Found part of u-boot within DJI FW code #6
Comments
|
For now I would keep it private ;-) |
|
Since DJI did not responded to my e-mail, time to share the report: |
|
I wonder if one could somehow automate this type of analysis based on statistical methods... |
|
What I did in first step is just copy strings to Google. That can be automated. Then matching specific functions is harder.. When I started, I assumed DJI used SDK code from Atmel. So I first found Atmel SAM sources they freely (not under GPL) distribute. I expected everything to match Atmel libs. But around SD and MMC functions, there were substantial differences - code didn't matched. So I started googling various strings I found in the code; I was usually getting a few results, but one which was there for every string was u-boot. I downloaded it, reverted GIT repo to around the time when the firmware was published - and then noticed some functions are just identical. So automated system would need to have at least strings from many GPL projects, best with dates when each line was added to the project. Then it would have to do The fact that firmwares are encrypted would have to be handled manually though. I mean, it's not hard to automate if you have a decryptor, like we do with drones up to Mavic. But then you only support the firmwares for which you made automatic decryption procedure. |
|
turnitin.com for source code ;-) |
So - I found the GPL code in monolithic firmware module. I assume this means we have right for the whole module?
What next?
Should all findings be public, or better to keep details private?
The text was updated successfully, but these errors were encountered: