I found it when iq_132 post the file ported from MAME, but I'm not sure.
(
http://neo-source.com/index.php?topic=590.0)
I noticed that it exists in FBA Alpha 0.2.96.65 too.
static void cps2_decrypt(const UINT32 *master_key, unsigned int upper_limit)
{
......
#if 1
UINT16 *rom = (UINT16 *)CpsRom;
unsigned int length = upper_limit;
CpsCode = (UINT8*)malloc(length); <== allocated but not free
UINT16 *dec = (UINT16*)CpsCode;
unsigned int i;
#endif
......
Here I made a simple fix.
For CPS2 is fully decrypted now, we don't need the loading xor code.
In cps.cpp, find these in CpsGetROMs()
unsigned char* CpsCodeLoad = CpsCode;
.....
if (!CpsCodeLoad || !CpsRomLoad || !CpsGfxLoad || !CpsZRomLoad || !CpsQSamLoad) {
return 1;
}
....
// XOR tables
if ((ri.nType & 7) == 2) {
if (bLoad) {
BurnLoadRom(CpsCodeLoad, i, 1);
CpsCodeLoad += ri.nLen;
} else {
nCpsCodeLen += ri.nLen;
}
continue;
}
comment them or delete CpsCodeLoad.
in CpsInit(), add this at first:
unsigned char* CpsCodeIn = NULL;
then find:
CpsCode = CpsRom + nCpsRomLen;
if (Cps1Qs == 1) {
CpsEncZRom = CpsCode + nCpsCodeLen;
CpsZRom = CpsEncZRom + nCpsZRomLen * 2;
} else {
CpsZRom = CpsCode + nCpsCodeLen;
}
replace it with:
CpsCodeIn = CpsRom + nCpsRomLen;
if (Cps1Qs == 1) {
CpsEncZRom = CpsCodeIn + nCpsCodeLen;
CpsZRom = CpsEncZRom + nCpsZRomLen * 2;
} else {
CpsZRom = CpsCodeIn + nCpsCodeLen;
}
in CpsExit(), add
free(CpsCode);
before nCpsCodeLen = nCpsRomLen = nCpsGfxLen = nCpsZRomLen = nCpsQSamLen = nCpsAdLen = 0;
If you want to keep the loading xor code, maybe you should define a new pointer used to point the new allocated memory
in cps2_decrypt() and don't forget to free it in CpsExit().