Quick hack that lets getting camera memory from places that are not PTP friendly (I wanted to get a copy of the 0xbfe10000 TCM content). It uses buffered read. Still not suitable for reading MMIO because it uses memcpy.
It's available via the d (download) chdkptp command, using a special filename:
d -nolua MEM<start addr>,<length> [memdump.bin]
where <start addr> is the starting address in decimal or hex, <length> is the dump length in bytes.
Index: core/ptp.c
===================================================================
--- core/ptp.c (revision 4794)
+++ core/ptp.c (working copy)
@@ -495,6 +495,60 @@
free(temp_data.str);
temp_data_kind = 0;
+ // hack, parse filename for special operation (gets camera memory range)
+ // format: MEM<start addr>,<length>
+
+ char *comma = 0;
+ // check for special file name (starts with MEM)
+ if (strstr(fn, "A/MEM"))
+ {
+ comma = memchr(fn+5, ',', temp_data_extra-5);
+ }
+ if (comma)
+ {
+ *comma = 0;
+ unsigned long start = strtoul(fn+5, 0, 0);
+ unsigned long length = strtoul(comma+1, 0, 0);
+
+ // some protection against typos
+ if (length > camera_info.maxramaddr+1)
+ {
+ length = camera_info.maxramaddr+1;
+ }
+
+ buf = (char *) malloc(buf_size);
+ if ( (buf == NULL) || (length == 0) )
+ {
+ // send dummy data, otherwise error hoses connection
+ send_ptp_data(data,"\0",1);
+ ptp.code = PTP_RC_GeneralError;
+ if (buf)
+ {
+ free(buf);
+ }
+ free(fn);
+ break;
+ }
+ tmp = t = length;
+ while (t > 0)
+ {
+ r = (t<buf_size)?t:buf_size;
+ t -= r;
+ memcpy(buf, (void*)start, r);
+ start += r;
+ // cannot use send_ptp_data here
+ data->send_data(data->handle,buf,r,tmp,0,0,0);
+ tmp = 0;
+ }
+ free(fn);
+ free(buf);
+ ptp.num_param = 1;
+ ptp.param1 = length;
+ // we're finished
+ break;
+ }
+ // hack end
+
f = fopen(fn,"rb");
if ( f == NULL )
{
edit:
fixed 2 memory leaks