Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

write flash packet: data length field inconsistency #29

Open
qrp73 opened this issue May 11, 2024 · 3 comments
Open

write flash packet: data length field inconsistency #29

qrp73 opened this issue May 11, 2024 · 3 comments

Comments

@qrp73
Copy link

qrp73 commented May 11, 2024
edited
Loading

I'm analyze source code and found some strange inconsistency.

Your k5prog utility uses write flash packet with data length fields 0x00,0x01, see this line:

k5prog/k5prog.c

Line 698 in 241ab18

writeflash[12]=len&0xff; 

len=UVK5_FLASH_BLOCKSIZE=0x100;

writeflash[12]=len&0xff;
writeflash[13]=(len>>8)&0xff;

But uvtool flasher uses this packet with length in reversed order 0x01,0x00, see this line:
https://github.com/whosmatt/uvmod/blob/72eecd083e50a7b2f12404d49ee157d3d200841b/js/tool_patcher.js#L178
https://github.com/egzumer/uvtools/blob/7148b01f11357cb28e74fff3a9591b12a656ea13/js/tool_patcher.js#L178

// the length is fixed to 0x100 bytes
    const length_msb = 0x01;
    const length_lsb = 0x00;

    return new Uint8Array([0x19, 0x5, 0xc, 0x1, <...>, length_msb, length_lsb, 0x0, 0x0, ...data]);

Could you please help to understand what is going on here? And which version is correct?
Thanks
@sq5bpf
Copy link
Owner

sq5bpf commented May 11, 2024

actually if you look in k5prog.c at the comment on line 679:

/* 0x19 0x5 0xc 0x1 0x8a 0x8d 0x9f 0x1d
* address_msb address_lsb 0xe6 0x0 length_msb length_lsb 0x0 0x0
* [0x100 bytes of data, if length is <0x100 then fill the rest with zeroes] */

i did write length_msb length_lsb :)

so i think that you've found a bug. will try to debug it next week

@qrp73
Copy link
Author

qrp73 commented May 22, 2024
edited
Loading

I wrote my own tool for read/write eeprom and upload firmware: https://github.com/qrp73/K5TOOL
It has detailed protocol log, support firmware image in packed and unpacked formats, and has UV-K5 bootloader simulator which allows to use it as UV-K5 simulator to use original firmware updater and analyze protocol in the log.

I tested original firmware updater with simulator and found that your version for length field is correct and uvtool version is mistaken.

@qrp73
Copy link
Author

qrp73 commented Jul 23, 2024

it appears that both variants are incorrect. The packet contains packet number, not offset... And it uses Little Endian...
So k5prog and other tools using incorrect packet structure, but it appears that these mistakes in most cases don't affect firmware upload procedure :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sq5bpf @qrp73