400D Bootloader - DSLR Hack development - CHDK Forum
supplierdeeply
« previous next »
Pages: [1]   Go Down

400D Bootloader

  • 3 Replies
  • 4665 Views
*

Offline owerlord

  • ***
  • 115
400D Bootloader
« on: 21 / June / 2008, 11:12:44 »
Advertisements
Sekhl asked for my IDA database of bootloader, to here it is:


In the attachement :-)
Logged
*

Offline Seklth

  • **
  • 54
  • 400D
Re: 400D Bootloader
« Reply #1 on: 22 / June / 2008, 15:09:25 »
thanks, and this my version, with info from you)
and my nick - Seklth, not Sekhl  ;)
Logged
*

Offline Seklth

  • **
  • 54
  • 400D
Re: 400D Bootloader
« Reply #2 on: 29 / June / 2008, 19:26:30 »
I called from autoexec.bin functions cfata_init, file_open(name,2), file_close, cfata_end. And it creates file on cf. Now I can't find how write data to file, but if it possible - we can do project 'udumper-eos':-)
Logged
*

ASalina

Re: 400D Bootloader
« Reply #3 on: 29 / June / 2008, 20:58:41 »
Quote from: Seklth on 29 / June / 2008, 19:26:30
I called from autoexec.bin functions cfata_init, file_open(name,2), file_close, cfata_end. And it creates file on cf. Now I can't find how write data to file, but if it possible - we can do project 'udumper-eos':-)

Lots of functions read unk_26200 for a function pointer, like this:

Code: [Select]
_entry_

LDR     R5, =unk_26200
LDR     R3, [R5]
.........................
CMP     R3, #0
.........................
BEQ     _exit_
MOV     LR, PC
MOV     PC, R3

_exit_

RET

But none of them ever store a function pointer into unk_26200.
I wonder what stores data into unk_26200...
I'm trying to find out now.

Edit: I'm sorry, I slightly misread the code. The function does not exit, but 0x26200 optionally has some set-up and follow-up routine that is executed if not NULL. Still, nothing seems to set that address with a function pointer.
« Last Edit: 29 / June / 2008, 21:13:52 by ASalina »
Logged
Pages: [1]   Go Up
« previous next »
 

Related Topics