Dlink probably violate GPL again with their DIR-45X ?

Sun Sep 23 20:29:03 CEST 2007

Hi,

I am glad to be of help.  If you run into any problems let me know.

I'm not always sure that the gpl-violations mailing list is the place to be
talking about tools/methods of reversing firmware, so I just sent my
observations to you rather than to the list.  I am not a regular
contributor, but just thought I'd take a look and see if I could give you
some direction.

I follow the list as I have my own interests in this area as I develop
custom software for uClinux, Linux, and Windows CE embedded multimedia
boxes, and have to avoid the GPL pitfalls myself when I develop proprietary
portions of distributions.  I am both a hardware and software engineer as
well, and have reversed/recreated a number of embedded linux distributions
in the recent past, and so am fairly familiar with all the processes/tricks
involved.  I generally try to encourage companies I deal with to comply with
the terms of the licenses in terms of distributing GPL sources, toolchains,
etc., but not all are very up-front about it unless they are forced to.
Often it is that they just do not fully understand the agreements and are
afraid that somehow it will force them to disclose their own proprietary
code, especially if they have not been careful not to taint it with GPL code
or linkages.  It is especially difficult when dealing with far-east
companies.  European companies have begun to come more in line as a result
of pressures from FSF/gpl-violations.org, although there are still always
hold-outs.  Another thing that comes in to play is when hardware companies
purchase an SDK from the chip manufacturer and sign a non-disclosure which
they then think does not allow them to disclose any of the source, even the
GPL part because of the non-disclosure.  Again, misunderstanding of the
legal aspect of the agreements at each level is the key.

There are a lot of different utilities/ways of decrypting, examining, and
rebuilding images such as this.  I have developed some of my own tools for
doing this, and also use a lot of open-source (and sometimes closed-source)
tools.  Nowdays, with a little searching on the web, it is fairly easy to
obtain free tools to do most of the tasks of extracting and rebuilding as
long as you can determine some of the specifics of the image layout.

  _____  

From: gitime lin [mailto:gitime at gmail.com] 
Sent: Saturday, September 22, 2007 12:18 PM
To: sfedder at hotmail.com; legal at lists.gpl-violations.org;
tech at lists.gpl-violations.org
Subject: Re: Dlink probably violate GPL again with their DIR-45X ?

Hi sfedder,

Thanks a lot!!
I'll try your observation this weekend.
How come you didn't post your observation result to the maillist!
I think if you could organize this result and post it to a blog or to the
maillist will be so great! 
So, if some one be able to check if they violate the GPL?

On 9/22/07, Stephen C. Fedder <sfedder at hotmail.com > wrote:

Hi,

I looked at the image some more - it is an ext2 filesystem.  You can explore
it and look at files using a utility called explore2fs.

The 1st gzipped image is located at offset 0x3DE0 in the file.  That is the
Linux image.  You can tell the gzip image by the 0x1F 0x8B 0x08 prefix.  The
length of the gzip image is in the 4 bytes just prior to the 0x1F (reverse
the byte order as it is in small-endian format).  The same goes for the
other gzip image in the file.

The Linux version string is:

Linux version 2.4.25-386 (root at SERVERLINUX) (gcc version 2.96 20000731 (Red
Hat Linux 7.3 2.96-110.1)) #82 Wed Mar 28 17:20:22 CST 2007

The Linux image contains OpenSwan, among other packages.

You can download the explore2fs utility from
http://uranus.it.swin.edu.au/~jn/linux/explore2fs-old.htm
<http://uranus.it.swin.edu.au/%7Ejn/linux/explore2fs-old.htm> 

Hope this helps.

  _____  

From: Stephen C. Fedder [mailto:sfedder at hotmail.com] 
Sent: Friday, September 21, 2007 10:21 AM
To: 'gitime lin'
Subject: RE: Dlink probably violate GPL again with their DIR-45X ?

Hi,

I downloaded and looked at the image for the DIR-450 Router from the Dlink
website - it does contain, as you said, a 10mb gzip image that looks like a
filesystem - it also contains another smaller gzip image (around 2.5mb) that
contains the initial linux kernel boot load.

The sequence is header, loader, gzipped linux kernel image, header, gzipped
filesystem image.  FYI, the filesystem image does not appear to be ROMFS -
it looks like it may be an ext2 filesystem image for placement on a 10mb ram
drive.  I'll look at it a bit more to see if I can unpack it.

  _____  

From: gitime lin [mailto:gitime at gmail.com] 
Sent: Thursday, September 20, 2007 10:49 PM
To: legal at lists.gpl-violations.org; tech at lists.gpl-violations.org
Subject: Re: Dlink probably violate GPL again with their DIR-45X ?

Hi all,

This is the first time I've talk in this list.
I just care about the GPL-violation affairs.

I did not have a DIR-450 Router.
Either I did not downloaded the source tarball to check the detail. 
Since I'm a hardware engineer, the C codes is a little bit hard for me to
understand.

But I've just used madedit to hack and compare the firmware they released.
After 2 released firmwares has been compared, I've found the image header of
the firmware might be 48 bytes long (0x40) 
I've found the header appeared twice in the whole image.
So the structure of firmware I guess looks like the following.
imghdr-kernel-imghdr-romfs
or imghdr-romfs-imghdr-kernel.

Then I used madedit (hexeditor) trying to strip the  romfs off. 
Then after a trial-n-error of various compression tools, I've found the
romfs is compressed by zip!
The file was cutted according to the first combination.
imghdr-kernel-imghdr-romfs.
So I've convinced I have stripped the romfs off. 

But I don't know how to inspect the detail of romfs.
I'm using windows computer for work.
Since this platform is based on Linux I guess someone might be able to help
me to look what is inside of it. And see if they really violate the GPL? 

The cutted-off romfs is 2,916,363 bytes long.
But after uncompressed by zip, the uncompressed length is 10,240,000 bytes
long.

What I've stripped is the firmware DIR-450-V1.01-B0013.
And it both works on DIR-450 Firmware v1.02_1.02.02.

No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.488 / Virus Database: 269.13.27/1020 - Release Date: 9/20/2007
12:07 PM

No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.488 / Virus Database: 269.13.28/1023 - Release Date: 9/22/2007
1:27 PM

No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.488 / Virus Database: 269.13.28/1023 - Release Date: 9/22/2007
1:27 PM

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.gpl-violations.org/pipermail/legal/attachments/20070923/d7d425c7/attachment.htm