Rockbox mail archiveSubject: Re: checksum field (fwd)
Re: checksum field (fwd)
From: Andrew Jamieson <ajamiesn_at_mira.net>
Date: Mon, 10 Dec 2001 10:14:17 +1100
> ---------- Forwarded message ----------
> From: Andy Choi <AndyC_at_CoManage.net>
> Subject: RE: checksum field
> Date: Sun, 9 Dec 2001 04:19:49 -0500
> > apparantly, this is is just the 16-bit sum of all the bytes
> > in the unscrambed code, except with the most significant 4
> > bits set to 0x4. not sure what the mask is for, but it seems
> > to work. (i tested this by simply modifying string constants
> > and seeing that the rescrambled code still passed the
> > checksum and then correctly displayed the modified strings).
> it turns out that wasn't quite right; it only worked for f/w version
> it looks like the checksum is simply the 16-bit sum with an offset, but i
> can't figure out how the offset is computed. for version 5.03a, the
> checksum seems to be the 16-bit sum minus 0x2b00; for version 5.02a, the
> offset is 0x7200; and for 5.01h, the offset is 0x9000. the length of the
> file doesn't affect these offsets; you can add arbitrary junk data to the
> end of the file, and you can modify the string constants arbitrarily, and
> these checksum offsets still work. but i can't figure out how these
> are being computed from the code..
Have you tried modifying the mod version ID (for any specfic version), and
seeing if the offset is still the same then? If it is not calculated on
length or arbitrary content, then it must be some identifier in the code -
the mod version is the obvious contender.
PS: I need to start looking at the code a bit myself, but I cannot get
access to the win32 descrambler ....
Received on 2001-12-10