Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Backtrace when parsing firmware on the LVFS #11

Closed
hughsie opened this issue Jan 30, 2020 · 3 comments
Closed

Backtrace when parsing firmware on the LVFS #11

hughsie opened this issue Jan 30, 2020 · 3 comments

Comments

@hughsie
Copy link

hughsie commented Jan 30, 2020

I've just been notified that a specific firmware on the LVFS causes PSPTool to crash with a backtrace:

File "/home/hughsie/Code/lvfs-website/plugins/amdpsp/__init__.py", line 42, in _run_psptool_on_blob
  psp = PSPTool(md.blob, verbose=True)
File "/home/hughsie/Code/lvfs-website/env/lib/python3.7/site-packages/psptool/psptool.py", line 38, in __init__
  self.blob = Blob(rom_bytes, len(rom_bytes), self)
File "/home/hughsie/Code/lvfs-website/env/lib/python3.7/site-packages/psptool/blob.py", line 58, in __init__
  self._parse_entry_table()
File "/home/hughsie/Code/lvfs-website/env/lib/python3.7/site-packages/psptool/blob.py", line 112, in _parse_entry_table
  directory = self[address:address + 16 * 8]
File "/home/hughsie/Code/lvfs-website/env/lib/python3.7/site-packages/psptool/utils.py", line 45, in __getitem__
  new_slice = self._offset_slice(item)
File "/home/hughsie/Code/lvfs-website/env/lib/python3.7/site-packages/psptool/utils.py", line 63, in _offset_slice
  assert (old_slice.start <= self.buffer_size)

The file to reproduce this problem is inside the archive found here https://fwupd.org/downloads/ab2c51b54fb69b70000922a8b672eba6e79e36c2-Lenovo-M625Q-SystemFirmware-M1WKT30A.cab -- just download that, decompress the archive then run psptool on M1WKT30A.ROM
@cwerling
Copy link
Member

Thank you for this interesting bug, Richard! I found the bug and will push a fix soon. In case you are curious what happened here:

We are dealing with an 8 MB ROM here instead of a 16 MB ROM as usual. The latter are normally mapped into memory at 0xFF000000, i.e. the last 16 MB of memory in a 32 bit memory. That is why PSPTool has to mask all global addresses in the PSP Firmware File System with 0x00FFFFFF to obtain the actual offset in the ROM file.

Now this very special 8 MB ROM file must be mapped to the last 8 MB of memory, so naturally, we have to further mask all offsets with 0x00800000 to obtain the correct offset in the ROM file.

Cheers! :)

@cwerling
Copy link
Member

cwerling commented Feb 2, 2020
edited
Loading

pip install -U psptool 🎉
(https://pypi.org/project/psptool/2.1/)

@hughsie
Copy link
Author

hughsie commented Feb 3, 2020

Many thanks!

cwerling referenced this issue Apr 19, 2020
@RobertBuhren
Rework of entry parsing v1.
813b171
@RobertBuhren RobertBuhren mentioned this issue Apr 21, 2020
Open
@cwerling cwerling mentioned this issue Jan 1, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hughsie @cwerling