Update README.md

2025-08-12 08:12:22 +00:00 · 2024-06-01 10:54:40 +01:00 · 2024-06-01 10:54:40 +01:00 · 0cae02a259
commit 0cae02a259
parent 95988c0208
1 changed files with 24 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -16,3 +16,26 @@ I am interested in seeing a frequency analysis into a dummy load of the radio on

 # TA3782F
 Most of the components in this radio are well known off the shelf stuff. However this TA3782F MCU is not and there is practically no documentation for it. I initially believed this to be some MCU utilizing an Arm Cortex-M4 core, but now I'm almost convinced this is not the case. I'm leaning toward some kind of Intel 8051 MCU architecture as this is providing some meaningful disassembly in IDA Pro.  
+
+Here's a typical snippet of disassembly of the firmware image assuming Intel 8051 code architecture
+
+...
+code:0000B98D code_B98D:                              ; CODE XREF: code_B949+5B↓j
+code:0000B98D                 mov     A, #0x52 ; 'R'
+code:0000B98F                 add     A, RAM_30
+code:0000B991                 mov     DPL, A          ; Data Pointer, Low Byte
+code:0000B993                 clr     A
+code:0000B994                 addc    A, #4
+code:0000B996                 mov     DPH, A          ; Data Pointer, High Byte
+code:0000B998                 movx    A, @DPTR
+code:0000B999                 mov     R7, A
+code:0000B99A                 lcall   code_F101
+code:0000B99D                 inc     RAM_30
+code:0000B99F                 mov     A, RAM_30
+code:0000B9A1                 clr     C
+code:0000B9A2                 subb    A, #0x25 ; '%'
+code:0000B9A4                 jc      code_B98D
+code:0000B9A6                 ret
+...
+
+The structure and logic of this section does seem to make sense, it's performing some kind of loop, incrementing a ram pointer, until some condition is met then returning.