From 9def6b23450ea17d12fec9b9ea3c9ecfa62a8fb1 Mon Sep 17 00:00:00 2001 From: Dominik Riebeling Date: Sun, 5 Apr 2009 19:19:27 +0000 Subject: Fix a potentially dangerous bug with bootloader installation for Sansas: check the downloaded bootloader file against the target reported by sansapatcher as otherwise one could install an e200 bootloader to a c200 (and vice versa). git-svn-id: svn://svn.rockbox.org/rockbox/trunk@20630 a1c6a512-1295-4272-9138-f99709370657 --- rbutil/rbutilqt/base/bootloaderinstallsansa.cpp | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'rbutil') diff --git a/rbutil/rbutilqt/base/bootloaderinstallsansa.cpp b/rbutil/rbutilqt/base/bootloaderinstallsansa.cpp index a78f336144..4679c2e9a8 100644 --- a/rbutil/rbutilqt/base/bootloaderinstallsansa.cpp +++ b/rbutil/rbutilqt/base/bootloaderinstallsansa.cpp @@ -122,9 +122,26 @@ void BootloaderInstallSansa::installStage2(void) return; } + // check model -- if sansapatcher reports a c200 don't install an e200 + // bootloader and vice versa. + // The model is available in the mi4 file at offset 0x1fc and matches + // the targetname set by sansapatcher. + emit logItem(tr("Checking downloaded bootloader"), LOGINFO); m_tempfile.open(); QString blfile = m_tempfile.fileName(); + char magic[4]; + m_tempfile.seek(0x1fc); + m_tempfile.read(magic, 4); m_tempfile.close(); + if(memcmp(sansa.targetname, magic, 4) != 0) { + emit logItem(tr("Bootloader mismatch! Aborting."), LOGERROR); + qDebug("[BL-Sansa] Targetname: %s, mi4 magic: %c%c%c%c", + sansa.targetname, magic[0], magic[1], magic[2], magic[3]); + emit done(true); + sansa_close(&sansa); + return; + } + if(sansa_add_bootloader(&sansa, blfile.toLatin1().data(), FILETYPE_MI4) == 0) { emit logItem(tr("Successfully installed bootloader"), LOGOK); -- cgit v1.2.3