Jeff - thank you for your thorough explanation... but I think I should have been more specific in my question.
I understand how it searches the memory to find the address of the function... that part makes sense. I also understand that by calling the write function, it should write something out to the card... this makes sense.
The part I don't understand is - how do you find the file that is written out to the card? Is it at sector 1024 (0x0080000)?
I've run it - and even with my 40k diskboot, it's clearly found an address by the signature (meaning my diskboot didn't overwrite what it was looking for) - and then it turns on the debug LED before writing... and since the write function doesn't return - the LED will stay on indefinitely. After about 20 or 30 seconds I pull the battery and the card and look at that sector and see nothing
(With a 100k+ diskboot, the scanner does not find the address)
The memory-scanning signature card method definitely does work. It finds the correct address from my dump (0xFF9182FC)
The part that isn't working, it seems, is the part that is supposed to actually write to the card... On my 32 meg card, it's incredibly easy to scan the entire thing for ASCII strings... that is time-consuming to do on my 2GB card.
Should I test it out by hard-coding the address and using a larger diskboot to get it to work?
Since I already have a dump, it's not critical for me to get another one by dumping to the SD card - but if I can get the kinks ironed out on mine with this universal dumper it might help to make it more truly "universal"