Hi Everyone:
I'm hoping that someone can help me with a problem I am trying to diagnose. I
have a
user with a Palm Vx who is having synchronization problems (actually, he and a friend
of his have
the exact same problem). It appears that when running a serial line monitor on his
sync port, the
SLP header, source socket and destination socket bytes are being modified. I've taken
a
capture; here is some sample output for a single SLP "packet":
01 C2 00 86 B1 02 00 0E FF AF <-- SLP packet header
01 C0 00 0A 01 00 01 02 00 00 00 01 C2 00 <- valid PAD Packet
data
86 B1 <- SLP CRC
The header preamble bytes are not 0xBE, 0xEF and 0xED that the latest PalmOS
header
files would have us expect. The source/destination socket bytes also appear to be
incorrect;
instead of the expected 0x03 for each (the Desktop Link socket), they are receiving
'0x86' and
'0xB1' respectively.
Stranger yet is that the SLP packet header checksum, and the SLP packet CRC
are both
calculated assuming the correct values -- that is, they are only valid if the first 5
bytes were BE EF
ED 03 03 as would normally be expected. If this were something changed by Palm for
the Vx, I
would have expected that the checksum and CRC bytes would reflect this by being valid
for the
above packet data.
No other bytes are being "morphed" like this, and these values were captured
directly
from the serial driver, so they were not modified by the synchronization software. It
is imaginable
that the serial driver is modifying these bytes, however as the driver only provides a
byte at a time,
one would think that this sort of byte modification would be randomized, and not just
for the first 5
bytes per SLP packet.
Frankly, I'm at a loss. Does anyone know of an add-on or an OS hack that
would do this?
Could it be (and I dread to think this...) some sort of malicious trojan-type piece of
code that they
have installed which is overlaying the first 5 bytes of each packet? Or has Palm
indeed changed
something for the Vx?
I can work around the problem for the two users in question for now, but would
prefer a
valid explaination as to what's going on here. Of the hundreds of users I support,
only two have
ever encountered this problem -- and both of them directly know each other.
If anyone has any idea, please let me know. Thanks!
Brad BARCLAY
=-=-=-=-=-=-=-=-=
>From the OS/2 WARP v4.5 Desktop of Brad BARCLAY.
E-Mail: [EMAIL PROTECTED] WWW: http://yaztromo.idirect.com
Public PGP Key available upon request. [ ] VoiceType Dictated.
--
For information on using the Palm Developer Forums, or to unsubscribe, please see
http://www.palmos.com/dev/tech/support/forums/
