JASS
JASS and JASS2 (sometimes said to stand for Just Another Scripting Syntax) is a scripting language provided with an event-driven API created by Blizzard Entertainment. It is used extensively by their games Warcraft III (JASS2) and StarCraft (JASS) for scripting events in the game world. Map creators can use it in the Warcraft III World Editor and the Starcraft Editor to create scripts for triggers and AI (artificial intelligence) in custom maps and campaigns.
Blizzard Entertainment has replaced JASS with Galaxy in Starcraft II.
Features
The language provides an extensive API that gives programmers control over nearly every aspect of the game world. It can, for example, execute simple GUI functions such as giving orders to units, changing the weather and time of day, playing sounds and displaying text to the player, and manipulating the terrain. JASS can also create powerful functions such as trackables, which detect if a mouse goes over or hits a position, GetLocalPlayer(), which can cause disconnects if used improperly (such as using handles with GetLocalPlayer() ). It has a syntax similar to Turing and Delphi, but unlike those languages, it is case sensitive. JASS primarily uses procedural programming concepts, though popular user-made modifications to Blizzard's World Editor program have since added C++-like object-oriented programming features to the syntax of JASS.
Sample code
The following function creates a string containing the message "Hello, world!" and displays it to all players:
function Trig_JASS_test_Actions takes nothing returns nothing call DisplayTextToPlayer(GetLocalPlayer(), 0, 0, "Hello, world!") endfunction
or if you want this only for one player:
function Trig_JASS_test_Actions takes player p returns nothing call DisplayTextToPlayer(p, 0,0, "Hello, world!") endfunction
And if you want to print the message 90 times and show the iterator:
function Trig_JASS_test_Actions takes player p returns nothing local integer i=0 loop exitwhen i==90 call DisplayTextToPlayer(p, 0,0, "Hello, world! "+I2S(i)) set i=i+1 endloop endfunction
Basic syntax
Syntax of JASS is similar to Turing. It is context free. Examples of basic syntax are shown below:
function syntax_Example_Sum takes integer i, real r returns real //function declaration must include: the keyword "function", //the function name, parameters (if any) and return type (if //it returns something) return i + r //return statements must begin with the keyword "return" endfunction //the keyword "endfunction" signals the end of a function block function syntax_Example takes nothing returns nothing local integer i //declaring a local variable requires the modifier "local", the variable's data type, and the variable name local real r = 5.0 //local variable declarations must come before anything else in a function and variables may be //initialized on declaration //separated statements MUST be placed on separate lines set i = 6 //the keyword "set" is used to rebind variables call syntax_Example_Sum( i, r ) //function calls must be preceded by the keyword "call" set r = syntax_Example_Sum( i, r ) //the "call" keyword is omitted when accessing a function's return value endfunction
Types
JASS is statically-typed, and its types can be separated into two classes: natives and handles. The native types are:
- integer (32-bit signed)
- real (32-bit floating point numbers, similar to the float type in Java)
- string (limit is 1023 characters, actually to provide save/load compatibility it's required to use only 1013 characters)
- boolean
- code
All other types are considered non-native. The native types behave very similarly to primitive types in other programming languages. Handle types, however, behave more like objects. Handle types often represent an "object" within the game (units, players, special effects, etc.). Similarly to how Java treats Objects, all variables and parameters in JASS of handle types are treated as values, but in reality those values are nothing but references to the handle objects. This becomes important when dealing with garbage collection because handles, if not properly cleaned up, can cause significant performance issues. Additionally, local variables do not properly dereference handles when they go out of scope. If they are not nullified properly, handle indices will not be garbage collected and will eventually leak. Also, any references to handles themselves take up some memory space. Users may experience reduced performance if they are not nullified, though on a much smaller scale.
function garbage_Collection_Example takes string effectPath, real x, real y returns nothing local effect specialEffect = AddSpecialEffect( effectPath, x, y ) //uncleaned handle types will continue to take up system resources endfunction function garbage_Collection_Example2 takes string effectPath, real x, real y returns nothing local effect specialEffect = AddSpecialEffect( effectPath, x, y ) set specialEffect = null //setting the variable to null is not enough, since it is only a reference to the handle; //the handle still exists endfunction function garbage_Collection_Example3 takes string effectPath, real x, real y returns nothing local effect specialEffect = AddSpecialEffect( effectPath, x, y ) call DestroyEffect( specialEffect ) //we destroy (clean up) the handle to free up memory set specialEffect = null endfunction function garbage_Collection_Example4 takes effect e returns nothing //do stuff call DestroyEffect( e ) //parameters do not have to be nullified endfunction
Another property of handle types worth noting is that all handle types are treated as if they were children of the "handle" type. Some of these children types have their own children types, and so on. Handle variables may reference its own specific handle type or any children type. For example:
function Trig_JASS_handle_Example_Child takes widget w, widget w2 returns nothing //do stuff endfunction function handle_Example takes real x, real y returns nothing local widget w //widget is a handle type with children type unit and destructible local unit u = CreateUnit( 'hfoo', x, y ) local destructible d = CreateDestructible( 'ATtr', x, y ) set w = u //acceptable call Trig_JASS_handle_Example_Child( w, d ) //acceptable //Don't forget to null every extends agent variable. set u = null set d = null set w = null endfunction
agent
Since patch 1.24b there is a new handle-based type called "agent" which has been introduced to separate handle types of which objects has to be deleted manually (Dynamic memory allocation) and handle types of which objects are deleted automatically (Stack-based memory allocation). For example, types "unit", "rect" or "destructable" which refer to dynamic allocated objects do extend type "agent" now whereas types such as "race" or "alliancetype" which actually are only some kind of wrappers for the native type "integer" and can be compared to enumerated types do still extend type "handle".
Type casting
Of the primitive types, type casting between integer, real, and string is officially supported by the language. JASS supports both implicit and explicit type casting.
Implicit casting only occurs from integer to real. For example:
function type_Casting_Example takes nothing returns real local integer i = 4 local real r = 5 //implicit cast of 5 to real to satisfy variable type if ( i < r ) then //implicit cast of i to real set r = r / i //implicit cast of i to real in order to carry out real division endif return i //XXX: NOT allowed; JASS does not allow implicit casting from integer to real to satisfy return types endfunction
The JASS library provides several functions for explicit type casting:
- I2R(): casts integer to real
- R2I(): casts real to integer
- I2S(): casts integer to string
- R2S(): casts real to string
- S2I(): casts string to integer
An important property of handle types related to type casting is that since all variables of handles are just references, they can all be treated (and are treated) as integers. Each instance of a handle is assigned a unique integer value that essentially acts as an identifier for the handle. Therefore, type casting from handles to integers, although technically not supported by JASS, is possible in practice because implicit casting from handle types to integer can and will occur if the code is written in a certain way, for example:
function H2I takes handle h returns integer return h endfunction
If the game ever reached the line "return h", it would in fact actually cast the handle to an integer and return the value. However, Blizzard never intended for JASS to be used this way, and so the JASS compiler will actually throw an error, warning the programmer that the function isn't returning the correct type. However, JASS programmers have found and exploited a now famous bug in the JASS compiler's syntax checker: the so-called "return bug". Essentially, the compiler will only make sure that the last return statement in a function returns the correct type. Therefore, the following code compiles without error and can be used to cast handles to integers
function H2I takes handle h returns integer return h //the function will stop executing after the first return statement, i.e. this one return 0 //the compiler will only check this statement for syntax accuracy, but it is in reality unreachable code endfunction
This bug has been fixed in patch 1.23b, although it was not completely fixed until patch 1.24b. Users have to use new hashtable natives instead of their return bug counterparts. While this bug has been fixed in patch 1.24b, another return bug has been discovered by users, known as the Return Nothing bug. The Return Nothing bug has been fixed by Blizzard in patch 1.23c.
The return nothing bug lets the user get the last value returned by any function, even as another type. To properly utilize the bug, the desired return must be made in a separate function and a return in the calling function should be made impossible.
function ReturnHandle takes handle h returns handle return h endfunction function H2I takes handle h returns integer call ReturnHandle(h) //This sets the last returned value to 'h'. if false then return 0 //This can never occur, so the game uses the last returned value as this function's returned value instead. //It will even return the last returned value as a different type, in this case an integer. endif endfunction
Arrays
JASS supports one-dimensional arrays of any type (excluding code). The syntax to declare arrays and access members in an array is outlined in the code below.
function array_Example takes nothing returns nothing //arrays cannot be initialized at declaration and their members will hold arbitrary values local integer array numbers local unit array units local boolean array booleans local integer i = 1 set numbers[0] = 1 //the syntax to initialize an array member is identical to that for any other variable, only a set of //brackets: [] must immediately follow the variable name with the index value of the specific member //to initialize inside the brackets set units[0] = CreateUnit( 'hfoo', 0, 0 ) //indexes for arrays always start at 0 loop exitwhen ( i > 8191 ) //the maximum size for arrays in JASS is 8192, which means that the last index of any array can //only be 8191, to provide save/load compatibility it's required to use maximum index 8190 set numbers[i] = i //variables can substitute for constants when specifying the index value in the brackets set units[numbers[i]] = null //array members can also substitute set booleans[i-1] = true //arithmetic (or functional) operations are also acceptable set i = i + 1 //increments the index value endloop if booleans[200] then //to access an array member, again the syntax is the same as for normal variables, only //with the addition of the brackets with the index value inside set numbers[200] = -200 //you can re-assign members of the array to different values endif endfunction
One limitation of arrays in JASS is that they cannot be returned by functions or passed as parameters to other functions, though array members may be returned (in a function that returns a unit, u[0] may be returned if u is an array of type unit).
Return Bug Security Vulnerability and Patch 1.24
In 2009 the return bug was shown to allow arbitrary code execution, a registered security vulnerability.[1] Blizzard Entertainment shortly thereafter released patch 1.24 which fixed the vulnerability and the JASS bug. Once the patch is deployed, any map that contains the script code with returns bugs will not run properly. All maps using return bugs therefore need to be re-written to use the newly available hashtable natives.
The patch is currently applied on all Battle.net servers.
vJass
vJass is a set of user-made extensions to JASS. It introduces object-oriented programming features to the language, such as structs, encapsulation, and polymorphism.[2] Strictly speaking, vJass does not add anything to the JASS library but instead mostly uses JASS arrays and integers used as their indices. The extension relies on a custom-made compiler that compiles vJass code to strict JASS code. In this manner, no additional mods for either the World Editor program or Warcraft III are required, and maps made using vJass code are fully compatible with any copy of the game, even those without the compiler. The most convenient tool for this purpose is the Jass NewGen Pack (JNGP), which includes several enhancements for the Warcraft III world editor including a vJass precompiler.
Known issues
The JASS interpreter of Warcraft III up to version 1.23 doesn't check memory region boundaries. This allows execution of arbitrary bytecode through a map, meaning that practically anything, including malware (viruses, trojans, etc.), can be engineered into a map to be executed and infect a computer. Blizzard Entertainment is aware of this issue and applied a temporary workaround to games hosted on Battle.net. They are also preparing a permanent fix for LAN and single-player games.[3] This issue was addressed with the release of version 1.24.[4]
Preload exploit
It is possible to exploit the I/O capabilities of the Preload JASS native (Commonly used to preload files during initialization to prevent in-game lag) to indirectly run code on a computer having certain builds of the Windows Operating System via writing batch files to the Startup folder. This exploit is rather limited however, as it requires a path, which is impossible to retrieve since reading environment variables is impossible. Despite the limitations, it is possible to use the Preload native along with its corresponding natives such as PreloadGenEnd to write files to a players computer.
Sample code
The following function creates an empy file in redist\miles folder. After that, Warcraft III run with an error.:
function Trig_JASS_testPreloadExploit_Actions takes nothing returns nothing call PreloadGenEnd(".\\redist\\miles\\Mp3enc.asi") endfunction
References
- ↑ "CVE-2009-4768 : Unspecified vulnerability in the JASS script interpreter in Warcraft III: The Frozen Throne 1.24b and earlier allows use". Cvedetails.com. Retrieved 2016-07-02.
- ↑ "JassHelper 0.A.0.0". Wc3c.net. 2007-06-26. Retrieved 2016-07-02.
- ↑ "Battle.net Forums". Forums.battle.net. Retrieved 2016-07-02.
- ↑ "Patch 1.24 Warcraft TFT is Released! - DotA-Blog". Dota-allstars-blog.blogspot.com. Retrieved 2016-07-02.
External links
- An Introduction To JASS – A beginner's guide to the language, covering its basic features and capabilities.
- JassCraft – Editor for JASS scripts.
- wc3c JASS Tutorials – Tutorials from Wc3c.net
- JassHelper – A vJass to Jass compiler.
- vJASS - Uncomplicating the Complicated – Another beginner's guide to the language, with a different learning approach. Covers some basic vJass to start coding.
- Thehelper JASS tutorials – Tutorials from Thehelper.net
- The Jass Vault – Contains a large collection of sample scripts.
- JASS Tools – Includes a syntax checker.
- Jass New Generation Pack (JNGP) – A World Editor mod that allows vJass compilation and adds debugging capabilities among other features.
- AdicHelper - A cJass to vJass/Jass compiler.
- vrJASS - Project aiming to replace vJASS fixing issues and implementing new features.