12 comments

[ 46.5 ms ] story [ 3685 ms ] thread
Just out of curiosity, are there any risks of corrupting the cartridge?
AFAIK it writes to RAM only. also AFAIK the cartridge is ROM
The game code itself is in ROM, so there's no risk there. There is some nonvolatile storage on the cartridge used to save games, which could potentially be corrupted. The save state is so simple that I don't think there's any risk of trouble from that, besides losing (or gaining!) saved progress.
The game also stores a checksum of the nonvolatile storage, so even if you do corrupt it, it will be detected and cleared.
Actually, you could in theory craft save-data that softlocks the game when the save-data names are displayed. If the game isn't programmed to wipe bad save data you'd be in trouble.

Not saying this is the case for SMW, but there are certain cartridge games where this can happen naturally.

There are exploits used by speedrunners in Donkey Kong Country 2 that can cause corruption to the nonvolatile save state which will "brick" the cart. It can be fixed by opening the cart up and disconnecting the battery.
I hope someone eventually finds a way to perform arbitrary code execution based on SRAM.

Probably not on SMW, but Pokemon is getting broken enough that it may some day be possible. There's already inventory-based exploits that can get saved across resets, but someone still has to play the game and open up the inventory screen for that.

Really scary stuff. I hope the SNES Security team is taking this seriously and gets a patch out to customers quickly.
My 9 year old son, a SethBling fan (like me), got home from school right when I clicked on this. I had to explain why I was watching YouTube while "working." Great video for us to watch together!
Reminds me of what it takes to debug a dozen microservices talking to each other.