From 7c8248e00d16e306653627dc3c5f451d6d576c69 Mon Sep 17 00:00:00 2001
From: CrazyRedMachine <crazyredmachine86@gmail.com>
Date: Thu, 4 Jan 2024 15:25:59 +0100
Subject: [PATCH] fix another pplist crash when playing only customs

---
 popnhax/dllmain.cc | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/popnhax/dllmain.cc b/popnhax/dllmain.cc
index cff4bb8..d61be08 100644
--- a/popnhax/dllmain.cc
+++ b/popnhax/dllmain.cc
@@ -5116,6 +5116,19 @@ static bool patch_db_fix_cursor(){
     return true;
 }
 
+void (*real_pp_mean_compute)();
+void hook_pp_mean_compute()
+{
+    __asm("test ecx, ecx\n");
+    __asm("jnz divide_list\n");
+    __asm("mov eax, 0\n");
+    __asm("jmp skip_divide\n");
+    __asm("divide_list:\n");
+    __asm("div ecx\n");
+    __asm("skip_divide:\n");
+    real_pp_mean_compute();
+}
+
 bool patch_db_power_points()
 {
     DWORD dllSize = 0;
@@ -5181,7 +5194,23 @@ bool patch_db_power_points()
         skip_pp_list_elem = (void(*)()) ((int64_t)data + jump_addr_offset);
 
     }
+    /* prevent crash when playing only customs in a credit */
+    {
+        int64_t pattern_offset = search(data, dllSize, "\xC1\xF9\x02\x33\xD2\xF7\xF1\x8B\xC8", 9, 0);
+        if (pattern_offset == -1) {
+            LOG("popnhax: patch_db: cannot find power point mean computation\n");
+            return false;
+        }
 
+        uint64_t patch_addr = (int64_t)data + pattern_offset + 0x05;
+        patch_memory(patch_addr, (char*)"\x90\x90", 2); // erase original div ecx (is taken care of in hook_pp_mean_compute)
+
+        /* fix possible divide by zero error */
+        MH_CreateHook((LPVOID)patch_addr, (LPVOID)hook_pp_mean_compute,
+                     (void **)&real_pp_mean_compute);
+    }
+
+    LOG("popnhax: patch_db: power point computation fixed\n");
     return true;
 }