firmex/python/matcher/ambarella.py

39 lines
1.4 KiB
Python
Raw Normal View History

import io
from .matcher import SignatureMatcher, Match
class Ambarella(SignatureMatcher):
def __init__(self, file):
self.name = "Ambarella Firmware Section"
self.signature = b'\x90\xeb\x24\xa3'
super().__init__(file)
def is_valid(self):
for match in self.search():
# walk back for the firmware section header
start = match - 4*5
header = io.BytesIO(self.file[start:start+228+4*6])
crc = header.read(4)
version_major = header.read(2)
version_minor = header.read(2)
filesize = header.read(4)
memory = header.read(4)
flag = header.read(4)
magic = header.read(4)
zeros = header.read()
# for ambarella firmware, the magic is placed at offset 20
# and after the magic, 228 bytes of \x00 must be placed
# then crc value must match the CRC(<filesize> bytes after header)
is_matched = magic == self.signature
is_matched &= zeros == bytes(228)
# is_matched &= crc == self.crc(self.file[start + 228+4*6:start + filesize + 228+4*6])
if is_matched:
# add the header offset to list of matches
filesize = int.from_bytes(filesize, 'little')
self.matches += [Match(start, 228 + 4*6 + filesize)]
return len(self.matches) != 0