|
Welcome to the GSM-Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. Only registered members may post questions, contact other members or search our database of over 8 million posts. Registration is fast, simple and absolutely free so please - Click to REGISTER! If you have any problems with the registration process or your account login, please contact contact us . |
|
Register | FAQ | Donate | Forum Rules | Root any Device | ★iPhone Unlock★ | ★ Direct Codes ★ | Direct Unlock Source |
x6x and x7x Flashpatching x6x and x7x Flashpatching (and newer phones). |
| LinkBack | Thread Tools | Display Modes |
04-28-2005, 22:18 | #16 (permalink) |
Insane Poster Join Date: May 2002 Age: 39
Posts: 76
Member: 12407 Status: Offline Thanks Meter: 0 | - AT Command: --------------------------------------------------------------------- 0A and stange: when i change filename to: 4:\\%08X.bin\0 (4 is for mmc i think), AT returns the string i composed with sprintf, when i didnt use any sendanswer function at the end of the routine... edit: byte the way: you discovered GetSelectedProfile, did you also find some function to change profile? with that we could f.ex. change profile depending which CI:LAC the phone logs in... |
04-29-2005, 09:11 | #17 (permalink) |
No Life Poster Join Date: Sep 2002 Location: EEPROM damaged Age: 44
Posts: 578
Member: 15315 Status: Offline Thanks Meter: 1 | what when you call the SendCommString routine by AT+CGSN:c???????? A00063D8 does this works? GetProfile Code: typedef unsigned int (*g_GetProfile)(); g_GetProfile GetProfile = (g_GetProfile)(0xA08C88F4 + 1); // S65 FW47 // Pattern: 10B5????????????0478????????201C10BDF8B5 Code: typedef void (*g_SetProfile)(unsigned int iProfileNumber); g_SetProfile SetProfile = (g_SetProfile)(0xA08C87C2 + 1); // S65 FW47 // Pattern: 10B5041C????????082C0CD2 |
04-29-2005, 13:18 | #19 (permalink) |
No Life Poster Join Date: Sep 2002 Location: EEPROM damaged Age: 44
Posts: 578
Member: 15315 Status: Offline Thanks Meter: 1 | yes, it's possible that SendCommChar don't send only one char. It's not the low level routine for sending an char to COM Port (not found this yet), it's the high level routine used by AT Commands for example. |
04-29-2005, 17:40 | #20 (permalink) |
Insane Poster Join Date: May 2002 Age: 39
Posts: 76
Member: 12407 Status: Offline Thanks Meter: 0 | miniGPS v0.1 with the help of acid i made some minigps patch. it reads files from 0:\Misc\gps\*.txt (create gps folder first!). it saves unknown CI/LAC as "CI-LAC.txt", the content of the file will be displayed as providername. by the way: does anyone know a good j2me text editor for editiong the files? i post only the source here. if anyone of you got any ideas/additions to the code, i'll be glad. i also want to change profile when phone logs into another cell, then the file format will be: "name%profilenumber". i didn't implement this yet... edit: patch crashes phone sometimes, with well known Data_Abort! at Address 0xA128D51C... Last edited by arsh0r; 04-30-2005 at 09:26. Reason: i want to |
04-30-2005, 10:20 | #21 (permalink) |
No Life Poster Join Date: Sep 2002 Location: EEPROM damaged Age: 44
Posts: 578
Member: 15315 Status: Offline Thanks Meter: 1 | ok, maybe try this: OpenReadCloseFile Code: typedef int (*g_OpenReadCloseFile)(char *cFilename, char **cFileData); g_OpenReadCloseFile OpenReadCloseFile = (g_OpenReadCloseFile)(0xA0BDAB06 + 1); // S65 FW47 // Pattern: FEB5071C0C1C002500AB1D file content and closes the file. If it returns -1 there was an error, else it returns readed size. But you need to free the buffer after use if it don't returns -1. If it returns -1 the buffer is already free'd. malloc_high Code: typedef char* (*g_malloc_high)(int iSize); g_malloc_high malloc_high = (g_malloc_high)(0xA0BDE680 + 1); // S65 FW47 // Pattern: 10B5002800D110BD????????04 Code: typedef void (*g_mfree_high)(char *cArray); g_mfree_high mfree_high = (g_mfree_high)(0xA0BC6274 + 1); // S65 FW47 // Pattern: 80B5002801D0????????80BD10EB Last edited by Acidmrp; 04-30-2005 at 11:55. |
04-30-2005, 10:46 | #22 (permalink) |
No Life Poster Join Date: Sep 2002 Location: EEPROM damaged Age: 44
Posts: 578
Member: 15315 Status: Offline Thanks Meter: 1 | ah and one more thing, if malloc_high an mfree_high don't work, try this ones: maybe they are better: malloc Code: typedef char* (*g_malloc)(unsigned int iSize); g_malloc malloc = (g_malloc)(0xA0820F98); // S65 FW47 Patter: 0010A0E10200A0E3????????70402DE9 Code: typedef void (*g_mfree)(char *cArray); g_mfree mfree = (g_mfree)(0xA0821000); // S65 FW47 Pattern: 000050E3????????1EFF2FE104E02DE53CD04DE2 Last edited by Acidmrp; 04-30-2005 at 20:48. |
04-30-2005, 16:49 | #23 (permalink) |
Insane Poster Join Date: May 2002 Age: 39
Posts: 76
Member: 12407 Status: Offline Thanks Meter: 0 | thx, seems to work, i'll test it this evening and see if its stable.... edit: it didn't crash... i used mfree_high to free the buffer. big thx for your help... Last edited by arsh0r; 05-01-2005 at 09:38. |
05-04-2005, 22:53 | #26 (permalink) |
No Life Poster Join Date: Sep 2002 Location: EEPROM damaged Age: 44
Posts: 578
Member: 15315 Status: Offline Thanks Meter: 1 | I've done some changes in minigps patch. v0.3: modified by ACiD[mrp] - added "change profile" - changed file format into tmo. This format is directly editable on the phone. Use this String: [profile number] [space] [text to be displayed] profile number is between 1 and 8. If the profile should be not changed use 0 as profile number. Example: "0 home" will display "home" on screen and not change the profile "1 work" will display "work" on screen and change profile to normal environment. - now saving default text to files I've used malloc and mfree. They work perfect. |
05-08-2005, 18:47 | #27 (permalink) |
No Life Poster Join Date: Sep 2002 Location: EEPROM damaged Age: 44
Posts: 578
Member: 15315 Status: Offline Thanks Meter: 1 | I continue the list of functions here: http://www.gsm-multifund.de/board/sh...0510#post50510 because I get always an "The server is too busy at the moment. Please try again later." error message here. |
05-25-2005, 15:39 | #28 (permalink) | |
Freak Poster Join Date: Jan 2004 Location: Kiev, Ukraine Age: 53
Posts: 291
Member: 48709 Status: Offline Thanks Meter: 0 | Quote:
It can be easy converted to idc-file for exporting to IDA. Use Smelter - StandardFunctions - List - Save_as_IDC | |
06-01-2005, 23:43 | #29 (permalink) |
Junior Member Join Date: Aug 2004 Location: Italy
Posts: 13
Member: 78902 Status: Offline Thanks Meter: 0 | Hi, miniGPS is really nice, but the current version 0.8 sometimes crashes. Here below some questions after a rough look in the code in order to understand the reason of my crashes. 1. I think that it would be better to avoid any additional file operation when one (e.g., fwrite, lseek) returns errors (this apart from fclose). This consideration might not be really appropriate... just because I noticed that the phone crashes when the filesystem becomes close to full. Maybe this could be the solution... 3. I think that decodeTMOfile should be made more robust; if size is not correct, the phone might crash. The function should first control the xor at the end of the buffer, then copy it; if not correct, it should return an error. The function should also avoid to exceed "dest" lenght (e.g., with appropriate check against additional dest_length parameter). (I noticed that version 0.9 simply deletes decodeTMOfile. Does this simply fix all related issues?) 4. Is there a limit to the charset and size of tmo files? (e.g., in the number of characters of the operatorname) If there is, it should be checked. 5. I would add "sprintf(out, "MiniGPS Error\0");" just after "out = malloc(64);" at the beginning of te file; this is because I think that there might be a case where "out" is not correctly valued; e.g., when "size = OpenReadCloseFile(filename, &filebuffer);" fails and iCID == 0 and isNewNet(iCID) fails. Maybe this is the reason of possible crashes just after new cell selection.... 6. Maybe "new cell selected" would be better than "new network found" |
06-02-2005, 10:13 | #30 (permalink) |
Insane Poster Join Date: May 2002 Age: 39
Posts: 76
Member: 12407 Status: Offline Thanks Meter: 0 | @amacri: 1.i heard that phone sometimes crashes from many people, it didn't crash for me on v43, didn't test it on v50. yes we must avoid file routines as much as possible, we could use ram to save some temporary values, f.ex. last cell/ last provider string. 3. the data in a tmo is in unicode, but the decodetmo routine copied the data to a char and this killed unicode support. we don't know the lenght of the provider string for sure, simply noone should create a tmo file that is bigger than one line of text. checking the xor will just cost more processor power, don't know if this is really needed. 4.we could simply define a maximum of about 32 characters 5. the file routines sometimes cause a data_abort!, don't know yet how to avoid it. 6. we also could use langpack for those strings... Last edited by arsh0r; 06-02-2005 at 10:26. |
Bookmarks |
| |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
BB5 - Technical Discussion | adihack | Nokia Base Band 5 ( BB-5 ) | 220 | 10-14-2011 05:31 |
Iphone 3G Technical Discussion and SP Unlocking theory | GraveSlayer | iPhone 2 / iPhone 3G / iPhone 3GS | 8 | 11-15-2008 06:04 |
Technical discussion sharp705sh | celluniversal | Sharp | 0 | 05-17-2007 17:26 |
Technical discussion BB5 unlocking | twisterfan | Nokia Base Band 5 ( BB-5 ) | 0 | 05-16-2007 19:36 |
Patching: Technical Discussion ... | rizapn | x4x, x5x Flashpatching | 282 | 10-03-2006 19:23 |
|