Zezombye wrote:I could do that securely by iterating over the OS until I match a bitmap (I could match some code that happens to match the bitmap, but is it unlikely?), however how would I know the start and size of the OS?
The OS of fx-9860 calculators starts at 0x80010000 and definitly ends at 0x80270000.
The following source shows a fairly systematic way to find the builtin-icons.
find built-in icons: Show - Code: Select all
typedef struct {
short AppDefNo;
short A1;
void*NameAddr;
int msgno;
void*AppCodeAddr;
void*EACT_EstripIconPtr;
} TAppDef;
typedef struct {
void*NameAddr;
void*AppCodeAddr;
int unknown;
void*IconPtr;
} TAppDef2;
#define F07_3_HandlerUSE_TEXTVIEW 1
// ************************************************
/* Find the builtin-icons
first find the BuiltInDef-Array using 0x0471: int App_GetAppDef( short AppNo, TAppDef AppDef );
retrieve AppDef.EACT_EstripIconPtr; f. i. use AppNo==0
starting at AppDef.EACT_EstripIconPtr walk back in the memory, until you find the second instance of a pointer to the string, which equals the string behind AppDef.NameAddr
this pointer point to TAppDef2 and AppDef2.IconAddr is the requiered pointer to the builtin-icon.
Checked on OSes 1.03 and 2.09.
*/
int F07_3_Handler(){
unsigned char hb[40];
int iDefs;
TAppDef AppDef;
#if defined F07_3_HandlerUSE_TEXTVIEW
TTextView*text;
#else
unsigned int key;
#endif
char buffer[SIZE001];
int idx, icount;
unsigned int*ip;
char*cpp;
TAppDef2 AppDef2;
memset( buffer, 0, SIZE001 );
#if USE_TEXTVIEW == 1
text = new TTextView;
(*text).SetFontsize( szMINI );
(*text).buffer = buffer;
#endif
strcpy( (char*)hb, "AppDef walk" );
strcat( buffer, (char*)hb );
strcat( buffer, " " );
Bdisp_AllClr_VRAM();
iDefs = App_BuiltInDefsCount(); // 0x046C: int App_BuiltInDefsCount();
IntToHexN( iDefs, (unsigned char*)hb, 2 );
strcat( buffer, (char*)hb );
strcat( buffer, "\x0D\x0A" );
// strcat( buffer, " " );
for ( idx=0;idx<iDefs;idx++){
App_GetAppDef( idx, &AppDef );
strcat( buffer, (char*)AppDef.NameAddr );
LocalizeMessage1( AppDef.msgno, (char*)hb );
strcat( buffer, (char*)hb );
strcat( buffer, "\x0D\x0A" );
strcat( buffer, " " );
IntToHexN( (int)AppDef.AppCodeAddr, (unsigned char*)hb, 8 );
strcat( buffer, (char*)hb );
strcat( buffer, " " );
IntToHexN( (int)AppDef.EACT_EstripIconPtr, (unsigned char*)hb, 8 );
strcat( buffer, (char*)hb );
strcat( buffer, "\x0D\x0A" );
}
App_GetAppDef( 3, &AppDef );
ip = static_cast<unsigned int*>(AppDef.EACT_EstripIconPtr);
icount = 0;
while( 1 ){
if ( *ip > 0x80000000 ){
if ( *ip < 0x80270000 ){
cpp = (char*)*ip;
if ( strcmp( cpp, (char*)AppDef.NameAddr ) == 0 ){
icount++;
if ( icount == 2 ) break;
}
}
}
ip--;
}
memcpy( &AppDef2, (void*)ip, sizeof( TAppDef2 ) );
IntToHexN( (int)AppDef2.IconPtr, (unsigned char*)hb, 8 );
strcat( buffer, (char*)hb );
strcat( buffer, " " );
strcat( buffer, (char*)AppDef2.NameAddr );
strcat( buffer, "\x0D\x0A" );
#if defined USE_TEXTVIEW_MCS
(*text).Execute(0);
delete text;
#else
// now buffer could be written into a file.
GetKey( &key );
#endif
return 1;
}
Zezombye wrote:...but is there a way to overwrite the OS...
I know three methods to change the OS.
On-calc, off-calc (customize image) and off-calc (customize OS-update.msi).
I recommend not to use any of them.
Any OS change can brick your calculator. There is no save way.