[Solved] Patching module offsets...

[frostegater]

Hello,
Could you help me, please? I need to patch an offset in one module, for example SysconfPlugin offset..

IF FW = 401 offset = 0x00007708,
If FW = 620 offset = 0x0002BDB4,
if FW = 635 offset = 0x0002C724,
... etc...

Also..
patching sceIOFileManager Module...

example (from cxmb)..

Code: Select all

   tSceModule * pMod = ( tSceModule * )sceKernelFindModuleByName( "sceIOFileManager" );
   unsigned int addr = 0;
   if ( !pMod )
      return 0;
   if ( fw_version == FW_371 )
      addr = pMod->text_addr + 0x00002844;
   else if (  fw_version == FW_380
         || fw_version == FW_390 )
      addr = pMod->text_addr + 0x00002808;
   else if ( fw_version == FW_401 )
      addr = pMod->text_addr + 0x000027EC;

   return addr;


P.S. I don't ask you to do it yourself, but help me to find the way to do this.

[RNB_PSP]

I don't have any knowledge about that but maybe [url=code.google.com/p/holdpsp]hold+'s source[/url] might help you. I saw it's source and it's patching some functions.

[frostegater]

I don't have any knowledge about that but maybe [url=code.google.com/p/holdpsp]hold+'s source[/url] might help you. I saw it's source and it's patching some functions.

No. It does not help.

[JJS]

What exactly is your question? I mean the code snippet you posted already gives you the memory address where you need to apply your patch. So all you need to do now is write whatever you want there.

Basically if you want to set it to 0 you would write:

Code: Select all

*(unsigned int*)addr = 0;

or

Code: Select all

_sw(0, addr);

[frostegater]

What exactly is your question? I mean the code snippet you posted already gives you the memory address where you need to apply your patch. So all you need to do now is write whatever you want there.

Basically if you want to set it to 0 you would write:

Code: Select all

*(unsigned int*)addr = 0;

or

Code: Select all

_sw(0, addr);

I know it ...but...
How can I find the right memory address?

[m0skit0]

Do a memory dump and search for the values you want to subsitute.

[some1]

Well, all you have to do is dump the files for the OFW that you already know the offset, and the target OFW(using psardumper), and then compare the one you already know, and try finding the exact same instruction/function/section in the new OFW. This will require atleast minimal knowledge of mips btw.

I checked a 401 dump and it seems

Code: Select all

addr = pMod->text_addr + 0x000027EC;

is a function, the address for 635 will probably be 0x00002A38 (I did this quickly, so double check this).

[frostegater]

Well, all you have to do is dump the files for the OFW that you already know the offset, and the target OFW(using psardumper), and then compare the one you already know, and try finding the exact same instruction/function/section in the new OFW. This will require atleast minimal knowledge of mips btw.

I checked a 401 dump and it seems

Code: Select all

addr = pMod->text_addr + 0x000027EC;

is a function, the address for 635 will probably be 0x00002A38 (I did this quickly, so double check this).

0x00002A44. Thanks! I understand how it is.

6.60 offset: 0x00002A4C

Attach: cxmb 3.71 - 6.60(I checked. It works. Source code included.)...

[m0skit0]

Meh some1, let him do it himself