search

tuya-cloudcutter / bk7231tools

This is a collection of tools to interact with and analyze artifacts for BK7231 MCUs
MIT License
38 stars 6 forks source link

Error in dissect_dump_file() while using tuya-cloudcutter/profile_building/build_profile.py #15

Closed bmarr closed 9 months ago

bmarr commented 1 year ago

I was using build_profile.py in tuya-cloudcutter/profile_building and encountered the crash shown below, and was encouraged by @Cossid to create an issue here. The original tuya-cloudcutter issue is tuya-cloudcutter/issues/317

I had indeed followed instructions and used pip install . before using build_profile.py. Today I followed the suggestion by @Cossid to try pip install bk7231tools[cli] but that only reported that it was already installed.

I am running on a 64 bit x86_64 system (core2duo laptop with 4GB RAM, booted to Kali Linux installed on hard drive):

$ uname -a
Linux kali-linuxnx7400 6.1.0-kali5-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.12-lkali1 (2023-02-20) x86_64 GNU/Linux

The python version used is: Python 3.11.1 (main, Dec 31 2022, 10:23:59) [GCC 12.2.0] on linux

The first-pass output from build_profile.py is:

[+] Processing file='../../Globe-Electric_50329-Smart-Plug.bin' as Globe-Electric_50329-Smart-Plug
RBL containers:
    0x10f9a: bootloader - [encoding_algorithm=NONE, size=0xdd20]
        extracted to /home/kali/Globe-Electric_50329-Smart-Plug
    0x129f0a: app - [encoding_algorithm=NONE, size=0xeb7a0]
        extracted to /home/kali/Globe-Electric_50329-Smart-Plug
Storage partition:
Traceback (most recent call last):
  File "/home/kali/tuya-cloudcutter/profile-building/build_profile.py", line 44, in <module>
    extract.run(file)
  File "/home/kali/tuya-cloudcutter/profile-building/extract.py", line 50, in run
    bk7231tools.__main__.dissect_dump_file(input)
  File "/usr/local/lib/python3.11/dist-packages/bk7231tools/__main__.py", line 240, in dissect_dump_file
    keys = storage.find_all_keys()
           ^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/dist-packages/bk7231tools/analysis/storage.py", line 180, in find_all_keys
    self.sf_find_index("abcdef")
  File "/usr/local/lib/python3.11/dist-packages/bk7231tools/analysis/storage.py", line 251, in sf_find_index
    label.label_12
AttributeError: 'NoneType' object has no attribute 'label_12'
edestecd commented 1 year ago

Having the same issue on MacOS

edestecd commented 1 year ago

something here: https://github.com/tuya-cloudcutter/bk7231tools/blob/main/bk7231tools/analysis/storage.py#L251

edestecd commented 1 year ago

maybe its related to goto: https://github.com/tuya-cloudcutter/bk7231tools/blob/78da93444b1cb51aed13f0f8f52703276a89c638/bk7231tools/analysis/storage.py#L11

kuba2k2 commented 1 year ago

goto is not a Python feature, it's an external library that uses some weird hacks to emulate that behavior. It works on Python 3.10, but has issues on other versions. I used it because I didn't understand the storage decryption code (which was extracted from disassembly) and didn't know how to write it without goto's, which were seen in the disassembly. If someone has a better idea to rewrite this piece of code, you're more than welcome to do so.

edestecd commented 1 year ago

I can try python 3.10. thanks for the help ;) Much appreciated

kuba2k2 commented 9 months ago

@bmarr @edestecd v1.5.0 of bk7231tools doesn't use goto anymore. Futhermore, the storage decryption class is rewritten from ground up, and is more reliable.