Hi, I checked another 20 tonight (35-55). No freezing, but there are timing differences. I then retried 27 and 29 to confirm that they did not show any effect. This time, they led to normal reboots! I swear that I didn't mess up on that one. Yesterday, they did not lead to reboots. But maybe the problem is that it seems very hard to reproduce the crash behaviour: The timing of the first crash, for example, always varies. When I try to enter the notes folder, it takes something between and eye blink and a second before the screen turns dark. Then I had the two files that did not work yesterday, but today. What does that mean? Can the overflow occur in a non-deterministic memory environment, leading to such different effects? I hope this is helpful to anybody.
The Seven wrote: > If the 0x00s would have been a problem or the link qould not have been > recognized, it would not have crashed. > > Taylor Gordon schrieb: > >> Hmmm... SO so far, it seems that none of the notes have made the ipod >> freeze, right? I wonder why 27 and 29 didn't display anything at all though. >> >> @TheSeven: Maybe different opcodes with a '0' messed the file up? Or it >> didn't think it was a valid link. >> >> On Wed, Feb 18, 2009 at 2:49 AM, Sebastian Schutte >> <[email protected]>wrote: >> >> >>> Both files (27&29) opened, but only showed a blank screen. I could >>> open/close them repeatedly without reboot. I also noted timing >>> differences for the reboot duration. But I think we'd have to check that >>> later systematically if no freezing can be observed at all. >>> >>> >>> The Seven wrote: >>> >>>> I'll double check that later today, but it sounds interesting... >>>> However, I expect the behavior to be generation dependent, so please >>>> make sure that all files are checked on 2G at least. >>>> >>>> Sebastian, were you able to view the content of the notes 27 and 29? >>>> What did you see? >>>> >>>> Sebastian Schutte schrieb: >>>> >>>> >>>>> Hi, >>>>> >>>>> I tested some files (25-35) on an Ipod nano 3rd gen. Except 27 and >>>>> 29, they only led to repeated reboots. No freezing so far. For 27 and >>>>> 29 there was no effect at all. >>>>> >>>>> Cheers, >>>>> Sebastian >>>>> >>>>> >>>>> Taylor Gordon wrote: >>>>> >>>>> >>>>>> Update: I've tried note_0 and note_89 and they DONT work - so try the >>>>>> >>> other >>> >>>>>> 126 for now :) >>>>>> >>>>>> On Tue, Feb 17, 2009 at 4:07 PM, The Seven <[email protected]> wrote: >>>>>> >>>>>> >>>>>> >>>>>> >>>>>>> The first test note files are ready! >>>>>>> Get them at http://taylor.fileave.com/lockup.zip >>>>>>> >>>>>>> There are 128 files named note_XXX.txt >>>>>>> One of them will hopefully make the iPod lock up or show some other >>>>>>> unexpected behavior. If we find that one, we're a huge step closer. >>>>>>> >>>>>>> It could also be that it just takes longer (or even shorter?) to >>>>>>> reboot... So if one of the files shows a DIFFERENT behavior than the >>>>>>> others, please tell me. >>>>>>> >>>>>>> Placing multiple of them on the iPod at once will NOT work! >>>>>>> >>>>>>> 3mpty schrieb: >>>>>>> > 2009/2/17 The Seven <[email protected]> >>>>>>> >>>>>>> >>>>>>> >>>>>>>>> 3mpty schrieb: >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>>>> Target address range is 0x22000000 to 0x2203fff (SRAM) >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>> The second number is 0x22003FFF or 0x2203FFF0? A digit is missing >>>>>>>>>> >>> (am I >>> >>>>>>>>> wrong?) >>>>>>>>> 0x2203FFFF, or rather a little below since our shellcode will have a >>>>>>>>> >>> nop >>> >>>>>>>>> zone of 2KB >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>> I'm trying right now some text file. >>>>>>>> >>>>>>>> 0x22 at the addresses where we need it (odd ones) will not hurt in >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> unicode. >>>>>>> >>>>>>> >>>>>>> >>>>>>>> Oh, I forgot the endianess, stupid error, you are right >>>>>>>> >>>>>>>> >>>>>>>> Paolo >>>>>>>> _______________________________________________ >>>>>>>> Linux4nano-dev mailing list >>>>>>>> [email protected] >>>>>>>> https://mail.gna.org/listinfo/linux4nano-dev >>>>>>>> http://www.linux4nano.org >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> _______________________________________________ >>>>>>> Linux4nano-dev mailing list >>>>>>> [email protected] >>>>>>> https://mail.gna.org/listinfo/linux4nano-dev >>>>>>> http://www.linux4nano.org >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>> _______________________________________________ >>>>>> Linux4nano-dev mailing list >>>>>> [email protected] >>>>>> https://mail.gna.org/listinfo/linux4nano-dev >>>>>> http://www.linux4nano.org >>>>>> >>>>>> >>>>>> >>>>>> >>>>> _______________________________________________ >>>>> Linux4nano-dev mailing list >>>>> [email protected] >>>>> https://mail.gna.org/listinfo/linux4nano-dev >>>>> http://www.linux4nano.org >>>>> >>>>> >>>>> >>>> _______________________________________________ >>>> Linux4nano-dev mailing list >>>> [email protected] >>>> https://mail.gna.org/listinfo/linux4nano-dev >>>> http://www.linux4nano.org >>>> >>>> >>>> >>> _______________________________________________ >>> Linux4nano-dev mailing list >>> [email protected] >>> https://mail.gna.org/listinfo/linux4nano-dev >>> http://www.linux4nano.org >>> >>> >> _______________________________________________ >> Linux4nano-dev mailing list >> [email protected] >> https://mail.gna.org/listinfo/linux4nano-dev >> http://www.linux4nano.org >> >> > > > _______________________________________________ > Linux4nano-dev mailing list > [email protected] > https://mail.gna.org/listinfo/linux4nano-dev > http://www.linux4nano.org > > _______________________________________________ Linux4nano-dev mailing list [email protected] https://mail.gna.org/listinfo/linux4nano-dev http://www.linux4nano.org
