The Locknut samples consist of 3 files, 2 RSC files and an app. The app is 6 bytes long, obviously an invalid size.
RSC files are not 'active' files. Data in RSC files are interpreted by individual apps, the OS just loads your buffers. One of the RSC files, the largest appears to be a plain text file.
Apparently the Appserver crashes when attempting to run the locknut app. Per other descriptions it appears that only Symbian version 7.0s and later are affected.
Attempting to load a 6 byte file that is too small to contain either a standard app header or even a rom exe header seems like a big oversight on the part of Symbian's developers. Considering that earlier versions are not affected, the question becomes what has changed in program loading with the arrival of version 7.0s. It occurred to me that perhaps it has something to do with the new compressed executable feature introduced in that same version.
The Symbian executable file format has been the same from ER5 through to version 6. This format is documented with symbian's release of the source code of petran. The new version, compressed executable modifies the header a bit to provide flags for compression and compression type. These are not yet publically documented.
The crash of the appserver could be attributed to buggy new code involved in handling compressed executables. It would be bad if this were the case, as similar to the recent J2Me vulnerabilities fixing the problem would require ROM replacements. Depending on number of units sold, this may be more feasible to prevent with software and prudence.
RSC files are not 'active' files. Data in RSC files are interpreted by individual apps, the OS just loads your buffers. One of the RSC files, the largest appears to be a plain text file.
Apparently the Appserver crashes when attempting to run the locknut app. Per other descriptions it appears that only Symbian version 7.0s and later are affected.
Attempting to load a 6 byte file that is too small to contain either a standard app header or even a rom exe header seems like a big oversight on the part of Symbian's developers. Considering that earlier versions are not affected, the question becomes what has changed in program loading with the arrival of version 7.0s. It occurred to me that perhaps it has something to do with the new compressed executable feature introduced in that same version.
The Symbian executable file format has been the same from ER5 through to version 6. This format is documented with symbian's release of the source code of petran. The new version, compressed executable modifies the header a bit to provide flags for compression and compression type. These are not yet publically documented.
The crash of the appserver could be attributed to buggy new code involved in handling compressed executables. It would be bad if this were the case, as similar to the recent J2Me vulnerabilities fixing the problem would require ROM replacements. Depending on number of units sold, this may be more feasible to prevent with software and prudence.
No comments:
Post a Comment