Products > Test Equipment
TH2830 vs TH2832
KungFuJosh:
--- Quote from: tv84 on June 29, 2023, 08:19:50 pm ---
--- Quote from: nctnico on June 29, 2023, 06:26:39 pm ---After that decision, there is a text comparison as a 2nd check.
--- End quote ---
You're right. So, it's something like this:
Model_byte (in hex):
Ax - TH2830 / ST2830 / SM6023 / DHK6100 / JCX860 / TX6100 / TH7830 / TH2816D / OCT1010 / TH2830HY
Bx - TH2831 / ST2831 / M2831B / XTD4510 / DHK6200 / TX6200 / AMM3044
Cx - TH2832 / ST2832 / SM6024 / eWK6302BQ / TH7832 / 9216B / JDI1022 / TH7832A / AMM3046
Dx - TH2830L
Ex - TH2832X / ST2832X
Fx - TH2830N
If these combinations don't match, the FW will show "Wrong Firmware!" msg.
So now you can do some FRAM/EEPROM analysis...
--- End quote ---
That sounds like it's a simple function in the firmware to halt loading if the combination doesn't match. Is that correct? Can we defeat that in the firmware? For example: firmware says 2832, but right now the model byte says Ax, so it says wrong firmware. Can we change the definition of Ax to match 2832?
tv84:
--- Quote from: KungFuJosh on June 29, 2023, 09:08:18 pm ---That sounds like it's a simple function in the firmware to halt loading if the combination doesn't match. Is that correct? Can we defeat that in the firmware? For example: firmware says 2832, but right now the model byte says Ax, so it says wrong firmware. Can we change the definition of Ax to match 2832?
--- End quote ---
I can but can you flash it without a programmer? (and hope that it doesn't verify any checksum while running...)
Edit: Attached is the FW with A0 and C0 bytes swapped, as requested. Have no idea if that will work. In logic terms I would say that you should be already running this precise patched version in order to accept a... patched version. :)
Edit2: The file was wrong! A correct one is in a following msg.
nctnico:
I'm pretty sure that it will end up as 'Wrong firmware'. You'd need to change the text that is being tested as well. If all the tests for the right model name fail, the graph goes into 'Wrong firmware'.
What puzzles me is why the firmware doesn't run on Josh' ST2830 while it is supposed to support that model. This seems to suggest that the model name might be derived from the firmware file that is being loaded. Maybe, just maybe changing the firmware filename to ST2832 already makes the file work as the model ID and model name now match. But I doubt the features of the ST2832 are enabled. I don't see any signs of the model ID being used to set a flag for the functionality in the call graph that TV84 has posted.
KungFuJosh:
--- Quote from: tv84 on June 29, 2023, 09:18:42 pm ---
--- Quote from: KungFuJosh on June 29, 2023, 09:08:18 pm ---That sounds like it's a simple function in the firmware to halt loading if the combination doesn't match. Is that correct? Can we defeat that in the firmware? For example: firmware says 2832, but right now the model byte says Ax, so it says wrong firmware. Can we change the definition of Ax to match 2832?
--- End quote ---
I can but can you flash it without a programmer? (and hope that it doesn't verify any checksum while running...)
Edit: Attached is the FW with A0 and C0 bytes swapped, as requested. Have no idea if that will work. In logic terms I would say that you should be already running this precise patched version in order to accept a... patched version. :)
--- End quote ---
Unfortunately no, that didn't work. It didn't get past 5%, so it seems it fails some kind of precheck.
Renaming ST2832 to ST2830 will allow it to fully flash the stock firmware, it's when you try to run the meter that it fails after that.
Edit: Attached is two screenshots comparing the beginning of the stock fw files, and the modified one. There's something missing with the modified version.
KungFuJosh:
--- Quote from: nctnico on June 29, 2023, 09:42:14 pm ---I'm pretty sure that it will end up as 'Wrong firmware'. You'd need to change the text that is being tested as well. If all the tests for the right model name fail, the graph goes into 'Wrong firmware'.
What puzzles me is why the firmware doesn't run on Josh' ST2830 while it is supposed to support that model. This seems to suggest that the model name might be derived from the firmware file that is being loaded. Maybe, just maybe changing the firmware filename to ST2832 already makes the file work as the model ID and model name now match. But I doubt the features of the ST2832 are enabled. I don't see any signs of the model ID being used to set a flag for the functionality in the call graph that TV84 has posted.
--- End quote ---
The firmware files aren't the same though. For whatever reason, the 2830 fw file is actually 2k larger than the 2832. I think (am guessing) the fw itself contains what we need for those functions to work. They don't need to flag for individual functions if the fw won't let you get past startup.
My hardware model is the TH2830, currently being run as an ST2830.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version