I've been messing around with this today and I think I'm on the right path but I'm not entirely sure. What I've been doing is patching 5 games and using the file comparer to compare the patched and the unpatched version. I haven't done all the different save types yet, do you know roughly how many there are (and maybe a few examples of games that use the save type)?
So far what I've figured out (and I could be way off base which is why I'm posting my findings!) is when you patch it, depending on the save type, there's a couple of clusters of exact matches in each game, although a couple of save types have the odd few bytes that are different and don't even get me started on Eeprom_v11!
I've calculated the patterns before patching to be :
Estimated Save Pattern Block for Eeprom_v111
0e 48 39 68 01 60 0e 48 (and also)
27 e0 d0 20 00 05 (and also)
(some unknown block, different between games?)
I can't quite figure this one out, but I could only find 3 games that I had with this save type. The first two blocks were the same in each game but the last block has got me stumped. It looks like it appends a bunch of data to the empty space at the end of the rom but the changed data seemed to be different between each game.
Estimated Save Pattern Block for Eeprom_v120
a2 b0 0d 1c 00 04 03 0c 03 48 00 68 80 88 83 42 05 d3 01 48 48 e0 ?? ?? ?? ?? ff 80 00 00 24 48
06 1c 00 68 01 7a (and also)
30 b5 a9 b0 0d 1c 00 04 04 0c 03 48 00 68 80 88 84 42 05 d3 01 48 59 e0 ?? ?? ?? ?? ff 80 00 00 0f
48 00 68 00 7a 40 00
The first and second blocks were the same in each rom apart from the bytes tagged as ?? ?? ?? ?? which were different between roms. I'm guessing that they're the address of the Eeprom itself and have to be carried over in the patch?
Save Pattern Block for Flash_v120 + Flash_v121
Unpatched Block 1
($90,$b5,$93,$b0,$6f,$46,$39,$1d,$08,$1c,$00,$f0,$af,$f9);
Patch with
($00,$b5,$3d,$20,$00,$02,$1f,$21,$08,$43,$02,$bc,$08,$47);
Unpatched Block 2
($80,$b5,$94,$b0,$6f,$46,$39,$1c,$08,$80,$38,$1c,$01,$88,$0f,$29,$04,$d9,$01,$48,$56,$e0,$00,
$00,$ff,$80,$00,$00,$23,$48,$23,$49,$0a,$88,$23,$4b)
Patch with
($7c,$b5,$00,$07,$00,$0c,$e0,$21,$09,$05,$09,$18,$01,$23,$1b,$03,$ff,$20,$08,$70,$01,$3b,$01,
$31,$00,$2b,$fa,$d1,$00,$20,$7c,$bc,$02,$bc,$08,$47)
Unpatched Block 3
($80,$b5,$94,$b0,$6f,$46,$79,$60,$39,$1c,$08,$80,$38,$1c,$01,$88,$0f,$29,$03,$d9,$00,$48,$73,
$e0,$ff,$80,$00,$00,$38,$1c,$01,$88,$08,$1c,$ff,$f7,$21,$fe,$39,$1c,$0c,$31)
Patch with
($7c,$b5,$90,$b0,$00,$03,$0a,$1c,$e0,$21,$09,$05,$09,$18,$01,$23,$1b,$03,$10,$78,$08,$70,$01,
$3b,$01,$32,$01,$31,$00,$2b,$f8,$d1,$00,$20,$10,$b0,$7c,$bc,$08,$bc,$08,$47)
Standard blocks between each game, no variations from what I could tell. The blocks for Flash_v120 + v121 appear to be exactly the same.
Save Pattern Block for Flash_v123 + Flash_v124
Unpatched block 1
($ff,$f7,$aa,$ff,$00,$04,$03,$0c)
Patch with
($1b,$23,$1b,$02,$32,$20,$03,$43)
Unpatched block 2
($0a,$08,$70,$b5,$90,$b0,$15,$4d)
Patch with
($0a,$08,$00,$20,$70,$47,$15,$4d)
Unpatched block 3
($00,$03,$70,$b5,$46,$46,$40,$b4)
Patch with
($00,$03,$00,$20,$70,$47,$40,$b4)
Unpatched block 4
($f0,$b5,$90,$b0,$0f,$1c,$00,$04,$04,$0c,$0f,$2c,$04,$d9,$01,$48,$40,$e0,$00,$00,$ff,
$80,$00,$00,$20,$1c,$ff,$f7,$d7,$fe,$00,$04,$05,$0c,$00,$2d,$35,$d1)
Patch with
($70,$b5,$00,$03,$0a,$1c,$e0,$21,$09,$05,$41,$18,$01,$23,$1b,$03,$10,$78,$08,$70,$01,
$3b,$01,$32,$01,$31,$00,$2b,$f8,$d1,$00,$20,$70,$bc,$02,$bc,$08,$47)
Again, it appears to be the same few blocks between each rom. The blocks for v123 + v124 seem to be exactly the same.
Save Pattern Block for Flash_v125 + Flash_v126
Unpatched block 1
($ff,$f7,$aa,$ff,$00,$04,$03,$0c)
Patch with
($1b,$23,$1b,$02,$32,$20,$03,$43);
Unpatched block 2
($00,$03,$70,$b5,$90,$b0,$15,$4d)
Patch with
($00,$03,$00,$20,$70,$47,$15,$4d)
Unpatched block 3
($00,$03,$70,$b5,$46,$46,$40,$b4)
Patch with
($00,$03,$00,$20,$70,$47,$40,$b4)
Unpatched block 4
($f0,$b5,$90,$b0,$0f,$1c,$00,$04,$04,$0c,$0f,$2c,$04,$d9,$01,$48,$40,$e0,$00,$00,$ff,
$80,$00,$00,$20,$1c,$ff,$f7,$d7,$fe,$00,$04,$05,$0c,$00,$2d,$35,$d1)
Patch with
($70,$b5,$00,$03,$0a,$1c,$e0,$21,$09,$05,$41,$18,$01,$23,$1b,$03,$10,$78,$08,$70,$01,
$3b,$01,$32,$01,$31,$00,$2b,$f8,$d1,$00,$20,$70,$bc,$02,$bc,$08,$47)
Again, it appears to be the same few blocks between each rom. The blocks for v125 + v126 seem to be exactly the same.
I haven't looked at all the patched data yet but I'm guessing that for the Flash_vxxx save types it's going to the exact same data patched each time. With the Eeprom_v120 save types I'm guessing it's going to be the same except the 4 bytes marked ?? in each block, which I'd hazard a guess have to be patched into the data somewhere, or I could be completely wrong and it's a standard patch applied to each block. Like I said I haven't really analyzed the data.
I have looked into Eeprom_v111 though, and it's got me very confused! After patching it appears that the 2 blocks in the actual rom itself are patched with generic data, but it also adds a big block of data to what appears to be empty space in the rom file. It's not always offset in the same place at the end of data either from what I can tell, and the patched data definitely wasn't generic. I'm gonna have to look into that one last I think. You don't have any ideas do you?
