project/fwtool.git
5 years agofix possible garbage in unitialized char* struct members
Petr Štetiar [Wed, 23 Oct 2019 10:11:47 +0000 (12:11 +0200)]
fix possible garbage in unitialized char* struct members

scan-build from clang version 9 has reported following issues:

 crc32.h:44:32: warning: The right operand of '^' is a garbage value
                val = crc_table[(uint8_t)val ^ *(uint8_t*)buf] ^ (val >> 8);
                                             ^ ~~~~~~~~~~~~~~

cppcheck version 1.89 has reported following issues:

 fwtool.c:260:9: error: Uninitialized variable: dest [uninitvar]
  memcpy(dest, dbuf->cur + dbuf->cur_len - cur_len, cur_len);
         ^
 fwtool.c:333:27: note: Calling function 'extract_tail', 2nd argument '&tr' value is <Uninit>
   if (extract_tail(&dbuf, &tr, sizeof(tr))) {
                           ^

Signed-off-by: Petr Štetiar <ynezz@true.cz>
5 years agofix possible copy of null buffer and validation of unitialized header
Petr Štetiar [Tue, 22 Oct 2019 12:05:39 +0000 (14:05 +0200)]
fix possible copy of null buffer and validation of unitialized header

scan-build from clang version 9 has reported following issues:

 fwtool.c:257:2: warning: Null pointer passed as an argument to a 'nonnull' parameter
        memcpy(dest, dbuf->cur + dbuf->cur_len - cur_len, cur_len);
        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 fwtool.c:275:20: warning: The left operand of '!=' is a garbage value
         if (hdr->version != 0)
             ~~~~~~~~~~~~ ^

Signed-off-by: Petr Štetiar <ynezz@true.cz>
5 years agocrc32: add missing stdint.h dependency
Petr Štetiar [Tue, 22 Oct 2019 11:21:17 +0000 (13:21 +0200)]
crc32: add missing stdint.h dependency

In order to fix compile error if using this header standalone, in unit
tests for example.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
5 years agoadd cram based unit tests
Petr Štetiar [Thu, 17 Oct 2019 20:50:06 +0000 (22:50 +0200)]
add cram based unit tests

For improved QA etc.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
5 years agoadd initial GitLab CI support
Petr Štetiar [Thu, 17 Oct 2019 12:55:02 +0000 (14:55 +0200)]
add initial GitLab CI support

Uses currently proof-of-concept openwrt-ci[1] in order to:

 * improve the quality of the codebase in various areas
 * decrease code review time and help merging contributions faster
 * get automagic feedback loop on various platforms and tools
   - out of tree build with OpenWrt SDK on following targets:
     * ath79-generic
     * imx6-generic
     * malta-be
     * mvebu-cortexa53
   - out of tree native build on x86/64 with GCC (versions 7, 8, 9) and Clang 9
   - out of tree native x86/64 static code analysis with cppcheck and
     scan-build from Clang 9

1. https://gitlab.com/ynezz/openwrt-ci/

Signed-off-by: Petr Štetiar <ynezz@true.cz>
5 years agoiron out extra compiler warnings
Petr Štetiar [Thu, 17 Oct 2019 13:08:15 +0000 (15:08 +0200)]
iron out extra compiler warnings

 fwtool.c:216:3: error: ignoring return value of ‘ftruncate’, declared with attribute warn_unused_result [-Werror=unused-result]
 fwtool.c:376:3: error: ignoring return value of ‘ftruncate’, declared with attribute warn_unused_result [-Werror=unused-result]

Signed-off-by: Petr Štetiar <ynezz@true.cz>
5 years agoconvert into CMake project
Petr Štetiar [Thu, 17 Oct 2019 12:50:48 +0000 (14:50 +0200)]
convert into CMake project

Aligning it with other C based projects.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
5 years agorefactor into separate Git project
Petr Štetiar [Thu, 17 Oct 2019 12:47:02 +0000 (14:47 +0200)]
refactor into separate Git project

For improved reusability, testing etc.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
5 years agofwtool: do not omit final 16 byte when image does not contain signature
Jo-Philipp Wich [Thu, 17 Oct 2019 14:59:11 +0000 (16:59 +0200)]
fwtool: do not omit final 16 byte when image does not contain signature

The fwutil command will interpret the final 16 byte of a given firmware
image files as "struct fwimage_trailer".

In case these bytes do look like a valid trailer, we must ensure that we
print them out along with the remainder of the image to not accidentally
truncate non-trailer-images by 16 bytes when they're piped through fwtool,
e.g. as part of an image verification command sequence.

Some command sequences pipe images through fwtool in order to strip any
possible metadata, certificate or signature trailers and do not expect
bare images without any of that metadata to get truncated as other non-
fwtool specific metadata is expected at the end of the file, e.g. an
information block with an md5sum in case of the combined image format.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agofwtool: add support for extracting the truncated data part to stdout
Felix Fietkau [Tue, 12 Feb 2019 15:24:14 +0000 (16:24 +0100)]
fwtool: add support for extracting the truncated data part to stdout

This allows extracing the firmware + metadata from a signed firmware without
altering the original image file

Signed-off-by: Felix Fietkau <nbd@nbd.name>
5 years agofwtool: do not strip metadata if extracting signature
Felix Fietkau [Tue, 12 Feb 2019 14:59:11 +0000 (15:59 +0100)]
fwtool: do not strip metadata if extracting signature

This allows the signature to cover the metadata area

Signed-off-by: Felix Fietkau <nbd@nbd.name>
8 years agofwtool: add utility for appending and extracting firmware metadata/signatures
Felix Fietkau [Mon, 14 Nov 2016 15:02:46 +0000 (16:02 +0100)]
fwtool: add utility for appending and extracting firmware metadata/signatures

This will be used to append extra information to images which allows the
system to verify if an image is compatible with the system.

The extra data is appended to the end of the image, where it will be
ignored when upgrading from systems that do not process this data yet:

If the image is a squashfs or jffs2 image, the extra data will land
after the end-of-filesystem marker, where it will be overwritten once
the system boots for the first timee.

If the image is a sysupgrade tar file, tar will simply ignore the extra
data when unpacking.

The layout of the metadata/signature chunks is constructed in a way
that the last part contains just a magic and size information, so that
the tool can quickly check if any valid data is present without having
to do a pattern search throughout the full image.

Chunks also contain CRC32 information to detect file corruption, even
when the image is not signed.

Signed-off-by: Felix Fietkau <nbd@nbd.name>