Created
December 28, 2018 19:06
-
-
Save hexkyz/badbd17caee5b94232a5202020749d6a to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sploitcore.prototype.send_request = function(srv_handle, type, domain_id, cmd_id, params, dump_reply, show_log) { | |
| var req_buf = this.malloc(0x1000); | |
| if (show_log) | |
| utils.log('Request buf: ' + utils.paddr(req_buf)); | |
| var request_reply = [0, 0]; | |
| var err_code = [0, 0]; | |
| // One handle and 2 words input type | |
| if (type == 0) | |
| { | |
| // Build request | |
| this.write4(0x00000004, req_buf, 0x00/4); // Write type | |
| this.write4(0x80000010, req_buf, 0x04/4); // Write num_words | |
| // Write handle descriptor | |
| this.write4(0x00000002, req_buf, 0x08/4); // Write handle_copy_num | |
| this.write4(params[0], req_buf, 0x0C/4); // Write handle_copy | |
| this.write4(0x49434653, req_buf, 0x10/4); // Write SFCI | |
| this.write4(0x00000000, req_buf, 0x14/4); // Write padding | |
| this.write4(cmd_id, req_buf, 0x18/4); // Write cmd_id | |
| this.write4(0x00000000, req_buf, 0x1C/4); // Write padding | |
| // Write params | |
| this.write8(params[1], req_buf, 0x20/4); | |
| } | |
| else if (type == 1) // One word input type | |
| { | |
| // Build request | |
| this.write4(0x00000004, req_buf, 0x00/4); // Write type | |
| this.write4(0x00000009, req_buf, 0x04/4); // Write num_words | |
| this.write4(0x00000000, req_buf, 0x08/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x0C/4); // Write padding | |
| this.write4(0x49434653, req_buf, 0x10/4); // Write SFCI | |
| this.write4(0x00000000, req_buf, 0x14/4); // Write padding | |
| this.write4(cmd_id, req_buf, 0x18/4); // Write cmd_id | |
| this.write4(0x00000000, req_buf, 0x1C/4); // Write padding | |
| // Write params | |
| this.write4(params[0], req_buf, 0x20/4); | |
| } | |
| else if (type == 2) // Descriptor B and one word input type | |
| { | |
| var buf_addr = params[0]; | |
| var buf_size = params[1]; | |
| var buf_flags = 0; | |
| var buf_desc_b = (((buf_addr[1] & 0xF) << 0x1C) | ((buf_size[1] & 0xF) << 0x18) | ((buf_addr[1] & 0x70) >> 0x02) | (buf_flags & 0x03)) >>> 0; | |
| // Build request | |
| this.write4(0x01000004, req_buf, 0x00/4); // Write type | |
| this.write4(0x0000000C, req_buf, 0x04/4); // Write num_words | |
| // Write descriptors | |
| this.write4(buf_size[0], req_buf, 0x08/4); // Write buf_size_lo | |
| this.write4(buf_addr[0], req_buf, 0x0C/4); // Write buf_addr_lo | |
| this.write4(buf_desc_b, req_buf, 0x10/4); // Write buf_desc_b | |
| this.write4(0x00000000, req_buf, 0x14/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x18/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x1C/4); // Write padding | |
| this.write4(0x49434653, req_buf, 0x20/4); // Write SFCI | |
| this.write4(0x00000000, req_buf, 0x24/4); // Write padding | |
| this.write4(cmd_id, req_buf, 0x28/4); // Write cmd_id | |
| this.write4(0x00000000, req_buf, 0x2C/4); // Write padding | |
| // Write params | |
| this.write8(params[2], req_buf, 0x30/4); | |
| this.write8(params[3], req_buf, 0x38/4); | |
| } | |
| else if (type == 3) // Descriptor A and one word input type | |
| { | |
| var buf_addr = params[0]; | |
| var buf_size = params[1]; | |
| var buf_flags = 0; | |
| var buf_desc_a = (((buf_addr[1] & 0xF) << 0x1C) | ((buf_size[1] & 0xF) << 0x18) | ((buf_addr[1] & 0x70) >> 0x02) | (buf_flags & 0x03)) >>> 0; | |
| // Build request | |
| this.write4(0x00100004, req_buf, 0x00/4); // Write type | |
| this.write4(0x0000000C, req_buf, 0x04/4); // Write num_words | |
| // Write descriptors | |
| this.write4(buf_size[0], req_buf, 0x08/4); // Write buf_size_lo | |
| this.write4(buf_addr[0], req_buf, 0x0C/4); // Write buf_addr_lo | |
| this.write4(buf_desc_a, req_buf, 0x10/4); // Write buf_desc_a | |
| this.write4(0x00000000, req_buf, 0x14/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x18/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x1C/4); // Write padding | |
| this.write4(0x49434653, req_buf, 0x20/4); // Write SFCI | |
| this.write4(0x00000000, req_buf, 0x24/4); // Write padding | |
| this.write4(cmd_id, req_buf, 0x28/4); // Write cmd_id | |
| this.write4(0x00000000, req_buf, 0x2C/4); // Write padding | |
| // Write params | |
| this.write4(params[2], req_buf, 0x30/4); | |
| } | |
| else if (type == 4) // Current PID, domain descriptor and one word input type | |
| { | |
| // Build request | |
| this.write4(0x00000004, req_buf, 0x00/4); // Write type | |
| this.write4(0x8000000E, req_buf, 0x04/4); // Write num_words | |
| // Write handle descriptor | |
| this.write4(0x00000001, req_buf, 0x08/4); // Write handle_copy_num | |
| this.write4(0x00000000, req_buf, 0x0C/4); // Write PID_lo | |
| this.write4(0x00000000, req_buf, 0x10/4); // Write PID_hi | |
| this.write4(0x00000000, req_buf, 0x14/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x18/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x1C/4); // Write padding | |
| // Write domain descriptor | |
| this.write4(0x00180001, req_buf, 0x20/4); // Write extra_size | |
| this.write4(domain_id, req_buf, 0x24/4); // Write domain_id | |
| this.write4(0x00000000, req_buf, 0x28/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x2C/4); // Write padding | |
| this.write4(0x49434653, req_buf, 0x30/4); // Write SFCI | |
| this.write4(0x00000000, req_buf, 0x34/4); // Write padding | |
| this.write4(cmd_id, req_buf, 0x38/4); // Write cmd_id | |
| this.write4(0x00000000, req_buf, 0x3C/4); // Write padding | |
| // Write params | |
| this.write8(params[0], req_buf, 0x40/4); | |
| } | |
| else if (type == 5) // Domain descriptor and 6 words input type | |
| { | |
| // Build request | |
| this.write4(0x00000004, req_buf, 0x00/4); // Write type | |
| this.write4(0x00000012, req_buf, 0x04/4); // Write num_words | |
| this.write4(0x00000000, req_buf, 0x08/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x0C/4); // Write padding | |
| // Write domain descriptor | |
| this.write4(0x00280001, req_buf, 0x10/4); // Write extra_size | |
| this.write4(domain_id, req_buf, 0x14/4); // Write domain_id | |
| this.write4(0x00000000, req_buf, 0x18/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x1C/4); // Write padding | |
| this.write4(0x49434653, req_buf, 0x20/4); // Write SFCI | |
| this.write4(0x00000000, req_buf, 0x24/4); // Write padding | |
| this.write4(cmd_id, req_buf, 0x28/4); // Write cmd_id | |
| this.write4(0x00000000, req_buf, 0x2C/4); // Write padding | |
| // Write params | |
| this.write8(params[0], req_buf, 0x30/4); | |
| this.write8(params[1], req_buf, 0x38/4); | |
| this.write8(params[2], req_buf, 0x40/4); | |
| } | |
| else if (type == 6) // Descriptor B (flag 0x01), domain descriptor and 6 words input type | |
| { | |
| var buf_addr = params[0]; | |
| var buf_size = params[1]; | |
| var buf_flags = 1; | |
| var buf_desc_b = (((buf_addr[1] & 0xF) << 0x1C) | ((buf_size[1] & 0xF) << 0x18) | ((buf_addr[1] & 0x70) >> 0x02) | (buf_flags & 0x03)) >>> 0; | |
| // Build request | |
| this.write4(0x01000004, req_buf, 0x00/4); // Write type | |
| this.write4(0x00000016, req_buf, 0x04/4); // Write num_words | |
| // Write descriptors | |
| this.write4(buf_size[0], req_buf, 0x08/4); // Write buf_size_lo | |
| this.write4(buf_addr[0], req_buf, 0x0C/4); // Write buf_addr_lo | |
| this.write4(buf_desc_b, req_buf, 0x10/4); // Write buf_desc_b | |
| this.write4(0x00000000, req_buf, 0x14/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x18/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x1C/4); // Write padding | |
| // Write domain descriptor | |
| this.write4(0x00280001, req_buf, 0x20/4); // Write extra_size | |
| this.write4(domain_id, req_buf, 0x24/4); // Write domain_id | |
| this.write4(0x00000000, req_buf, 0x28/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x2C/4); // Write padding | |
| this.write4(0x49434653, req_buf, 0x30/4); // Write SFCI | |
| this.write4(0x00000000, req_buf, 0x34/4); // Write padding | |
| this.write4(cmd_id, req_buf, 0x38/4); // Write cmd_id | |
| this.write4(0x00000000, req_buf, 0x3C/4); // Write padding | |
| // Write params | |
| this.write8(params[2], req_buf, 0x40/4); | |
| this.write8(params[3], req_buf, 0x48/4); | |
| this.write8(params[4], req_buf, 0x50/4); | |
| } | |
| else if (type == 7) // Descriptor B (flag 0x01) and 6 words input type | |
| { | |
| var buf_addr = params[0]; | |
| var buf_size = params[1]; | |
| var buf_flags = 1; | |
| var buf_desc_b = (((buf_addr[1] & 0xF) << 0x1C) | ((buf_size[1] & 0xF) << 0x18) | ((buf_addr[1] & 0x70) >> 0x02) | (buf_flags & 0x03)) >>> 0; | |
| // Build request | |
| this.write4(0x01000004, req_buf, 0x00/4); // Write type | |
| this.write4(0x00000012, req_buf, 0x04/4); // Write num_words | |
| // Write descriptors | |
| this.write4(buf_size[0], req_buf, 0x08/4); // Write buf_size_lo | |
| this.write4(buf_addr[0], req_buf, 0x0C/4); // Write buf_addr_lo | |
| this.write4(buf_desc_b, req_buf, 0x10/4); // Write buf_desc_b | |
| this.write4(0x00000000, req_buf, 0x14/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x18/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x1C/4); // Write padding | |
| this.write4(0x49434653, req_buf, 0x20/4); // Write SFCI | |
| this.write4(0x00000000, req_buf, 0x24/4); // Write padding | |
| this.write4(cmd_id, req_buf, 0x28/4); // Write cmd_id | |
| this.write4(0x00000000, req_buf, 0x2C/4); // Write padding | |
| // Write params | |
| this.write8(params[2], req_buf, 0x30/4); | |
| this.write8(params[3], req_buf, 0x38/4); | |
| this.write8(params[4], req_buf, 0x40/4); | |
| } | |
| else if (type == 8) // Descriptor X and 6 words input type | |
| { | |
| var buf_addr = params[0]; | |
| var buf_size = params[1]; | |
| var buf_counter = 0x01; | |
| var buf_desc_x = (((buf_size[0] & 0xFFFF) << 0x10) | ((buf_addr[1] & 0xF) << 0x0C) | (buf_counter & 0xE00) | ((buf_addr[1] & 0x70) << 0x02) | (buf_counter & 0x3F)) >>> 0; | |
| // Build request | |
| this.write4(0x00010004, req_buf, 0x00/4); // Write type | |
| this.write4(0x0000000D, req_buf, 0x04/4); // Write num_words | |
| // Write descriptors | |
| this.write4(buf_desc_x, req_buf, 0x08/4); // Write buf_desc_x | |
| this.write4(buf_addr[0], req_buf, 0x0C/4); // Write buf_addr_lo | |
| this.write4(0x49434653, req_buf, 0x10/4); // Write SFCI | |
| this.write4(0x00000000, req_buf, 0x14/4); // Write padding | |
| this.write4(cmd_id, req_buf, 0x18/4); // Write cmd_id | |
| this.write4(0x00000000, req_buf, 0x1C/4); // Write padding | |
| // Write params | |
| this.write8(params[2], req_buf, 0x20/4); | |
| this.write8(params[3], req_buf, 0x28/4); | |
| this.write8(params[4], req_buf, 0x30/4); | |
| } | |
| else if (type == 9) // Query type | |
| { | |
| // Build request | |
| this.write4(0x00000005, req_buf, 0x00/4); // Write type | |
| this.write4(0x0000000A, req_buf, 0x04/4); // Write num_words | |
| this.write4(0x00000000, req_buf, 0x08/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x0C/4); // Write padding | |
| this.write4(0x49434653, req_buf, 0x10/4); // Write SFCI | |
| this.write4(0x00000000, req_buf, 0x14/4); // Write padding | |
| this.write4(cmd_id, req_buf, 0x18/4); // Write cmd_id | |
| this.write4(0x00000000, req_buf, 0x1C/4); // Write padding | |
| // Write params | |
| this.write8(params[0], req_buf, 0x20/4); | |
| } | |
| else if (type == 10) // 6 words input type | |
| { | |
| // Build request | |
| this.write4(0x00000004, req_buf, 0x00/4); // Write type | |
| this.write4(0x0000000E, req_buf, 0x04/4); // Write num_words | |
| this.write4(0x00000000, req_buf, 0x08/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x0C/4); // Write padding | |
| this.write4(0x49434653, req_buf, 0x10/4); // Write SFCI | |
| this.write4(0x00000000, req_buf, 0x14/4); // Write padding | |
| this.write4(cmd_id, req_buf, 0x18/4); // Write cmd_id | |
| this.write4(0x00000000, req_buf, 0x1C/4); // Write padding | |
| // Write params | |
| this.write8(params[0], req_buf, 0x20/4); | |
| this.write8(params[1], req_buf, 0x28/4); | |
| this.write8(params[2], req_buf, 0x30/4); | |
| } | |
| else if (type == 11) // Descriptor C and 2 words input type | |
| { | |
| var buf_addr = params[0]; | |
| var buf_size = params[1]; | |
| var buf_desc_c = (((buf_size[0] & 0xFFFF) << 0x10) | (buf_addr[1] & 0xFF)) >>> 0; | |
| // Build request | |
| this.write4(0x00000004, req_buf, 0x00/4); // Write type | |
| this.write4(0x00000C0A, req_buf, 0x04/4); // Write num_words and flags_desc_c | |
| this.write4(0x00000000, req_buf, 0x08/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x0C/4); // Write padding | |
| this.write4(0x49434653, req_buf, 0x10/4); // Write SFCI | |
| this.write4(0x00000000, req_buf, 0x14/4); // Write padding | |
| this.write4(cmd_id, req_buf, 0x18/4); // Write cmd_id | |
| this.write4(0x00000000, req_buf, 0x1C/4); // Write padding | |
| // Write params | |
| this.write8(params[2], req_buf, 0x20/4); | |
| this.write4(0x00000000, req_buf, 0x28/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x2C/4); // Write padding | |
| // Write descriptors | |
| this.write4(buf_addr[0], req_buf, 0x30/4); // Write buf_addr_lo | |
| this.write4(buf_desc_c, req_buf, 0x34/4); // Write buf_desc_c | |
| } | |
| else if (type == 12) // Descriptor C and 6 words input type | |
| { | |
| var buf_addr = params[0]; | |
| var buf_size = params[1]; | |
| var buf_desc_c = (((buf_size[0] & 0xFFFF) << 0x10) | (buf_addr[1] & 0xFF)) >>> 0; | |
| // Build request | |
| this.write4(0x00000004, req_buf, 0x00/4); // Write type | |
| this.write4(0x00000C0E, req_buf, 0x04/4); // Write num_words and flags_desc_c | |
| this.write4(0x00000000, req_buf, 0x08/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x0C/4); // Write padding | |
| this.write4(0x49434653, req_buf, 0x10/4); // Write SFCI | |
| this.write4(0x00000000, req_buf, 0x14/4); // Write padding | |
| this.write4(cmd_id, req_buf, 0x18/4); // Write cmd_id | |
| this.write4(0x00000000, req_buf, 0x1C/4); // Write padding | |
| // Write params | |
| this.write8(params[2], req_buf, 0x20/4); | |
| this.write8(params[3], req_buf, 0x28/4); | |
| this.write8(params[4], req_buf, 0x30/4); | |
| this.write4(0x00000000, req_buf, 0x38/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x3C/4); // Write padding | |
| // Write descriptors | |
| this.write4(buf_addr[0], req_buf, 0x40/4); // Write buf_addr_lo | |
| this.write4(buf_desc_c, req_buf, 0x44/4); // Write buf_desc_c | |
| } | |
| else if (type == 13) // Descriptor A (2x) and 5 words input type | |
| { | |
| var buf_addr0 = params[0]; | |
| var buf_size0 = params[1]; | |
| var buf_addr1 = params[2]; | |
| var buf_size1 = params[3]; | |
| var buf_flags = 0; | |
| var buf_desc_a0 = (((buf_addr0[1] & 0xF) << 0x1C) | ((buf_size0[1] & 0xF) << 0x18) | ((buf_addr0[1] & 0x70) >> 0x02) | (buf_flags & 0x03)) >>> 0; | |
| var buf_desc_a1 = (((buf_addr1[1] & 0xF) << 0x1C) | ((buf_size1[1] & 0xF) << 0x18) | ((buf_addr1[1] & 0x70) >> 0x02) | (buf_flags & 0x03)) >>> 0; | |
| // Build request | |
| this.write4(0x00200004, req_buf, 0x00/4); // Write type | |
| this.write4(0x00000012, req_buf, 0x04/4); // Write num_words | |
| // Write descriptors | |
| this.write4(buf_size0[0], req_buf, 0x08/4); // Write buf_size_lo | |
| this.write4(buf_addr0[0], req_buf, 0x0C/4); // Write buf_addr_lo | |
| this.write4(buf_desc_a0, req_buf, 0x10/4); // Write buf_desc_a | |
| this.write4(buf_size1[0], req_buf, 0x14/4); // Write buf_size_lo | |
| this.write4(buf_addr1[0], req_buf, 0x18/4); // Write buf_addr_lo | |
| this.write4(buf_desc_a1, req_buf, 0x1C/4); // Write buf_desc_a | |
| this.write4(0x49434653, req_buf, 0x20/4); // Write SFCI | |
| this.write4(0x00000000, req_buf, 0x24/4); // Write padding | |
| this.write4(cmd_id, req_buf, 0x28/4); // Write cmd_id | |
| this.write4(0x00000000, req_buf, 0x2C/4); // Write padding | |
| // Write params | |
| this.write8(params[4], req_buf, 0x30/4); | |
| this.write8(params[5], req_buf, 0x38/4); | |
| this.write8(params[6], req_buf, 0x40/4); | |
| this.write8(params[7], req_buf, 0x48/4); | |
| this.write8(params[8], req_buf, 0x50/4); | |
| } | |
| else if (type == 14) // Current PID, one handle, domain descriptor and one word input type | |
| { | |
| // Build request | |
| this.write4(0x00000004, req_buf, 0x00/4); // Write type | |
| this.write4(0x80000010, req_buf, 0x04/4); // Write num_words | |
| // Write handle descriptor | |
| this.write4(0x00000003, req_buf, 0x08/4); // Write handle_copy_num | |
| this.write4(0x00000000, req_buf, 0x0C/4); // Write PID_lo | |
| this.write4(0x00000000, req_buf, 0x10/4); // Write PID_hi | |
| this.write4(params[0], req_buf, 0x14/4); // Write handle_copy | |
| this.write4(0x00000000, req_buf, 0x18/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x1C/4); // Write padding | |
| // Write domain descriptor | |
| this.write4(0x00180001, req_buf, 0x20/4); // Write extra_size | |
| this.write4(domain_id, req_buf, 0x24/4); // Write domain_id | |
| this.write4(0x00000000, req_buf, 0x28/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x2C/4); // Write padding | |
| this.write4(0x49434653, req_buf, 0x30/4); // Write SFCI | |
| this.write4(0x00000000, req_buf, 0x34/4); // Write padding | |
| this.write4(cmd_id, req_buf, 0x38/4); // Write cmd_id | |
| this.write4(0x00000000, req_buf, 0x3C/4); // Write padding | |
| // Write params | |
| this.write8(params[1], req_buf, 0x40/4); | |
| } | |
| else if (type == 15) // Domain close descriptor | |
| { | |
| // Build request | |
| this.write4(0x00000004, req_buf, 0x00/4); // Write type | |
| this.write4(0x00000010, req_buf, 0x04/4); // Write num_words | |
| this.write4(0x00000000, req_buf, 0x08/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x0C/4); // Write padding | |
| // Write domain descriptor | |
| this.write4(0x00180002, req_buf, 0x10/4); // Write extra_size | |
| this.write4(domain_id, req_buf, 0x14/4); // Write domain_id | |
| this.write4(0x00000000, req_buf, 0x18/4); // Write padding | |
| this.write4(0x00000000, req_buf, 0x1C/4); // Write padding | |
| this.write4(0x49434653, req_buf, 0x20/4); // Write SFCI | |
| this.write4(0x00000000, req_buf, 0x24/4); // Write padding | |
| this.write4(cmd_id, req_buf, 0x28/4); // Write cmd_id | |
| this.write4(0x00000000, req_buf, 0x2C/4); // Write padding | |
| // Write params | |
| this.write8(params[0], req_buf, 0x30/4); | |
| } | |
| // Call svcSendSyncRequestByBuf | |
| var request_res = this.svc(0x22, [req_buf, [0x1000, 0x00], [srv_handle, 0x00]], false); | |
| if (show_log) | |
| utils.log('svcSendSyncRequestByBuf: result == 0x' + request_res[0].toString(16)); | |
| // Request was accepted | |
| if (request_res[0] == 0) | |
| { | |
| // Read service error code | |
| if ((type == 4) || (type == 5) || (type == 6)) | |
| err_code[0] = this.read4(req_buf, 0x28/0x04); | |
| else | |
| err_code[0] = this.read4(req_buf, 0x18/0x04); | |
| if (show_log) | |
| utils.log('Got error code: 0x' + err_code[0].toString(16)); | |
| // Read back the reply on success | |
| if (err_code[0] == 0) | |
| { | |
| // Take extra domain header into account | |
| if (domain_id) | |
| request_reply = this.read8(req_buf, 0x30/0x04); | |
| else | |
| request_reply = this.read8(req_buf, 0x20/0x04); | |
| } | |
| // Read the number of words in the reply | |
| var num_reply_words = this.read4(req_buf, 0x04/0x04); | |
| // Check for a reply handle | |
| if (num_reply_words & 0x80000000) | |
| { | |
| var num_reply_handles = this.read4(req_buf, 0x08/0x04); | |
| if (num_reply_handles == 0x20) | |
| { | |
| var reply_service_handle = this.read4(req_buf, 0x0C/0x04); | |
| if (show_log) | |
| utils.log('Got reply service handle: 0x' + reply_service_handle.toString(16)); | |
| // Return the handle in the reply | |
| request_reply[0] = reply_service_handle; | |
| } | |
| else if (num_reply_handles == 0x22) | |
| { | |
| var reply_event_handle = this.read4(req_buf, 0x0C/0x04); | |
| var reply_service_handle = this.read4(req_buf, 0x10/0x04); | |
| if (show_log) | |
| { | |
| utils.log('Got reply event handle: 0x' + reply_event_handle.toString(16)); | |
| utils.log('Got reply service handle: 0x' + reply_service_handle.toString(16)); | |
| } | |
| } | |
| else | |
| { | |
| var reply_unk_handle = this.read4(req_buf, 0x0C/0x04); | |
| if (show_log) | |
| utils.log('Got reply unknown handle: 0x' + reply_unk_handle.toString(16)); | |
| } | |
| } | |
| // Dump reply if necessary | |
| if (dump_reply) | |
| this.memdump(req_buf, 0x1000, "memdumps/srv_reply.bin"); | |
| } | |
| else if (request_res[0] == 0xF601) | |
| { | |
| // Close the handle | |
| var close_res = this.svc(0x16, [srv_handle], false); | |
| if (show_log) | |
| utils.log('svcCloseHandle: result == 0x' + close_res[0].toString(16)); | |
| } | |
| this.free(req_buf); | |
| return [request_res, err_code, request_reply]; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment