search

al3xtjames / ghidra-firmware-utils

Ghidra utilities for analyzing PC firmware
Other
386 stars 43 forks source link

Out-of-bounds flash region when importing filesystem #21

Closed davidpanic closed 2 years ago

davidpanic commented 2 years ago 
Out-of-bounds flash region
java.io.IOException: Out-of-bounds flash region
    at firmware.ifd.IntelFlashDescriptor.addRegion(IntelFlashDescriptor.java:297)
    at firmware.ifd.IntelFlashDescriptor.<init>(IntelFlashDescriptor.java:243)
    at firmware.ifd.IntelFlashFileSystem.mount(IntelFlashFileSystem.java:45)
    at firmware.ifd.IntelFlashFileSystemFactory.create(IntelFlashFileSystemFactory.java:47)
    at firmware.ifd.IntelFlashFileSystemFactory.create(IntelFlashFileSystemFactory.java:30)
    at ghidra.formats.gfilesystem.factory.FileSystemFactoryMgr.mountUsingFactory(FileSystemFactoryMgr.java:176)
    at ghidra.formats.gfilesystem.factory.FileSystemFactoryMgr.probe(FileSystemFactoryMgr.java:338)
    at ghidra.formats.gfilesystem.FileSystemService.probeFileForFilesystem(FileSystemService.java:679)
    at ghidra.formats.gfilesystem.FileSystemService.probeFileForFilesystem(FileSystemService.java:630)
    at ghidra.plugins.fsbrowser.FileSystemBrowserPlugin.doOpenFilesystem(FileSystemBrowserPlugin.java:231)
    at ghidra.plugins.fsbrowser.FileSystemBrowserPlugin.lambda$openFileSystem$0(FileSystemBrowserPlugin.java:118)
    at ghidra.util.task.TaskLauncher$2.run(TaskLauncher.java:117)
    at ghidra.util.task.Task.monitoredRun(Task.java:134)
    at ghidra.util.task.TaskRunner.lambda$startTaskThread$0(TaskRunner.java:106)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
    at java.base/java.lang.Thread.run(Thread.java:833)

---------------------------------------------------
Build Date: 2022-May-21 0030 CEST
Ghidra Version: 10.1.4
Java Home: /usr/lib/jvm/java-18-openjdk
JVM Version: N/A 18.0.1.1
OS: Linux 5.18.10-artix1-1 amd64
$ file 7G1_0123.bin 
7G1_0123.bin: Intel serial flash for ICH/PCH ROM <= 5 or 3400 series A-step

https://drive.google.com/file/d/1aS-yfqtqNPat7br6KKPT2NDDWbYwEFLA/view?usp=sharing

al3xtjames commented 2 years ago

Thanks for the report. The IFD in this BIOS doesn't include the usual 16 byte zero vector before the 0x0FF0A55A signature. Offset calculations seem to still work if I ignore the zero vector in this case, so I'll just do that.

BTW, I don't think this system uses UEFI. The usual firmware volume magic (_FVH) isn't present in the BIOS region.