New phone discovery: Sony Ericsson J120
Vadim Yanitskiy
axilirator at gmail.com
Fri Dec 1 19:29:50 UTC 2023
Hi Mychaela and community,
On 30.11.2023 04:58, Mychaela Falconia wrote:
> However, I now have to revise that hypothesis - my current working
> hypothesis is that the swear block is, after all, fully defunct code,
> totally dead. My rationale: the portion of the firmware we are looking
> at here is clearly the .const section, equivalent of .rodata in more
> standard toolchains. In order for a datum in the .const section to be
> active in any way, used for anything, its absolute address has to
> appear as an aligned 32-bit word somewhere in the fw image, be it in a
> literal pool in a code section or a part of some other const or
> initialized data item. However, searching the hex dump for
> "F4 72 33 00" (that's how 32-bit word 0x3372F4 will appear in LE byte
> order in a hex dump) yields no hits - hence the datum appears to be
> dead indeed, included in an object that went into the link, but not
> referenced from anywhere.
sigh. I hoped until the last moment that your guess would be true :P
> Given that the swear block appears directly after some tables dealing
> with text entry via the numeric keypad, I wonder if the perhaps the
> table of swearwords was once written as some kind of prototype test
> code for a dictionary-based "predictive" text entry method - then later
> a "real" (more official) dictionary was implemented, but the naughty
> test table was never removed from the code, turning into a foul-taste
> Easter egg for reverse engineers looking at hex dump images decades
> later...
Could have pretty much been the case, yes.
> Anyways, this is all from me for now - I assume Vadim will probably
> post more info about this newly discovered phone later.
Today I took the phone apart and made a few photos of the PCB. Here is
the best one of them, uploaded to Osmocom's Redmine:
https://osmocom.org/attachments/7155
https://osmocom.org/attachments/download/7155/SE-J120i-PCB.jpg
* DBB: D751749ZPH
* RF PA: SKY77318-12 (similarly to SE K200)
* RF TRX: Si4210 (like in Motorola C168?)
* TI T3025BZQW (?)
* MX92U832ZCG (audio?)
* J030W[0D]YT02 (?)
--
Best regards,
Vadim.
More information about the Community
mailing list