From: Michael Gernoth Date: Sat, 31 Jan 2009 22:09:02 +0000 (+0100) Subject: extract all files from the firmware image. X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/rsbs2/commitdiff_plain/1f1fa7b6b361da6fba6ec7f651ca589cb81a88c5?hp=9eb4b3c68c23622076943399ae2c8d298eb32799 extract all files from the firmware image. this should even make it possible, to build our own image with changed graphics, text, ... --- diff --git a/.gitignore b/.gitignore index 5c01e42..f5d5be4 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ +extract.o firmware firmware.o rsb-crc.o diff --git a/Makefile b/Makefile index cac4a66..25c0efe 100644 --- a/Makefile +++ b/Makefile @@ -2,15 +2,17 @@ CFLAGS=-Wall -O3 all: firmware -firmware: firmware.o rsb-crc.o rsb-lz.o +firmware: firmware.o rsb-crc.o rsb-lz.o extract.o -firmware.o: firmware.c rsb-crc.h rsb-lz.h +firmware.o: firmware.c rsb-crc.h extract.h rsb-crc.o: rsb-crc.c rsb-crc.h rsb-lz.o: rsb-lz.c rsb-lz.h +extract.o: extract.c extract.h rsb-lz.h + clean: - rm -f firmware firmware.o rsb-crc.o rsb-lz.o + rm -f firmware firmware.o rsb-crc.o rsb-lz.o extract.o .PHONY: all clean diff --git a/extract.c b/extract.c new file mode 100644 index 0000000..feab68f --- /dev/null +++ b/extract.c @@ -0,0 +1,148 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "rsb-lz.h" +#include "extract.h" + +void extract_files(unsigned char *fw, int len) +{ + unsigned char *pos; + unsigned int type, length; + char *name; + + pos = fw + 0x28; + printf("Start of filesystem: 0x%08x\n", *((unsigned int*)pos)); + + pos = fw + *((unsigned int*)pos); + + while (pos < (fw + len)) { + type = *((unsigned int*)pos); + pos += 4; + /* ??? */ + pos++; + length = *((unsigned int*)pos); + pos += 4; + name = (char*)pos; + pos += strlen(name) + 1; + + if ((pos + length) > (fw + len)) { + printf("EOF reached\n"); + break; + } + printf("%s: type: 0x%x, length: %d", name, type, length); + + if (length > 0) { + write_file(name, pos, length); + if (*((unsigned int*)pos) == LZ_MAGIC) { + char *lzname; + + if ((lzname = strdup(name)) == NULL) { + perror("strdup"); + exit(1); + } + + if (!strcmp(lzname + strlen(lzname) - 4 , ".lz")) { + fprintf(stderr, "Ugh, can't derive filename...\n"); + exit(1); + } + lzname[strlen(lzname) - 3] = 0x00; + + printf("%s: packed file found", lzname); + + extract_lz_file(pos, (unsigned char*)lzname); + free(lzname); + } else if (!strcmp(name, "firmware")) { + unsigned char *lzpos; + char lzname[128]; + + bzero(lzname, sizeof(lzname)); + strcpy(lzname, "firmware."); + + lzpos = pos + *((unsigned int*)(pos + 0x20)); + memcpy(lzname + strlen(lzname), lzpos - 4, 4); + lzpos += 4; + if (*((unsigned int*)(lzpos)) == LZ_MAGIC) { + printf("%s: compressed firmware part found", lzname); + extract_lz_file(lzpos, (unsigned char*)lzname); + } + } + } + + pos += length; + + } +} + +void mkdir_p(char *dir) +{ + char *copy, *parent; + + if ((dir == NULL) || (!strcmp(dir, "."))) + return; + + if ((copy = strdup(dir)) == NULL) { + perror("strdup"); + exit(1); + } + parent = dirname(copy); + mkdir_p(parent); + + errno = 0; + if (mkdir(dir, 0755) == -1) { + if (errno != EEXIST) { + fprintf(stderr, "%s: ", dir); + perror("mkdir"); + exit(1); + } + } + free(copy); +} + +void write_file(char *fname, unsigned char *buf, int len) +{ + char filename[PATH_MAX]; + char *filename_c, *dirn; + int fd; + int remaining; + int ret; + + strcpy(filename, "extracted/"); + strcat(filename, fname); + + if ((filename_c = strdup(filename)) == NULL) { + perror("strdup"); + exit(1); + } + dirn = dirname(filename_c); + mkdir_p(dirn); + free(filename_c); + + if ((fd = open(filename, O_WRONLY|O_CREAT, 0644)) == -1) { + fprintf(stderr, "%s: ", filename); + perror("open"); + exit(1); + } + + remaining = len; + + while(remaining) { + ret = write(fd, buf + (len - remaining), remaining); + if (ret < 0) { + perror("write"); + exit(1); + } + remaining -= ret; + } + + printf(", %s written.\n", filename); + + close(fd); +} diff --git a/extract.h b/extract.h new file mode 100644 index 0000000..d8b8d32 --- /dev/null +++ b/extract.h @@ -0,0 +1,2 @@ +void extract_files(unsigned char *fw, int len); +void write_file(char *fname, unsigned char *buf, int len); diff --git a/firmware.c b/firmware.c index 6ef5971..cd7927b 100644 --- a/firmware.c +++ b/firmware.c @@ -8,7 +8,7 @@ #include #include #include "rsb-crc.h" -#include "rsb-lz.h" +#include "extract.h" #define FINDSTR(addr, str) (!strncmp((char*)addr, str, strlen(str))) @@ -462,7 +462,7 @@ int main(int argc, char **argv) } if (extract) { - search_lz_sections(fw, statbuf.st_size - 4); + extract_files(fw, statbuf.st_size - 4); } if (update_crc || patch_fw || patch_bd) { diff --git a/rsb-lz.c b/rsb-lz.c index b624265..3e6e638 100644 --- a/rsb-lz.c +++ b/rsb-lz.c @@ -1,16 +1,12 @@ -#include -#include -#include -#include #include #include #include #include #include #include -#include #include "rsb-crc.h" #include "rsb-lz.h" +#include "extract.h" /* TODO: IMPLEMET THIS! */ /* Probably very broken lzw implementation by Agilent: @@ -638,72 +634,6 @@ unsigned int crc_check_59684(unsigned char *arg1, unsigned int arg2, unsigned in return 4; } -void mkdir_p(char *dir) -{ - char *copy, *parent; - - if ((dir == NULL) || (!strcmp(dir, "."))) - return; - - if ((copy = strdup(dir)) == NULL) { - perror("strdup"); - exit(1); - } - parent = dirname(copy); - mkdir_p(parent); - - errno = 0; - if (mkdir(dir, 0755) == -1) { - if (errno != EEXIST) { - fprintf(stderr, "%s: ", dir); - perror("mkdir"); - exit(1); - } - } - free(copy); -} - -void write_file(char *fname, unsigned char *buf, int len) -{ - char filename[PATH_MAX]; - char *filename_c, *dirn; - int fd; - int remaining; - int ret; - - strcpy(filename, "extracted/"); - strcat(filename, fname); - - if ((filename_c = strdup(filename)) == NULL) { - perror("strdup"); - exit(1); - } - dirn = dirname(filename_c); - mkdir_p(dirn); - free(filename_c); - - if ((fd = open(filename, O_WRONLY|O_CREAT, 0644)) == -1) { - fprintf(stderr, "%s: ", filename); - perror("open"); - exit(1); - } - - remaining = len; - - while(remaining) { - ret = write(fd, buf + (len - remaining), remaining); - if (ret < 0) { - perror("write"); - exit(1); - } - remaining -= ret; - } - - printf(", %s written.\n", filename); - - close(fd); -} - void extract_lz_file(unsigned char *buf, unsigned char *name) { unsigned char *r3; @@ -757,38 +687,3 @@ void extract_lz_file(unsigned char *buf, unsigned char *name) free(r7); } - -void search_lz_sections(unsigned char *fw, int len) -{ - int i; - unsigned char *j; - - for(i = 0; i < len - 4; i++) { - if (*((unsigned int*)(fw+i)) == LZ_MAGIC) { - j = fw + i - 1; - printf("0x%02x: ", i); - j--; - while (j > fw) { - if (!strncmp("SP3", (char*)j, 3)) { - unsigned char fname[5]; - - bzero(fname, sizeof(fname)); - memcpy(fname, j, 4); - printf("Firmware found: %s", fname); - extract_lz_file(fw + i, fname); - break; - } - if (*j == 0x00) { - if ((*(j+1) != '/')) { - printf("ignoring...\n"); - break; - } - printf("%s", j+1); - extract_lz_file(fw + i, j+1); - break; - } - j--; - } - } - } -} diff --git a/rsb-lz.h b/rsb-lz.h index 5e1fd6d..ed0d4fb 100644 --- a/rsb-lz.h +++ b/rsb-lz.h @@ -1,3 +1,3 @@ #define LZ_MAGIC 0x6110beef -void search_lz_sections(unsigned char *fw, int len); +void extract_lz_file(unsigned char *buf, unsigned char *name);