Skip to content
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
69 lines (52 sloc) 2.93 KB


This directory contains support tools and popular checks that can be included in FwAnalyzer configs for multiple targets. is a universal script to run FwAnalyzer. It will unpack (with the help of a unpacker; see below) firmware and run fwanalyzer against each of the target filesystems, it will combine all of the reports into one big report. In addition it will do some post processing of the filetree files (if present) and append the result to the report.

Using is straight forward (the example below is for an Android OTA firmware - make sure you have the required Android unpacking tools installed and added to your PATH, see: Android): --unpacker android/ --fw --cfg-path android --cfg-include android --fwanalyzer-bin ../build/fwanalyzer

The full set of options is described below:

usage: [-h] --fw FW --unpacker UNPACKER --cfg-path CFG_PATH
                [--cfg-include-path CFG_INCLUDE_PATH] [--report REPORT]
                [--keep-unpacked] [--fwanalyzer-bin FWANALYZER_BIN]
                [--fwanalyzer-options FWANALYZER_OPTIONS]

optional arguments:
  -h, --help            show this help message and exit
  --fw FW               path to firmware file OR path to unpacked firmware
  --unpacker UNPACKER   path to unpacking script
  --cfg-path CFG_PATH   path to directory containing config files
  --cfg-include-path CFG_INCLUDE_PATH
                        path to config include files
  --report REPORT       report file
  --keep-unpacked       keep unpacked data
  --fwanalyzer-bin FWANALYZER_BIN
                        path to fwanalyzer binary
  --fwanalyzer-options FWANALYZER_OPTIONS
                        options passed to fwanalyzer

The --keep-unpacked option will NOT delete the temp directory that contains the unpacked files. Once you have the unpacked directory you can pass it to the --fw option to avoid unpacking the firmware for each run (e.g. while you test/modify your configuration files). See the example below. --unpacker android/ --fw /tmp/tmp987689123 --cfg-path android --cfg-include android --fwanalyzer-bin ../build/fwanalyzer


The unpacker is used by to unpack firmware. The unpacker needs to be an executable file, that takes two parameters first the file to unpack and second the path to the config files (the path that was provided via --cfg-path).

The unpacker needs to output a set of targets, the targets map a config file to a filesystem image (or directory). The targets are specified as a JSON object.

The example below specifies two targets:

  • system : use system.toml when analyzing system.img
  • boot: use boot.toml when analyzing the content of directory boot/
{ "system": "system.img" , "boot": "boot/" }

See Android/ for a real world example.

You can’t perform that action at this time.