Closed sle118 closed 1 year ago
@sle118 actually, that is coming from the boot loader. Some versions 'check' if the required parameters are in the command line before adding them into it, other versions simply 'add' the parameters to the end 'assuming' they're not there (that's what you got).
It is not a reason to be concerned since the first parameters are usually what matter. You will not be able to remove the duplicate parameters at the end, but you can remove the 'first' duplicate part if you wanted (by removing them from the env file).
My advice is always: if it is working, don't mess with it -- you may end up getting into trouble from a perfectly working state. There's not even a reason to ever try to 'remove' the custom stuff we added since you could simply format or remove the SD card to run the default/stock firmware.
Amazing. Your contribution allowed me to justify getting my hands dirty for the first time with Ghidra and I have no regret!
I believe the version I'm running has all it takes to protect the rtsp feed with a password, but I'll have to do a bit of a deep dive to check (there are functions dealing with some basic auth and things).
@guino thank you for your well documentation exploratory dive and for being there answering questions from others.
Everything works perfectly well and with the help of your instructions on ppsapp-rtsp, I was also able to provide a patch for my version/hardware.
Now there's one annoyance I'd like to resolve. I managed to create a cmdline file with the following:
mem=37M console=ttyAMA0,115200n8 mtdparts=hi_sfc:192k(bld)ro,64k(env)ro,64k(enc)ro,64k(sysflg)ro,3136k(sys),4224k(app),448k(cfg) ppsAppParts=5 ppsWatchInitEnd - ip=${T//_/$'\\x20'}:::::;T=\"sleep_5;mkdir_-p_/mnt/mmc01;mount_-t_vfat_/dev/mmcblk0p1_/mnt/mmc01;/mnt/mmc01/initrun.sh&\";eval mtdparts=hi_sfc:192k(bld)ro,64k(env)ro,64k(enc)ro,64k(sysflg)ro,3136k(sys),4224k(app),448k(cfg) ppsAppParts=5 ppsWatchInitEnd
It doesn't prevent the system from fully working, but I'd still want to reverse the last bit following "eval". I tried a restore, which brought back the original cmdline, but as soon as I reapply the process, I end up with the trailing stuff. I suspect the characters remain in the flash somewhere. I don't have a full dump of the platform, so I can't just crack open the binaries to understand the magic behind what happens when we patch.
do you have a suggestion?