I'm working way outside of my abilities here, so I figure I may as well pose the question to folks who are far more equipped to handle it than me.
What I am attempting to do is to reverse engineer what seems to be some sort of run length encoding of the Gimmick NES rom that's embedded in the PSG_IKKI.EXE Sony PS1 executable on the Sunsoft Classics Vol. 6 - Memorial Series (Japan) disc.
So, this is a NES emulator for the original Playstation. I'm not interested in doing anything stupid like injecting other roms or anything like that. I'm just trying to cleanly extract the rom embedded in the executable.
I've used HxD as my personal hex editor of choice and numerous PS1 emulators to do RAM dumps of the image while it's emulating. Unfortunately, the entire rom isn't found in RAM. Most of the rom is RAM, but the last 24 bytes of the rom are not in ram... but they are in the executable and match the existing good rom dump from a Gimmick! cartridge. Therefore, I don't believe that the ram dump can be considered reliable.
Now, as far as my suspicion on RLE to compress the rom, there are numerous repetitive segments of code in the rom dump from the Gimmick! cartridge that seem to be replaced in line with other code - which I'm interpreting is the RLE that is referenced by a dictionary somewhere. I have used IDA on the PS1 executable, but it's no help to someone with my dearth of skills. The rom itself is just stuck in a code chunk and is only referenced by the disassembled PS1 code so if the dictionary exists in the disassembly, it's beyond my ability to identify it.
However, being that there is a good, existing dump of the cartridge - even if the rom in the PS1 executable is patched to some degree, I would assume that if/when the rom is finally extracted out of the executable that both it and hte cartridge dump would be very close with minimal bytes different.
Given this, are there are there any tools that would take a RLE file and it's decompressed analog to generate a dictionary? Granted, it may not be perfect on the first pass using the RLE code chunk of the rom from the PS1 executable and the cartridge dump, but it would be a start.
Such programs may not exist (or may not be "smart" enough to just run on their own), but given that it seems to be somewhat algorithmic, I figured it was worth a shot to ask.
|
Index 
Flat 
Question for a MAMEDev: Reverse Engineering RLE?
Reply
