yak
06-02-2006, 03:23 PM
Hi, since I've reversed the classes/objects system of DCT4 phones I would like to share the knowledge.
/*
Nokia Object Oriented Model
---------------------------
Such object oriented model can be found in most if not all DCT4 phones and also in 7110/6210 (DCT3).
Reversed by [Yak]
*/
typedef struct
{
Class *Class;
// Object's private data follow
} Object;
typedef struct
{
unsigned short ID;
unsigned (*Handler)(Object *This, unsigned short MethodID, unsigned Arg0, unsigned Arg1, unsigned Arg2);
} Method;
typedef struct
{
Class *Class;
Class *SuperClass;
Method *Methods; // table of methods, last one has ID == M_C_END
unsigned short MethodsCount;
unsigned short ObjectSize;
char *Name;
} Class;
/* calling methods on objects */
unsigned DoMethod(Object *O, unsigned short MethodID);
unsigned DoMethod1(Object *O, unsigned short MethodID, unsigned Arg0);
unsigned DoMethod2(Object *O, unsigned short MethodID, unsigned Arg0, unsigned Arg1);
unsigned DoMethod3(Object *O, unsigned short MethodID, unsigned Arg0, unsigned Arg1, unsigned Arg2);
/* calling methods of superclass; used in class methods handlers */
unsigned DoClassSuperMethod(Class *C, Obejct *O, unsigned short MethodID, unsigned Arg0, unsigned Arg1, unsigned Arg2);
#define M_IS_OF_CLASS (0xC000)
#define M_GET_METHOD_HANDLER (0xC001)
#define M_GET_CLASS (0xC002)
#define M_NEW (0xC003)
#define M_CONSTRUCTOR (0xC004)
#define M_DELETE (0xC005)
#define M_DESTRUCTOR (0xC006)
#define M_C_END (0x0000)
#define M_C_ANY (0xffff)
/*
M_IS_OF_CLASS
-------------
ret = DoMethod1(object, M_IS_OF_CLASS, class);
Checks if <object> is derived from specified <class>. Returns 1 if yes or 0 if no.
M_GET_METHOD_HANDLER
--------------------
handler = DoMethod1(object, M_GET_METHOD_HANDLER, method_id);
Returns the method handling function pointer for specified <method_id>. Returns
NULL if <object> doesn't support <method_id> method.
M_GET_CLASS
-----------
class = DoMethod(object, M_GET_CLASS);
Returns a pointer to <object>'s class.
M_NEW
-----
object = DoMethod(former, M_NEW);
object = DoMethod1(former, M_NEW, space);
object = DoMethod2(former, M_NEW, space, arg1);
object = DoMethod3(former, M_NEW, space, arg1, arg2);
Creates a new object and returns a pointer to it. The <former> can be either an
already existing object of some class or directly a class pointer. If <space>
is specified and not NULL, no memory is allocated, instead, the object is
created at the address specified by <space> (be sure to have enough space there).
After creating, M_CONSTRUCTOR method is called. All the arguments are passed to it.
M_CONSTRUCTOR
-------------
DoMethod(object, M_CONSTRUCTOR);
DoMethod1(object, M_CONSTRUCTOR, arg0);
DoMethod2(object, M_CONSTRUCTOR, arg0, arg1);
DoMethod3(object, M_CONSTRUCTOR, arg0, arg1, arg2);
Initializes an object. If called from M_NEW received its <space> argument as
<arg0>.
M_DELETE
--------
DoMethod(object, M_DELETE);
Deletes an object. However, before it is done, M_DESTRUCTOR is called to
deinitialize the object (free its all resources).
M_DESTRUCTOR
------------
DoMethod(object, M_DESTRUCTOR);
Deinitializes an object.
M_C_END
-------
Special ID used to mark the end of methods table in a class.
M_C_ANY
-------
Special ID used to mark a method in methods table of a class. Such a method will
be called for any method called on the object.
*/
/*
Addresses:
DoMethod() .............: 8310 v6.20 at 0x12cec02
DoMethod1() ............: 8310 v6.20 at 0x12cebdc
DoMethod2() ............: 8310 v6.20 at 0x12cebb4
DoMethod3() ............: 8310 v6.20 at 0x12ceb8c
DoClassSuperMethod() ...: 8310 v6.20 at 0x12cec24
Object (abstract) ......: root class, all other are subclasses of this one.
8310 v6.20 at 0x14e215c
*/
Pointers are for 8310 but I've also found all this in 3100 and 5140i.
In the attachment you will find a tree of classes in 8310 v6.20. The ZIP'ed one contains a complete tree with all the methods and class references found in the code.
Happy reversing.
[Yak]
/*
Nokia Object Oriented Model
---------------------------
Such object oriented model can be found in most if not all DCT4 phones and also in 7110/6210 (DCT3).
Reversed by [Yak]
*/
typedef struct
{
Class *Class;
// Object's private data follow
} Object;
typedef struct
{
unsigned short ID;
unsigned (*Handler)(Object *This, unsigned short MethodID, unsigned Arg0, unsigned Arg1, unsigned Arg2);
} Method;
typedef struct
{
Class *Class;
Class *SuperClass;
Method *Methods; // table of methods, last one has ID == M_C_END
unsigned short MethodsCount;
unsigned short ObjectSize;
char *Name;
} Class;
/* calling methods on objects */
unsigned DoMethod(Object *O, unsigned short MethodID);
unsigned DoMethod1(Object *O, unsigned short MethodID, unsigned Arg0);
unsigned DoMethod2(Object *O, unsigned short MethodID, unsigned Arg0, unsigned Arg1);
unsigned DoMethod3(Object *O, unsigned short MethodID, unsigned Arg0, unsigned Arg1, unsigned Arg2);
/* calling methods of superclass; used in class methods handlers */
unsigned DoClassSuperMethod(Class *C, Obejct *O, unsigned short MethodID, unsigned Arg0, unsigned Arg1, unsigned Arg2);
#define M_IS_OF_CLASS (0xC000)
#define M_GET_METHOD_HANDLER (0xC001)
#define M_GET_CLASS (0xC002)
#define M_NEW (0xC003)
#define M_CONSTRUCTOR (0xC004)
#define M_DELETE (0xC005)
#define M_DESTRUCTOR (0xC006)
#define M_C_END (0x0000)
#define M_C_ANY (0xffff)
/*
M_IS_OF_CLASS
-------------
ret = DoMethod1(object, M_IS_OF_CLASS, class);
Checks if <object> is derived from specified <class>. Returns 1 if yes or 0 if no.
M_GET_METHOD_HANDLER
--------------------
handler = DoMethod1(object, M_GET_METHOD_HANDLER, method_id);
Returns the method handling function pointer for specified <method_id>. Returns
NULL if <object> doesn't support <method_id> method.
M_GET_CLASS
-----------
class = DoMethod(object, M_GET_CLASS);
Returns a pointer to <object>'s class.
M_NEW
-----
object = DoMethod(former, M_NEW);
object = DoMethod1(former, M_NEW, space);
object = DoMethod2(former, M_NEW, space, arg1);
object = DoMethod3(former, M_NEW, space, arg1, arg2);
Creates a new object and returns a pointer to it. The <former> can be either an
already existing object of some class or directly a class pointer. If <space>
is specified and not NULL, no memory is allocated, instead, the object is
created at the address specified by <space> (be sure to have enough space there).
After creating, M_CONSTRUCTOR method is called. All the arguments are passed to it.
M_CONSTRUCTOR
-------------
DoMethod(object, M_CONSTRUCTOR);
DoMethod1(object, M_CONSTRUCTOR, arg0);
DoMethod2(object, M_CONSTRUCTOR, arg0, arg1);
DoMethod3(object, M_CONSTRUCTOR, arg0, arg1, arg2);
Initializes an object. If called from M_NEW received its <space> argument as
<arg0>.
M_DELETE
--------
DoMethod(object, M_DELETE);
Deletes an object. However, before it is done, M_DESTRUCTOR is called to
deinitialize the object (free its all resources).
M_DESTRUCTOR
------------
DoMethod(object, M_DESTRUCTOR);
Deinitializes an object.
M_C_END
-------
Special ID used to mark the end of methods table in a class.
M_C_ANY
-------
Special ID used to mark a method in methods table of a class. Such a method will
be called for any method called on the object.
*/
/*
Addresses:
DoMethod() .............: 8310 v6.20 at 0x12cec02
DoMethod1() ............: 8310 v6.20 at 0x12cebdc
DoMethod2() ............: 8310 v6.20 at 0x12cebb4
DoMethod3() ............: 8310 v6.20 at 0x12ceb8c
DoClassSuperMethod() ...: 8310 v6.20 at 0x12cec24
Object (abstract) ......: root class, all other are subclasses of this one.
8310 v6.20 at 0x14e215c
*/
Pointers are for 8310 but I've also found all this in 3100 and 5140i.
In the attachment you will find a tree of classes in 8310 v6.20. The ZIP'ed one contains a complete tree with all the methods and class references found in the code.
Happy reversing.
[Yak]