This is a DOS Doom2 enhancement contained in a single WAD file.
This code only works in Doom 2 version 1.9. That is, no The Ultimate Doom, no The Final Doom, no Anthology. The same version is distributed with SHAREWARE.
(Why are there so many different 1.9 versions?)
Compile exploit and engine.
Engine is the main thing. After compiling you get code.lmp.
Exploit generates a WAD file with multiple entries. Replace ACE_CODE with generated code.lmp in any WAD editor.
Resulting WAD file is run just like any other WAD, using command doom2 -file ace.wad.
Code is split into two distinct parts.
There are two bugs used. First is negative memory allocation in ZONE, second is out of bounds read from stack. This allows specially crafted WAD file to inject new code into already running game. TODO: explain the exploit chain
This is a source of the entire ACE Engine. Resulting binary code.lmp has to be placed into generated WAD as ACE_CODE.
NOTE: Everytime you pull new version make sure you use command make clean before building.