Hi guys
I think I found a bug in CBFS. It's about the cbfs master header location. Under certains circumstances, it can be overwritten by a file, hence corrupting the rom.
I added some debug output to explain the problem. First I create a dummy bootblock and the rom : dd if=/dev/zero of=bootblock bs=16k count=4 cbfstool rom create 262144 65536 bootblock 16 ----- create_rom: create cbfs_header at offset 0x2ffd0 create_rom: write cbfs master header address 0xfffeffd0 ----- cbfstool rom print rom: 256 kB, bootblocksize 65536, romsize 262144, offset 0x0 Alignment: 16 bytes
Name Offset Type Size 0x0 free 196536 Finally create and add tfhe file : dd if=/dev/zero of=dummy bs=196536 count=1 cbfstool rom add dummy dummy 256 ----- rom_alloc: Found free file at offset 0x0 headersize 0x28 size 0x2ffb8 rom_alloc: nextoffset 0x2ffe0 rom_alloc: truncoffset 0x2ffe0 ----- cbfstool rom print (cbfstool) E: This does not appear to be a valid ROM (cbfstool) E: Problem while reading the ROM
As you can see, nextoffset is 0x10 byte after the cbfs_header. The file I added overwrote it.
I attached a patch to fix this. Signed-off-by: Thomas Jourdan thomas.jourdan@gmail.com
Regards, Thomas
Am 12.08.2009 23:45, schrieb Thomas Jourdan:
Hi guys
I think I found a bug in CBFS. It's about the cbfs master header location. Under certains circumstances, it can be overwritten by a file, hence corrupting the rom.
Good find! Acked and committed, r4547.
Thanks, Patrick
-
Patrick Georgi -
Thomas Jourdan