gruffus / firmware-mod-kit

Automatically exported from code.google.com/p/firmware-mod-kit
0 stars 0 forks source link

unsquashfs segfault on 64bit machines #121

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
Using binwalk with the -e option in order to extract an squashfs ends up in 
segmentation fault of a tool inside FMK.

Working with 
http://212.166.190.34/zonadescargas/AI_VA_DD_HG556aV100R001C10B077.zip

$ binwalk -e HG556aV100R001C10B077.bin -vv

Scan Time:     2013-11-12 09:06:36
Signatures:    212
Target File:   HG556aV100R001C10B077.bin
MD5 Checksum:  45c8569283fa78cd5033c2f55651baca

DECIMAL     HEX         DESCRIPTION
--------------------------------------------------------------------------------
-----------------------------------
  File "./src/binwalk-1.0/src/bin/binwalk-script", line 14
    print "Progress: %.2f%% (%d / %d)\n" % (((float(bwalk.total_scanned) / float(bwalk.scan_length)) * 100), bwalk.total_scanned, bwalk.scan_length)
                                       ^
SyntaxError: invalid syntax
Attempting to extract SquashFS .X file system...

Trying ./src/squashfs-2.1-r2/unsquashfs-lzma... 
created 80 files
created 75 directories
created 80 symlinks
created 0 devices
created 0 fifos

Trying ./src/squashfs-2.1-r2/unsquashfs... 
created 80 files
created 75 directories
created 80 symlinks
created 0 devices
created 0 fifos

Trying ./src/squashfs-3.0/unsquashfs-lzma... 
Trying ./src/squashfs-3.0/unsquashfs... 
Trying ./src/squashfs-3.0-lzma-damn-small-variant/unsquashfs-lzma... 
Trying ./src/others/squashfs-2.0-nb4/unsquashfs... 
/opt/firmware-mod-kit/unsquashfs_all.sh: line 38:  2917 Segmentation fault      
(core dumped) $unsquashfs $DEST $IMG 2> /dev/null
File system sucessfully extracted!
MKFS="./src/others/squashfs-2.0-nb4/mksquashfs"
256         0x100       Squashfs filesystem, big endian, version 2.0, size: 
10363625 bytes, 1195 inodes, blocksize: 8192 bytes, created: Sun Jun  3 
23:05:46 2012 

As it turns out, this only happens in 64bit machines context, running perfectly 
on 32bit ones.

If you are not willing to debug and fix this beware that I will attempt to when 
I have more time, so please don't mark instantaniously as wont fix.

Thanks in advance.

Original issue reported on code.google.com by antoniov...@gmail.com on 16 Nov 2013 at 3:35

GoogleCodeExporter commented 9 years ago
Valgrind has tracked this down to the OutWindowCopyBackBlock function, which is 
a "BRCM modification" in the WindowOut.h file (I've never seen good code from 
Broadcom).

Specifically it is performing an invalid read on a pointer address that is not 
mapped in memory. The invalid address on my 64 bit machine is 0x010541D087, 
while it appears that this address should be 0x0541D087. That high byte (0x01) 
is outside the range of a 32-bit address, which is probably why this works fine 
in 32-bit environments.

Still looking in to the specific cause and a fix.

Original comment by heffne...@gmail.com on 26 Nov 2013 at 3:41

GoogleCodeExporter commented 9 years ago
Any improvement here?

Thanks for your time.

Original comment by antoniov...@gmail.com on 3 Jan 2014 at 8:10

GoogleCodeExporter commented 9 years ago
I meet the same problem. I run archlinux 64bit in VM virtual.

Download the file from: www.dd-wrt.com : dd-wrt.v24_std_generic.bin
run the last fmk tools: extract-firmware.sh 

Here is error:

Firmware Mod Kit (extract) 0.99, (c)2011-2013 Craig Heffner, Jeremy Collake

Preparing tools ...
Scanning firmware...
  File "./src/binwalk-1.0/src/bin/binwalk-script", line 14
    print "Progress: %.2f%% (%d / %d)\n" % (((float(bwalk.total_scanned) / float(bwalk.scan_length)) * 100), bwalk.total_scanned, bwalk.scan_length)
                                       ^
SyntaxError: invalid syntax
sort: cannot read: /home/huatian/firmware_mod_kit/work/logs/binwalk.log: No 
such file or directory
Extracting 0 bytes of  header image at offset 0
ERROR: No supported file system found! Aborting...

Original comment by GuHuat...@gmail.com on 1 Feb 2014 at 2:37