Products > Test Equipment
Rigol DSXXXX .GEL firmware file format
smithnerd:
I haven't looked at more recent firmwares, but on 4.3.2.3, I have that cluster of 3 DCP related functions marked as:
start_dcp_memcopy
start_dcp_memfill
start_dcp_blit
--- Quote from: tv84 on February 17, 2018, 06:56:57 pm ---Janekivi,
Here is a code worth investigating (addr = 0x400CF3B0):
--- Code: ---int __fastcall DCP_Operation1(int result, int a2, int a3, unsigned __int8 a4)
}
--- End code ---
--- End quote ---
tv84:
--- Quote from: smithnerd on February 18, 2018, 02:20:45 am ---I haven't looked at more recent firmwares, but on 4.3.2.3, I have that cluster of 3 DCP related functions marked as:
start_dcp_memcopy
start_dcp_memfill
start_dcp_blit
--- End quote ---
Thankx, that's what I was about to compare. There are also 3 in 4.4.0.7 but, at first sight, I say the 2nd and 3rd may be a little different... investigating ATM...
Edit:
Hex-rays bug that shows me all the 3 Ops as the MEMCOPY... >:( But, going back to ASM, we can see the 3 different CTRL0 setups: 0x13, 0x10013, 0x83 (memcopy, memfill & memblit) :)
Now, back to the drawing board. The "footer" hashes/etc are not DCP-based...
janekivi:
After long pause there I managed to get some good guys (better than me) interested
about this GEL file format and what is hidden inside footer. Now we know something.
They did the hard work for me and I did the... dirty work (better than nothing) and
thanks to tv84 and smithnerd and some more I finally got rid of those "Pluses".
tv84:
--- Quote from: janekivi on March 10, 2018, 09:56:50 pm ---After long pause there I managed to get some good guys (better than me) interested
about this GEL file format and what is hidden inside footer. Now we know something.
They did the hard work for me and I did the... dirty work (better than nothing) and
thanks to tv84 and smithnerd and some more I finally got rid of those "Pluses".
--- End quote ---
A good team effort. All essential! After a false positive, success. :)
technogeeky:
--- Quote from: janekivi on March 10, 2018, 09:56:50 pm ---After long pause there I managed to get some good guys (better than me) interested
about this GEL file format and what is hidden inside footer. Now we know something.
They did the hard work for me and I did the... dirty work (better than nothing) and
thanks to tv84 and smithnerd and some more I finally got rid of those "Pluses".
--- End quote ---
What kind of level of reverse engineering did you guys do? Is there assembly or source to look at?
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version