedef void(__cdecl* fn_D2Net_2713)(
     );
 
 typedef void(__cdecl* fn_D2Net_2714)(
-    );
+    );
+
+/*
+* Diablo II DLL的 QueryInterface 接口。
+* 可以用于 BnClient.dll, d2client.dll, d2server.dll, d2multi.dll, d2launch.dll,
+*/
+typedef void* (__stdcall* fn_D2_QueryInterface)(
+    );
+
+typedef DWORD (__fastcall* fn_D2_ComInt)(
+    union program_setting_store* settings
+    );
diff --git a/d2loader/functions/sub_4070d5.c b/d2loader/functions/sub_4070d5.c
@@ -5,9 +5,6 @@
 #include "sub_404ed0.h"
 #include "sub_405663.h"
 
-typedef void* (*fn_BnClient_QueryInterface)();
-typedef void (__fastcall *fn_ComInt)(union program_setting_store* settings);
-
 BOOL sub_4070d5_D2CommonInit(
 )
 {
@@ -38,7 +35,10 @@ BOOL sub_4070d5_D2CommonInit(
         return FALSE;
     }
 
-    fn_BnClient_QueryInterface query = (fn_BnClient_QueryInterface)GetProcAddress(global_dd_408624_moduleBnClient, "QueryInterface");
+    fn_D2_QueryInterface query = (fn_D2_QueryInterface)GetProcAddress(
+        global_dd_408624_moduleBnClient,
+        "QueryInterface"
+    );
     if (query == NULL)
     {
         sub_404ed0_LogFormat(
@@ -55,7 +55,7 @@ BOOL sub_4070d5_D2CommonInit(
     // call eax
     // call dword ptr [eax]
     // query 取得的只是一个指针，指向一个函数指针。
-    fn_ComInt fn = *(fn_ComInt*)query();
+    fn_D2_ComInt fn = *(fn_D2_ComInt*)query();
 
     fn(global_dd_408620_settings);
 

diff --git a/d2loader/functions/sub_407246.c b/d2loader/functions/sub_407246.c
@@ -1,8 +1,51 @@
 #include "sub_407246.h"
+#include "../global-variables.h"
+#include "../constants.h"
+#include "sub_404ed0.h"
 
 DWORD sub_407246_D2DllEntry(
     DWORD oldGameState
 )
 {
-    return 0;//TODO
+    if (oldGameState >= GAME_STATE_INVALID)
+    {
+        sub_404ed0_LogFormat(
+            LOG_TAG,
+            "Got Bad Dll Entry %d",
+            oldGameState
+        );
+        return GAME_STATE_NONE;
+    }
+
+    const char* fileName = global_dd_4011b0_gameStateDlls[oldGameState];
+
+    HMODULE hModule = LoadLibraryA(
+        fileName
+    );
+    if (hModule == NULL)
+    {
+        sub_404ed0_LogFormat(
+            LOG_TAG,
+            "Error Loading %s",
+            fileName
+        );
+        return GAME_STATE_NONE;
+    }
+
+    fn_D2_QueryInterface query = (fn_D2_QueryInterface)GetProcAddress(
+        hModule,
+        "QueryInterface"
+    );
+    if (query == NULL)
+    {
+        sub_404ed0_LogFormat(
+            LOG_TAG,
+            "Can not QueryInterface from %s",
+            fileName
+        );
+        return GAME_STATE_NONE;
+    }
+
+    fn_D2_ComInt fn = *(fn_D2_ComInt*)query();
+    return (DWORD)fn(global_dd_408620_settings);
 }