diff options
author | Matthias Schiffer <mschiffer@universe-factory.net> | 2018-04-10 18:06:20 +0200 |
---|---|---|
committer | Matthias Schiffer <mschiffer@universe-factory.net> | 2018-04-10 18:59:05 +0200 |
commit | 6577fe2198f5c75acb1dba789941d96a036f4dae (patch) | |
tree | 7435130841a984011beee59619a09d8f57fdb6e8 | |
parent | afca23558a2fbfb2cb044ec69bfb9a7447121927 (diff) | |
download | upstream-6577fe2198f5c75acb1dba789941d96a036f4dae.tar.gz upstream-6577fe2198f5c75acb1dba789941d96a036f4dae.tar.bz2 upstream-6577fe2198f5c75acb1dba789941d96a036f4dae.zip |
ar71xx: sysupgrade: improve CPE/WBS 210/510 validation, add new metadata offset
Previously, tplink_pharos_check_image() would accept any image with ELF
magic and only non-printable data in the support-list, as in this case the
while-read loop would not run at all. Add the new support-list offset and
ensure an image is only accepted when the model string is actually found.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
-rwxr-xr-x | target/linux/ar71xx/base-files/lib/upgrade/platform.sh | 32 |
1 files changed, 20 insertions, 12 deletions
diff --git a/target/linux/ar71xx/base-files/lib/upgrade/platform.sh b/target/linux/ar71xx/base-files/lib/upgrade/platform.sh index 21ad2a617d..d2dc88127c 100755 --- a/target/linux/ar71xx/base-files/lib/upgrade/platform.sh +++ b/target/linux/ar71xx/base-files/lib/upgrade/platform.sh @@ -93,6 +93,22 @@ tplink_get_image_boot_size() { get_image "$@" | dd bs=4 count=1 skip=37 2>/dev/null | hexdump -v -n 4 -e '1/1 "%02x"' } +tplink_pharos_check_support_list() { + local image="$1" + local offset="$2" + local model="$3" + + # Here $image is given to dd directly instead of using get_image; + # otherwise the skip will take almost a second (as dd can't seek) + dd if="$image" bs=1 skip=$offset count=1024 2>/dev/null | ( + while IFS= read -r line; do + [ "$line" = "$model" ] && exit 0 + done + + exit 1 + ) +} + tplink_pharos_check_image() { local magic_long="$(get_magic_long "$1")" [ "$magic_long" != "7f454c46" ] && { @@ -101,18 +117,10 @@ tplink_pharos_check_image() { } local model_string="$(tplink_pharos_get_model_string)" - local line - - # Here $1 is given to dd directly instead of get_image as otherwise the skip - # will take almost a second (as dd can't seek then) - # - # This will fail if the image isn't local, but that's fine: as the - # read loop won't be executed at all, it will return true, so the image - # is accepted (loading the first 1.5M of a remote image for this check seems - # a bit extreme) - dd if="$1" bs=1 skip=1511432 count=1024 2>/dev/null | while read line; do - [ "$line" = "$model_string" ] && break - done || { + + # New images have the support list at 7802888, old ones at 1511432 + tplink_pharos_check_support_list "$1" 7802888 "$model_string" || \ + tplink_pharos_check_support_list "$1" 1511432 "$model_string" || { echo "Unsupported image (model not in support-list)" return 1 } |