Jump to content
  1. Welcome!

    1. Welcome to GTAForums!

  2. News

    1. GTANet.com

  3. Multiplayer

    1. GTA Online

      1. Los Santos Drug Wars
      2. Updates
      3. Find Lobbies & Players
      4. Guides & Strategies
      5. Vehicles
      6. Content Creator
      7. Help & Support

    2. Red Dead Online

      1. Blood Money
      2. Frontier Pursuits
      3. Find Lobbies & Outlaws
      4. Help & Support

    3. Crews

  4. Grand Theft Auto

    1. Grand Theft Auto Series

      1. Bugs*
      2. St. Andrews Cathedral

    2. GTA VI

    3. GTA V

      1. Guides & Strategies
      2. Help & Support

    4. GTA IV

      1. The Lost and Damned
      2. The Ballad of Gay Tony
      3. Guides & Strategies
      4. Help & Support

    5. GTA San Andreas

      1. Classic GTA SA
      2. Guides & Strategies
      3. Help & Support

    6. GTA Vice City

      1. Classic GTA VC
      2. Guides & Strategies
      3. Help & Support

    7. GTA III

      1. Classic GTA III
      2. Guides & Strategies
      3. Help & Support

    8. Portable Games

      1. GTA Chinatown Wars
      2. GTA Vice City Stories
      3. GTA Liberty City Stories

    9. Top-Down Games

      1. GTA Advance
      2. GTA 2
      3. GTA
  5. Red Dead

    1. Red Dead Redemption 2

      1. PC
      2. Help & Support

    2. Red Dead Redemption

  6. Modding

    1. GTA Mods

      1. GTA V
      2. GTA IV
      3. GTA III, VC & SA
      4. Tutorials

    2. Red Dead Mods

      1. Documentation

    3. Mod Showroom

      1. Scripts & Plugins
      2. Maps
      3. Total Conversions
      4. Vehicles
      5. Textures
      6. Characters
      7. Tools
      8. Other
      9. Workshop

    4. Featured Mods

      1. Design Your Own Mission
      2. OpenIV
      3. GTA: Underground
      4. GTA: Liberty City
      5. GTA: State of Liberty
  7. Rockstar

    1. Rockstar Games

    2. Rockstar Collectors

  8. Community

    1. Off-Topic

      1. General Chat
      2. Gaming
      3. Technology
      4. Movies & TV
      5. Music
      6. Sports
      7. Vehicles

    2. Expression

      1. Graphics / Visual Arts
      2. GFX Requests & Tutorials
      3. Writers' Discussion
      4. Debates & Discussion
  9. GTANet

    1. Announcements

    2. Support

    3. Suggestions

Official Modification Forum Rules
GTAMods Wiki

GTASA savefile format

man2104

By man2104
in GTA III, VC & SA

 Share

Recommended Posts

man2104

man2104

Posted
Posted (edited)

This is the format of GTASA savefile so far I've discovered.

Hope someone will join and share the info. with us.

 

===============================================     GTA San Andreas Save File format v0.2===============================================written by 1. Technetium([email protected])----------------Introduction----------------This document is aimed to completely describe the format of savefiles for GTASA. It is still working in progress. Editing or adding info. into this document are welcome.----------------Marco strcuture----------------Savefiles consist of 32 blocks which are storing different kind of data. Sequency of the block determines what kind of data it stores.At the end of the file, there is a dword storing the checksum, which is calcuated by Checksum-32 algorithm, which sum up all the bytes in the file.Below is the sequency of blocks:1: Header with global script indepentent variable2: SCM global variable3: CPedPool4: Parked car in garages5: Unknown6: Unknown7: Pickup8: Unknown9: Unknown10: Unknown11: Unknown(zone?)12: Unknown13: Car generator14..32:Unknown17: Player_Status----------------Micro strcuture----------------***************************Block 4 : Car in garages***************************char	Header_perfex[5];// "BLOCK"dword	Garages_count;char	Unknown[31];dword	Unknown;ParkedCar	Pool[];the structure of ParkedCar:Since it is dumped from memory, its strucutre is completely identical to data in memory.Its strcture:(credits: saracoglu, Quoted from http://www.gtaforums.com/index.php?showtopic=194199&st=60)Offsets:+ 0 X Coord (Float)+ 4 Y Coord (Float)+ 8 Z Coord (Float)+14 BPDPEPFP (Word) coding+16 Car ID (Word)+47 Body Color ordinal (Byte)+48 Stripe Color ordinal (Byte)+60 Car Angle (Float)***************************Block 7 : Pickup***************************char	Header_perfex[5];// "BLOCK"char	Unknown[16];Pickup	Pool[];the structure of Pickup:struct Pickup{word	x, y, z;    	// Coordination of pickup. To convert the coord. into GTA high percision unit, multiply 8 to the coord.	word	Unknown;char	Pickup_Type1;	// 0x66 = adrenaline, 0x6e = health, etcchar	Pickup_Type2;	// 0x01 = health dependent pickup, 0x04 = weapons pickupchar	Unknown;	// It always equal to 0x02char	Unknown;word	Pickup_Flag;	// 0x15 = free pickupdword	Unknown;dword	Unknown;word	Unknown;dword	Ammo_count;dword	Unknown;};***************************Block 13 : Car generator***************************char[5]	Header_perfex;	// "BLOCK"dword	Generator_count;CarGen	Pool[];the structure of CarGen:struct CarGen{word	Unknown;word	Unknown;word	Car_ID;  // pls refer to vehicles.idechar	Unknown;	// always -1. wheelmodelId? Please refer to mission coding reference.char	Unknown;	// always -1. wheel scale?  Please refer to mission coding reference.word	x, y, z;    	// Coordination of pickup. To convert the coord. into GTA high percision unit, multiply 8 to the coord.	word	rotate_Z;char	Unknown;	// Alarm?char	Unknown;	// Door_lock?word	Unknown;char	Unknown;dword	Unknown;	// always 10000. Please refer to mission coding reference.dword	Unknown;dword	Unknown;word	Unknown;};***************************Block 17 : Player_Status***************************char[5]	Header_perfex;	// "BLOCK"float	Status_array[486];// for index id, please refer to statdisp.dat. P.S. some of the data are stored as long(e.g. repect).

 

Edited by man2104
Link to comment
Share on other sites
charlieC

charlieC

Posted
Posted

Good work!

 

Always nice to see more parts of GTASA reverse engineered.

 

You say that the save file consists of 32 blocks, but you only listed 17.

Are the others just empty, or haven't you looked at them yet?

Link to comment
Share on other sites
Skiller

Skiller

Posted
Posted

well dont exactly know how u have this set up ..

but i know one of the blocks is Map info ..

u can find the lable

 

THEMAP

u will jump into the section ..

 

0001c924 (THE Map Lable)

 

0001809c (Block Address)

 

Starting Offset i use was 00000000

 

0001ca04 all the 01 in this section add stuff to the map .. 01 them all an u will have a full map (view unlocked)

 

Sorry dont know much on Game saves its just something i Got into For a project on the PS2 thought i would try and Share my info smile.gif

 

one thing .. maybe throw some addresses on them Block numbers ..

then again .. im new to save stuff .. so it might just be something i find alot easyer lol smile.gif

 

and very nice .. work .. hope to see some updates . all throw what ever i can at ya ..

the above addresses are from using the PC saves.

Link to comment
Share on other sites
charlieC

charlieC

Posted
Posted

I've done some crunching with block 1.

 

Here's what I've managed to find, it's not much. But at least it's a step in the right direction.

 

 

struct SYSTEMTIME{word year;word month;word dayOfWeek;word day;word hour;word minute;word second;word milliseconds;};struct POSITION{float x;float y;float z;};struct generalBlock{dword versionChecksum; // Checksum from string "Apr 28 200510:28:55" (probably the build time generated by the compiler (preprocessor macro)char lastMissionName[100];dword unknown1; // 0x00B72910dword unknown2; // 0x00B7290CPOSITION position; // 0x00B6F9CCdword numMsPerSec; // 0x00B7015Cdword weather_timer; // 0x00B70158byte unknown3; // 0x00B70155byte unknown4; // 0x00B70154byte currentHour; // 0x00B70153byte currentMinute; // 0x00B70154byte unknown5; // 0x00B7014Ebyte unknown6; // 0x00B7014Dbyte unknown7; // 0x00B7014Cbyte unknown8; // 0x00B7014Bbyte unknown9; // 0x00B7014Abyte unknown10; // 0x00B70144word unknown11; // Dynamic addressdword unknown12; // 0x0096918C Boolean?dword globalTimer; // 0x00B7CB84float unknown13; // 0x00B7CB64float unknown14; // 0x00B7CB5Cfloat unknown15; // 0x00B7CB58dword unknown16; // 0x00B7CB4Cword unknown17; // 0x00C81320word unknown18; // 0x00C8131Cword unknown19; // 0x00C81318char placeholder1[2]; // Unknown, probably a word/2 bytesdword unknown20; // 0x00C8130Cdword unknown21; // 0x00C81310float unknown22; // 0x00C81324dword unknown23; // 0x00B6F0DCdword unknown24; // 0x00B6F0F0dword unknown25; // 0x00B72914 - Look like boolean, but isn't? Maybe not a dword?dword unknown26; // 0x00B73402 - Boolean?dword unknown27; // 0x00B79E44dword unknown28; // 0x00B7C484 - Boolean?float unknown29; // 0x00B79E3Cdword unknown30; // 0x00B79E40dword unknown31; // 0x00C228A0dword unknown32; // 0x00B72958 and 0x00B72959 - Very strange dword - a bit field?dword maxWantedLevel; // 0x008CDEE4dword policeAggression; // 0x008CDEE8byte unknown33; // 0x00B9B7EEbyte unknown34; // 0x00B9B7EDbyte unknown35; // 0x00B9B7ECchar placeholder4[45];word unknown36; // 0x008CC381SYSTEMTIME timestamp; // When file was created - Dynamic address of course :)char placeholder5[2]; // Unknown, probably a word/2 bytesdword unknown37; // 0x00BA6774byte unknown38; // 0x00C0BC15byte unknown39; // 0x0096918B Booleanbyte unknown40; // 0x0096918A Boolean};

 

 

The addresses to the left of the slashes is where the variable is stored in memory when GTASA is running.

I think the checksum thing at top is used for version checking (so you can't load a save game from a different version of the game)

I'm pretty sure about the lastMissionName array size, everything bit of the puzzle tells me it's 100 bytes big (0x64).

The datatypes are almost 100% correct, could be some error here or there though.

 

Also, the "BLOCK" characters aren't part of this structure. I don't think it's part of any structure that GTASA saves.

 

I haven't cross-checked all the memory addresses I found with the mem address thread found here on the board or with Draco's wiki.

Maybe someone can help me out here? smile.gif Too tired for that right now, gotta get some sleep.

Link to comment
Share on other sites
Un3462

Un3462

Posted
Posted

i posted this elsewhere, but to prevent duplication of effort:

 

The SA savegame consists of 28 'blocks'. Each block consists of the word 'BLOCK' itself, and a certain amount of binary data. After all of the blocks comes an amount of slack and a checksum. The checksum is simply a dword and the sum of all of the preceding bytes. The slack is there to make the total filesize (including checksum) 31800h bytes. Because SA uses a buffer of C800h bytes for writing the savegame, the slack will simply be a repetition of what came C800h bytes before it. You can use this to write savegames identically to how SA does, making edits virtually undetectable to anyone.The binary data in the blocks is loaded and saved by a set of functions conveniently listed in two jumptables:_text:005D1B00 SavegameBlockReaders_text:005D1734 SavegameBlockWritersDocumentation on the binary data for each block (offsets all hexadecimal):>>> BLOCK 0 - Miscoffset  type            description   0    dword           EXE ID (~crc32 of a string describing (I think) when the EXE was compiled)   4    char[24]        title  68    byte            current missionpack  70    float[3]        camera coords  7c    dword           length of in-game minute  80    dword           weather timer  86    byte            in-game hour  87    byte            in-game minute  94    dword           global timer  98    float           game speed  bc    dword           current camera view 11e    word[8]         SYSTEMTIME struct (year, month, weekday, day, hour, minute, second, ms) 138                    end>>> BLOCK 1 - Script---- global vars:   0    dword           size of global var space   4                    global var space---- misc info from various opcodes and such:   0                    unknown 902                    end---- threads:   0    dword           number of threads   4                    threads Thread structure:   0    word            index/handle   2                    end---- memory dump:   0    dword           next pointer   4    dword           prev pointer   8    char[8]         name  10    dword           absolute base address  14    dword           absolute ip  18    dword[8]        return stack  38    word            stack pointer  3c    dword[32]       local vars  bc    dword[2]        local timers  c4    byte  c5    byte            if result  c6    byte  c7    byte            is extern  c8    byte  c9    byte  cc    dword           wakeup time  d0    word            if parameter  d2    byte            not flag  d3    byte            wb check flag  d4    byte  d8    dword           new script ip (0 if absolute ip has been calculated from this)  dc    byte            is mission  e0                    end---- the absolute addresses depend on memory layout, so the savegame also contains relative addresses:   0    dword           relative ip   4    dword[8]        relative return stack  24                    end >>> BLOCK 2 - Objects   0                    unknown bytes 228                    end---- objects   0    dword           object count   4                    objects  Object structure:   4    dword           model   c    float[3]        coords  3c                    end>>> BLOCK 3 - Garages   0    dword           garage count  27    GrgCar[20][4]   car entries1427                    garagesGrgCar structure:   0    float[3]        coords  12    word            model   40                    endGarage structure:   0    byte            type   4    float[3]        coords  10    float[4]        rotation  20    float[3]        top z, width, depth  2c    float[4]  3c    float[2]  44    char[8]         name  4c    word            original type ?  50                    end  >>> BLOCK 4    0    dword           count   b                    entries (16-byte structures)   >>> BLOCK 5 - Disabled pathnode cubes    0    dword           count   4                    entries   Entry structure:   0    float[6]        x1,x2,y1,y2,z1,z2  18    byte[4]         bools that somehow indicate which pathtypes are enabled  1c                    end>>> BLOCK 6 - Pickups   0    Pickup[620]     pickups4d80    word4d82    byte4d83    dword[20]4dd3                    endPickup structure:   8    dword           ammo  10    word[3]         x,y,z, all multiplied by 8  18    word            model  1c    byte            type  20                    end>>> BLOCK 7 - Empty>>> BLOCK 8 - Restart positions---- wasted:   0    word            count   2                    restart structures---- busted:   0    word            count   2                    restart structures---- unknown things:   0                    some bytes, floats, and dwords  37                    end  Restart structure:   0    float[3]        coords   c    float           heading  10    dword           island  14                    end>>> BLOCK 9 - Radar blips   0    Blip[175]       blipsBlip structure:   8    float[3]        coords  28                    end>>> BLOCK 10 - Zones   4    word            count for first array   6    word            count for second array   8    word            count for third array   a                    end---- the three arrays:See structure descriptions below.First = info.zon, third = map.zon.---- unknown:  68                    endFirst and third array structure:   0    char[8]         zone name   8    char[8]         zone group name  10    word[6]         x1,y1,z1,x2,y2,z2 (rounded to ints)  1c    word            id  1e    byte            type  1f    byte            island  20                    end  Second array structure:  11                    end>>> BLOCK 11   0    dword[4][10]  a0                    end>>> BLOCK 12 - Car generators   0    dword           count   6                    car generators---- numberplates:   0    dword           num entries used   4    Numplate[15]    number plates  f4                    endCar generator structure:   0    word            handle (0..499)   2    word            model   4    byte[2]         colors   6    word[3]         x,y,z, all multiplied by 8   c    byte            heading/360*256    d    byte            alarm chance   e    byte            locked chance   f    byte            flags: bit 1 = belongs to player  12    word            monetary value  16    dword           timer  1c    word            cars to generate  22                    end   Numplate structure:   0    dword           car generator handle   4    char[8]         numberplate string  10                    end>>> BLOCK 13 - Empty>>> BLOCK 14 - Empty>>> BLOCK 15   0    dword           size of block (always 28h)   4                    some dwords, floats and bytes from the player structure  2c                    end  >>> BLOCK 16 - Stats   0    float[82]       float stats (numbered 0..81 in scm) 148    dword[223]      int stats (numbered 120..342 in scm) 4c4    dword[32] 544    char[8]         last mission passed (gxt key) 54c    byte[56] 584    dword[100] 714    byte[128] 794                    end >>> BLOCK 17   0    dword           entries used   4    byte[32][210]   entries1a44                    end>>> BLOCK 1866cc                    end>>> BLOCK 19 280                    end >>> BLOCK 20   0    dword           size   4                    bytes  >>> BLOCK 21   0    dword   4    byte[255] 103                    end>>> BLOCK 22   0    dword           count   4                    entries (8 bytes each)----   0    dword           size   4                    bytes   >>> BLOCK 23   0    dword           size of block (always 58h)  5c                    end>>> BLOCK 24   0    dword           count   4                    entries (68 bytes each)>>> BLOCK 25   0    dword           count   4                    array of words----Followed by a weird array:1. Read a word.2. If it is -1, you've reached the end of this block.3. Otherwise, it's an index. Read two more words for this entry and go back to 1.>>> BLOCK 26   0    Structure[14] ee0    byte[28] efc                    endStructure:   0    byte[20]  14    dword[8]  34    dword[40]  d4    dword[15] 110                    end>>> BLOCK 27   0    byte[28][5]     structures from opcode 0a40  8c                    end

 

Link to comment
Share on other sites
Skiller

Skiller

Posted
Posted

Well here is a Semi Done Break down of the Stats section this section gets Double input bluck17 and Block34 Are exactly the same

i counted Every 1 Block as a Block if u want to fallow this order .

the addresses are just used for Refrince .. they probably will not be the same in yours

but the order inwitch the section goes will be ..

the Ps2 and PC game saves are exactly the same the A0080 are Ps2 addresses .. that i have not found out what that did ..

(the section should be the exact same on PC so here u are smile.gif

more to come .. i have almost the full section done..

(Note i started from a Block 1 start

 

 

ROM:0001E412 aBlock17:      ROM:0001E417 aRankstat:     ROM:0001E41B a00802164:     ROM:0001E41F a00802168:      ROM:0001E423 a0080216c:      ROM:0001E427 a00802170:     ROM:0001E42B a00802174:     ROM:0001E42F a00802178:     ROM:0001E433 a0080217C:     ROM:0001E437 a00802180:      ROM:0001E43B a00802184:      ROM:0001E43F a00802188:      ROM:0001E443 a0080218c:      ROM:0001E447 a00802190:      ROM:0001E44B a00802194:      ROM:0001E44F aFashion_Budget:ROM:0001E453 aProperty_BudgetROM:0001E457 aAuto_RepairPainting_BugetROM:0001E45B a008021a4:      ROM:0001E45F a008021a8:      ROM:0001E463 a008021ac:      ROM:0001E467 a008021b0:     ROM:0001E46B aPlayer_Fat:   ROM:0001E46F aPlayer_Stamina:ROM:0001E473 aPlayer_Muscle: ROM:0001E477 aPlayer_Health:ROM:0001E47B aPlayer_Sex_AppealROM:0001E47F a008021c8:      ROM:0001E483 aDistance_Traveled_By_bicycleROM:0001E487 aDistance_Traveled_on_TreadmillROM:0001E48B a008021d4:      "ROM:0001E48F aTattoo_Budget: ROM:0001E493 aHairdressing_BudgetROM:0001E497 a008021e0:     ROM:0001E49B aProstitute_BudgetROM:0001E49F a008021e8:      ROM:0001E4A3 aMoney_Spent_gamblingROM:0001E4A7 aMoney_Made_From_PimpinROM:0001E4AB aMoney_Money_Won_gamblingROM:0001E4AF aBiggest_gambling_winROM:0001E4B3 aGambling_Loss: ROM:0001E4B7 aBurglary_Swag:ROM:0001E4BB aMoney_Made_form_burglaryROM:0001E4BF a00802208:     ROM:0001E4C3 a0080220c:      ROM:0001E4C7 aLongest_Treadmill_TimeROM:0001E4CB aLongest_exercise_bike_timeROM:0001E4CF aHeaviest_weight_on_benchROM:0001E4D3 aHeaviest_weight_on_dumbbellsROM:0001E4D7 aBest_time_in_8_TrackROM:0001E4DB aBMX_best_time: ROM:0001E4DF a00802228:      ROM:0001E4E3 aLongest_Chase_Time_with_5_StarsROM:0001E4E7 aLast_Chase_Time_With_5_Stars"ROM:0001E4EB aWage_Bill:     ROM:0001E4EF aStrip_Club_BudgetROM:0001E4F3 aCar_mod_Budget"ROM:0001E4F7                ROM:0001E4FB                 ROM:0001E4FF                 ROM:0001E503                 ROM:0001E507                 ROM:0001E50B                 ROM:0001E50F aTotal_Shopping_BudgetROM:0001E513                ROM:0001E517 aTotal_Respect: .ROM:0001E51B a00802264:      ROM:0001E51F a00802268:     ROM:0001E523 a0080226C             ROM:0001E527 a00802270:     ROM:0001E52B aPistol:       ROM:0001E52F aSillenced_PistolROM:0001E533 aDesert_Eagle: ROM:0001E537 aShotgun:      ROM:0001E53B aSawn_Off:     ROM:0001E53F aCombat_ShotgunROM:0001E543 aMachine_PistolROM:0001E547 aSMG:          ROM:0001E54B aAK47:         ROM:0001E54F aM4:            ROM:0001E553 aRifle:         ROM:0001E557 a008022a0:      ROM:0001E55B aGambling:      ROM:0001E55F aPeople_Wasted_By_OthersROM:0001E563 aPeople_Youve_WastedROM:0001E567 aRoad_Vehicles_DestroyedROM:0001E56B aCrime_Boats_DestroyedROM:0001E56F aPlanes_Helicopters_DestroyedROM:0001E573 aCost_of_Property_DamagedROM:0001E577 aBullets_FiredROM:0001E57B aKGs_of_Explosives_UsedROM:0001E57F aBullets_That_HItROM:0001E583 aTires_Popped_With_GunfireROM:0001E587 aNumber_of_HeadshotsROM:0001E58B aNumbe_of_Wanted_Stars_AttainedROM:0001E58F aNumbe_of_Wanted_Stars_EvadedROM:0001E593 aDays_PassedROM:0001E597 aNumber_Of_Hospital_VisitsROM:0001E59B aSafeHouse_VisitsROM:0001E59F aTimes_CheatedROM:0001E5A3 aVehicle_RespraysROM:0001E5A7 aMaximum_Insane_Jump_DistanceROM:0001E5AB aMaximum_Insane_Jump_HeightROM:0001E5AF aMaximum_Insane_Jump_FlipsROM:0001E5B3 aMaximum_Insane_Jump_RotationROM:0001E5B7 aTimes_Busted               ROM:0001E5BB a0080230cROM:0001E5BF aUnique_Jumps_FoundROM:0001E5C3 aUnique_Jumps_DoneROM:0001E5C7 aMission_AttemptsROM:0001E5CB aMissions_PassedROM:0001E5CF a00802320:ROM:0001E5D3 aCash_Made_in_A_TaxiROM:0001E5D7 aTaxi_Max_FaresROM:0001E5DB aCriminals_Killed_On_Vigilante_missionsROM:0001E5DF aPeople_Saved_In_An_AmbulanceROM:0001E5E3 aTotal_Fires_ExtinguishedROM:0001E5E7 aPackages_DeliverdROM:0001E5EB aAssassinationsROM:0001E5EF aLast_Dance_Score

 

Link to comment
Share on other sites
  • 6 months later...
jarjar

jarjar

Posted
Posted

Wow, i didn't know this even existed this topic. I have been working on a Save File Editor for SA for a while now, just decoding some of the save format when ever i get a chanch. And this will help me alot with the creation of it. Some of this stuff is quite amazing. I have only found abit of stuff, like the type of hair cut you have, the last missions, your percentage though the game, etc. But this would help alot. Is it okay if i use some of these for the editor? I will ofcourse give you the credit for your work.

 

Thanks in advanced...!

 

P.S. Great work, amazing what some people can do. Brilliant work guys.

Link to comment
Share on other sites
  • 11 months later...
zetski210

zetski210

Posted
Posted

Sorry to bump this nearly 12 month old thread, but I was hoping there have been some developments in deciphering the save game format?!?

 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • 1 User Currently Viewing
    0 members, 0 Anonymous, 1 Guest

×
×
  • Create New...

Important Information

By using GTAForums.com, you agree to our Terms of Use and Privacy Policy.

  I accept