Roger Binns
2004-05-02 08:15:26 UTC
The code in CVS can now read the CDM8900 phonebook. If you have a 8900,
please try it out. (You won't hurt your phone).
There are two fields whose values don't quite make sense. Turn on protocol
logging, read your phonebook, and then press Ctrl-Alt-P in the log pane.
Look for ones where the class ends in readpbentryresponse (they are of
size 344) and come just before an entry saying "Read entry 9 - a name".
In the middle pane, open the tree view. The two fields are the ones I
marked as previous and next. They mostly seem to point to the previous
and next entry/slot numbers on the phone display (ie control the sort
order). They were perfectly in tune with the sort order for me until
I started screwing with phonebook entries (adding/removing some, setting
entries to secret) at which point many seemed to point to 0xffff.
I would be interested in thoughts on what they could be.
For those who are curious (eg Stephen :-) the phone has 300 slots
available for phonebook entries. There is one request to get a listing
of which slots are in use (with a byte per slot, a non-zero value in
the byte). It also has yet another silly way of encoding strings
for the phone numbers (other strings use a different mechanism).
There is a count byte, followed by a fix sized buffer. The count
says how many of the bytes make up the string. It also uses a
scheme where if a response is 123 bytes, you have to send a 123 byte
request (ie requests must be the same size as the expected response).
It also has no error codes. If you ask for a slot that has nothing
in it, you get almost random data back. The same is true of
padding in the strings. (If it was actually using the buffer
I sent, I would have expected nulls). It still boggles my mind
how badly written the embedded software is in these phones.
Roger
please try it out. (You won't hurt your phone).
There are two fields whose values don't quite make sense. Turn on protocol
logging, read your phonebook, and then press Ctrl-Alt-P in the log pane.
Look for ones where the class ends in readpbentryresponse (they are of
size 344) and come just before an entry saying "Read entry 9 - a name".
In the middle pane, open the tree view. The two fields are the ones I
marked as previous and next. They mostly seem to point to the previous
and next entry/slot numbers on the phone display (ie control the sort
order). They were perfectly in tune with the sort order for me until
I started screwing with phonebook entries (adding/removing some, setting
entries to secret) at which point many seemed to point to 0xffff.
I would be interested in thoughts on what they could be.
For those who are curious (eg Stephen :-) the phone has 300 slots
available for phonebook entries. There is one request to get a listing
of which slots are in use (with a byte per slot, a non-zero value in
the byte). It also has yet another silly way of encoding strings
for the phone numbers (other strings use a different mechanism).
There is a count byte, followed by a fix sized buffer. The count
says how many of the bytes make up the string. It also uses a
scheme where if a response is 123 bytes, you have to send a 123 byte
request (ie requests must be the same size as the expected response).
It also has no error codes. If you ask for a slot that has nothing
in it, you get almost random data back. The same is true of
padding in the strings. (If it was actually using the buffer
I sent, I would have expected nulls). It still boggles my mind
how badly written the embedded software is in these phones.
Roger