We've been asked a lot about how it was that the Noobz team was able to resurrect the GTA exploit, for the recent v3.03 PSP downgrader. Well, you need wonder no longer...
There were 2 approaches to fix it. The complete approach (taken by Rockstar) was to fix the game itself, so that it checked the size. This is what happened on the patched UMD.
The alternative approach (taken by Sony, to block existing UMD copies) was to add some extra logic in the firmware API, that deals with loading savegame data (all games go through this bit of firmware code
to load their data, so there is no need for a change to GTA). This change to the API basically implemented the following logic:
- Does this game ID correspond to one of the versions of GTA? If not, finish and return "OK".
- Is this save slot one of the ones used by GTA (0-7)? If not, finish and return "OK".
- Is this save larger than the expected size for GTA games? If not, finish and return "OK".
- Return "Corrupted save data".
This was an attempt by Sony to limit their patch to valid GTA saves, which was a sensible thing to want to do.
The flaw is in line 2. Although GTA can only save to slots 0-7, its auto-load logic will happily load any data found in another slot (i.e. 8+ ). And since we don't actually use GTA to make the exploited
savedata, it's pretty easy to make a save that is in slot 8.
All of that means that if you make a save in slot 8, it will completely bypass the patch. The mistake they made was to make the patch too specific.
The new patch is the same as above, with line 2 removed. There's no known way to get around it.