I was trying to debug some strange behaviour that I have with Internet@TV (I'm getting network interference message in almost all widgets), so I tried to modify .js files from widget manager and find out that, everytime that I modify something in widget manager, it gets reinstalled, overriding my changes. I've find out where to patch this behaviour, and I'm trying to create a patch injectable using samygoso, but I cannot find how to write the proper change on memory...
In GDB I patch by
Code: Select all
set {long int}0x016f3768 = 0xe3530001
SpoilerShow
Code: Select all
unsigned long int *cur_addr,*addr;
addr = (long int*)*hCTX.CNNaviAppBase_t_VerifyWM;
log("Starting to search at: @0x%08x\n",addr);
for(cur_addr=addr;cur_addr<addr+0x1000;cur_addr++)
{
if(*cur_addr == CMP_R3_0)
{
log("Found point to patch at: @0x%08x\n",cur_addr);
log("Actual memory value: @0x%08x\n",*cur_addr);
*(long int*)cur_addr = 0xE3530001; //CMP_R3_1
log("After patch value is: @0x%08x\n",*cur_addr);
break;
}
}
SpoilerShow
Code: Select all
[blockInfolinkUpdate] Found _ZN16CPluginInterface13GetSupportPIGEv location at: 0x01700af4
[blockInfolinkUpdate] Found _fini location at: 0x01ac19a0
[blockInfolinkUpdate] text range: @0x016f6af4 -> @0x016a6af4
[blockInfolinkUpdate] rodata range: @0x01ac19a0 -> @0x0a2c19a0
[blockInfolinkUpdate] Found t_VerifyWM at @0x016f3744
[blockInfolinkUpdate] Found _ZN13CNNaviAppBase10t_VerifyWMEv at: 0x016f3728
[blockInfolinkUpdate] _ZN13CNNaviAppBase10t_VerifyWMEv [0x16f3728].
[blockInfolinkUpdate] TV Model: C Series
[blockInfolinkUpdate] Starting to search at: @0x016f3728
[blockInfolinkUpdate] Found point to patch at: @0x016f3768
[blockInfolinkUpdate] Actual memory value: @0xe3530000
I assume that my problem is how I'm writting to memory, maybe a problem with types... but I'm totally a noob in C thus, someone have a clue where it's my error?
Thanks!!!