From 5bfb344106f718e7de274be4fd46a4c689324c0a Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Tue, 10 Apr 2018 18:06:20 +0200 Subject: [PATCH] ar71xx: sysupgrade: improve CPE/WBS 210/510 validation, add new metadata offset Previously, tplink_pharos_check_image() would accept any image with ELF magic and only non-printable data in the support-list, as in this case the while-read loop would not run at all. Add the new support-list offset and ensure an image is only accepted when the model string is actually found. Signed-off-by: Matthias Schiffer --- .../ar71xx/base-files/lib/upgrade/platform.sh | 32 ++++++++++++------- 1 file changed, 20 insertions(+), 12 deletions(-) diff --git a/target/linux/ar71xx/base-files/lib/upgrade/platform.sh b/target/linux/ar71xx/base-files/lib/upgrade/platform.sh index 633a7e8e5673..376984a14a12 100755 --- a/target/linux/ar71xx/base-files/lib/upgrade/platform.sh +++ b/target/linux/ar71xx/base-files/lib/upgrade/platform.sh @@ -93,6 +93,22 @@ tplink_get_image_boot_size() { get_image "$@" | dd bs=4 count=1 skip=37 2>/dev/null | hexdump -v -n 4 -e '1/1 "%02x"' } +tplink_pharos_check_support_list() { + local image="$1" + local offset="$2" + local model="$3" + + # Here $image is given to dd directly instead of using get_image; + # otherwise the skip will take almost a second (as dd can't seek) + dd if="$image" bs=1 skip=$offset count=1024 2>/dev/null | ( + while IFS= read -r line; do + [ "$line" = "$model" ] && exit 0 + done + + exit 1 + ) +} + tplink_pharos_check_image() { local magic_long="$(get_magic_long "$1")" [ "$magic_long" != "7f454c46" ] && { @@ -101,18 +117,10 @@ tplink_pharos_check_image() { } local model_string="$(tplink_pharos_get_model_string)" - local line - - # Here $1 is given to dd directly instead of get_image as otherwise the skip - # will take almost a second (as dd can't seek then) - # - # This will fail if the image isn't local, but that's fine: as the - # read loop won't be executed at all, it will return true, so the image - # is accepted (loading the first 1.5M of a remote image for this check seems - # a bit extreme) - dd if="$1" bs=1 skip=1511432 count=1024 2>/dev/null | while read line; do - [ "$line" = "$model_string" ] && break - done || { + + # New images have the support list at 7802888, old ones at 1511432 + tplink_pharos_check_support_list "$1" 7802888 "$model_string" || \ + tplink_pharos_check_support_list "$1" 1511432 "$model_string" || { echo "Unsupported image (model not in support-list)" return 1 } -- 2.30.2