summaryrefslogtreecommitdiffstats
path: root/utils/AMS/hacking/amsinfo.c
diff options
context:
space:
mode:
authorDave Chapman <dave@dchapman.com>2008-05-11 18:29:53 +0000
committerDave Chapman <dave@dchapman.com>2008-05-11 18:29:53 +0000
commit1aa6cde3eaa49c6607cc5827c0a7c8e6dd355a1a (patch)
treee5917680a7ea7c4abf18edf2a7251f894b4c63aa /utils/AMS/hacking/amsinfo.c
parentd24eb9e461ca1d25a83d825d355710ebdbe509b5 (diff)
downloadrockbox-1aa6cde3eaa49c6607cc5827c0a7c8e6dd355a1a.tar.gz
rockbox-1aa6cde3eaa49c6607cc5827c0a7c8e6dd355a1a.tar.bz2
rockbox-1aa6cde3eaa49c6607cc5827c0a7c8e6dd355a1a.zip
Some tools for hacking Sansa V2 (AMS) firmware files and injecting our own code.
git-svn-id: svn://svn.rockbox.org/rockbox/trunk@17464 a1c6a512-1295-4272-9138-f99709370657
Diffstat (limited to 'utils/AMS/hacking/amsinfo.c')
-rw-r--r--utils/AMS/hacking/amsinfo.c175
1 files changed, 175 insertions, 0 deletions
diff --git a/utils/AMS/hacking/amsinfo.c b/utils/AMS/hacking/amsinfo.c
new file mode 100644
index 0000000000..0ebfb94caf
--- /dev/null
+++ b/utils/AMS/hacking/amsinfo.c
@@ -0,0 +1,175 @@
+/*
+
+amsinfo - a tool for examining AMS firmware files
+
+Copyright (C) Dave Chapman 2007
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110, USA
+
+*/
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <unistd.h>
+
+
+/* Win32 compatibility */
+#ifndef O_BINARY
+#define O_BINARY 0
+#endif
+
+
+#define PAD_TO_BOUNDARY(x) ((x) + 0x1ff) & ~0x1ff;
+
+
+static off_t filesize(int fd) {
+ struct stat buf;
+
+ if (fstat(fd,&buf) < 0) {
+ perror("[ERR] Checking filesize of input file");
+ return -1;
+ } else {
+ return(buf.st_size);
+ }
+}
+
+static uint32_t get_uint32le(unsigned char* p)
+{
+ return p[0] | (p[1] << 8) | (p[2] << 16) | (p[3] << 24);
+}
+
+static uint16_t get_uint16le(unsigned char* p)
+{
+ return p[0] | (p[1] << 8);
+}
+
+static int calc_checksum(unsigned char* buf, int n)
+{
+ int sum = 0;
+ int i;
+
+ for (i=0;i<n;i+=4)
+ sum += get_uint32le(buf + 0x400 + i);
+
+ return sum;
+}
+
+
+static void dump_header(unsigned char* buf, int i)
+{
+ printf("0x%08x:\n",i);
+ printf(" HEADER: 0x%08x\n",i);;
+ printf(" FirmwareHeaderIndex: 0x%08x\n",get_uint32le(&buf[i]));
+ printf(" FirmwareChecksum: 0x%08x\n",get_uint32le(&buf[i+0x04]));
+ printf(" CodeBlockSizeMultiplier: 0x%08x\n",get_uint32le(&buf[i+0x08]));
+ printf(" FirmwareSize: 0x%08x\n",get_uint32le(&buf[i+0x0c]));
+ printf(" Unknown1: 0x%08x\n",get_uint32le(&buf[i+0x10]));
+ printf(" ModelID: 0x%04x\n",get_uint16le(&buf[i+0x14]));
+ printf(" Unknown2: 0x%04x\n",get_uint16le(&buf[i+0x16]));
+}
+
+static int dump_lib(unsigned char* buf, int i)
+{
+ int export_count;
+ int size;
+ int unknown1;
+ int baseaddr, endaddr;
+
+ baseaddr = get_uint32le(&buf[i+0x04]);
+ endaddr = get_uint32le(&buf[i+0x08]);
+ size = get_uint32le(&buf[i+0x0c]);
+ unknown1 = get_uint32le(&buf[i+0x10]);
+ export_count = get_uint32le(&buf[i+0x14]);
+
+ printf("0x%08x: \"%s\" 0x%08x 0x%08x 0x%08x 0x%08x 0x%08x\n",i, buf + i + get_uint32le(&buf[i]),baseaddr,endaddr,size,unknown1,export_count);
+
+#if 0
+ if (export_count > 1) {
+ for (j=0;j<export_count;j++) {
+ printf(" Exports[%02d]: 0x%08x\n",j,get_uint32le(&buf[i+0x18+4*j]));
+ }
+ }
+#endif
+ return PAD_TO_BOUNDARY(size);
+}
+
+int main(int argc, char* argv[])
+{
+ int fd;
+ off_t len;
+ int n;
+ unsigned char* buf;
+ int firmware_size;
+ int i;
+
+ if (argc != 2) {
+ fprintf(stderr,"USAGE: amsinfo firmware.bin\n");
+ return 1;
+ }
+
+ fd = open(argv[1],O_RDONLY|O_BINARY);
+
+ if ((len = filesize(fd)) < 0)
+ return 1;
+
+ if ((buf = malloc(len)) == NULL) {
+ fprintf(stderr,"[ERR] Could not allocate buffer for input file (%d bytes)\n",(int)len);
+ return 1;
+ }
+
+ n = read(fd, buf, len);
+
+ if (n != len) {
+ fprintf(stderr,"[ERR] Could not read file\n");
+ return 1;
+ }
+
+ close(fd);
+
+ /* Now we dump the firmware structure */
+
+ dump_header(buf,0); /* First copy of header block */
+// dump_header(buf,0x200); /* Second copy of header block */
+
+ firmware_size = get_uint32le(&buf[0x0c]);
+
+ printf("Calculated firmware checksum: 0x%08x\n",calc_checksum(buf,firmware_size));
+
+ /* Round size up to next multiple of 0x200 */
+
+ firmware_size = PAD_TO_BOUNDARY(firmware_size);
+
+ i = firmware_size + 0x400;
+
+ printf("LIBRARY BLOCKS:\n");
+ printf("Offset Name BaseAddr EndAddr BlockSize Unknown1 EntryCount\n");
+
+ while (get_uint32le(&buf[i]) != 0xffffffff)
+ {
+ i += dump_lib(buf,i);
+
+ while (get_uint32le(&buf[i]) == 0xefbeadde)
+ i+=4;
+ }
+
+ printf("0x%08x: PADDING BLOCK\n",i);
+
+ return 0;
+
+}