What's new

Voxel Custom firmware build for R7800 v. 1.0.2.101SF

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Voxel

Part of the Furniture
Continuation of

. . .
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-99sf.82436/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-100sf.83319/

New version of my custom firmware build: 1.0.2.101SF.

Changes (vs 1.0.2.100SF):

1. Toolchain: Go is upgraded 1.19.5->1.20.2.
2. OpenSSL v. 1.1.1 package is upgraded 1.1.1s->1.1.1t (fixing CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286).
CVE-2023-0286, High severity.​
CVE-2023-0215, Moderate severity.​
CVE-2022-4450, Moderate severity.​
CVE-2022-4304, Moderate severity.​
3. OpenSSL 1.0.2: create and add patches to fix CVE-2023-0215/CVE-2023-0286.
(score 7.5, High)​
(score 7.4, High)​
4. e2fsprogs package is upgraded 1.46.5->1.46.6 (fixing CVE-2022-1304).
(score 7.8, High)​
5. libid3tag package is upgraded 0.15.1b->0.16.2 (fixing CVE-2017-11550).
(score 5.5, Medium)​
6. OpenVPN is upgraded 2.5.8->2.5.9.
7. DNSCrypt Proxy v.2 is upgraded 2.1.2->2.1.4.
8. dbus package is upgraded 1.14.4->1.14.6.
9. curl package is upgraded 7.87.0->7.88.1.
10. iperf3 package is upgraded 3.12->3.13.
11. proftpd package is upgraded 1.3.7f->1.3.8.
12. ethtool package is upgraded 6.1->6.2.
13. uci package is upgraded 2021-10-22->2023-03-05.
14. ca-certificates package is upgraded 20211016->20230311.
15. sqlite (minidlna) package is upgraded 3400000->3410100.
16. netatalk package is upgraded 2.2.6->3.1.14.
To disable AppleFilingProtocol/TimeMachine/netatalk at all use the following commands:​
nvram set noafp=1
nvram commit
reboot
17. netatalk-utility package is upgraded 1.0.0->1.0.1 (needed to support netatalk 3.1.4).
18. util-linux: add 'blkid' utility (needed to support netatalk-utility 1.0.1).
19. Remove libltdl (unused).
20. dnsmasq: add changes from the stock V1.0.2.92.
21. Make an order in kernel modules to build.
22. Upgrade libevent2 to 2.1.12, rename previous libevent2 to libevent2-qos (used by QoS).
23. transmission: change Makefile to support new version of libevent2.
24. samba-scripts: change 'update_user' script.
25. ethtool: split into 'tiny' and 'full' options and choose 'ethtool-tiny' in default config.
26. Replace prebuilt kmod-qca-nss-drv and kmod-qca-nss-drv-qdisc (using binutils 2.40).
27. Host tools: upgrade e2fsprogs to 1.46.6 (fixing CVE-2022-1304).
(score 7.8, High)​
28. Host tools: upgrade libtool to 2.4.7.
29. Host tools: change Makefile to use new libtool.

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

Voxel.
 
Last edited:
17. netatalk-utility package is upgraded 1.0.0->1.0.1 (needed to support netatalk 3.1.4).

Developer Quiz. Find a bug in this code:

Code:
. . .
        fpu = fopen(USB_MAP_TABLE, "r");
        if (fpu == NULL){
            snprintf(mnt_path, sizeof(mnt_path), "/mnt/%s", part_name);
            strcpy(partinfo->mount_name,part_name);
            fclose(fpu);
        }
. . .

This is part of update_afp.c (netatalk-utility, stock firmware). I fixed this bug, but it was hard to find it.

Voxel.
 
Developer Quiz. Find a bug in this code:

Code:
. . .
        fpu = fopen(USB_MAP_TABLE, "r");
        if (fpu == NULL){
            snprintf(mnt_path, sizeof(mnt_path), "/mnt/%s", part_name);
            strcpy(partinfo->mount_name,part_name);
            fclose(fpu);
        }
. . .

This is part of update_afp.c (netatalk-utility, stock firmware). I fixed this bug, but it was hard to find it.

Voxel.
without seeing the rest of the code, my guess would be:
if (fpu == NULL), then something went wrong with opening that USB_MAP_TABLE -> why close it?
Potentially also the file remains open, because it is not closed.

if (fpu != NULL) would thus be more logic.

Or:
it first prints /mnt/$part_name into mnt_path and next copies something into part_name.
Perhaps this order should be reversed?
 
Both APs upgraded straight from .99.
Here's hoping I have better success than with the .100 line of firmware.

Thanks again @Voxel
----------
with only this code snippet as reference:
1) "if(fpu == NULL)" should be "if(fpu != NULL)".
2) the finished result of snprintf is in the buffer mnt_path, i suspect this is what should be copied in strcpy(), not part_name.
But these two variables may be unrelated within the braces and used elsewhere.
3) as written the call to fclose() is essentially "fclose(NULL)" which is undefined and can cause crash
 
Developer Quiz. Find a bug in this code:

Code:
. . .
        fpu = fopen(USB_MAP_TABLE, "r");
        if (fpu == NULL){
            snprintf(mnt_path, sizeof(mnt_path), "/mnt/%s", part_name);
            strcpy(partinfo->mount_name,part_name);
            fclose(fpu);
        }
. . .

Should be either of these two depending on remaining code:
Code:
if (fpu == NULL)
    return;

[OR]

if (fpu != NULL) {
    snprintf(mnt_path, sizeof(mnt_path), "/mnt/%s", part_name);
    strcpy(partinfo->mount_name,part_name);
    fclose(fpu);
}
 
Developer Quiz.

You're all right in noting that you can't close a file if opening it returned NULL. USB_MAP_TABLE is defined in the R9000 firmware as:

"/tmp/plexmediaserver/.usb_map_table"

and this file is almost always present in R9000. And there is never such a file in the R7800, so there is an attempt to close the NULL pointer: fclose(NULL). As a result it either has a "Segmentation fault" and the program crashes or just hangs. Anyway, the program always fails in R7800 and sometimes in R9000.

P.S.
Maybe that's the reason, why NETGEAR removed netatalk from the latest stock firmware for R7800, declaring it as Enhancements:


Enhancements:
  • Removed the legacy Time Machine backup feature.

NETGEAR did not want to cooperate with me, so we have what we have. It's easier to remove a feature than to find a reason why it doesn't work...

Thank you to everyone who took the quiz,

Voxel.
 
Last edited:
I forgot to write that correcting the error is removing this fclose(). The longer part of the code (deleted is marked in red):

. . .

fpu = fopen(USB_MAP_TABLE, "r");
if (fpu == NULL){

snprintf(mnt_path, sizeof(mnt_path), "/mnt/%s", part_name);
strcpy(partinfo->mount_name,part_name);
fclose(fpu);
}
else{

while (fgets(line, sizeof(line), fpu)) {
//printf("%s\n", line);
if (sscanf(line, "%[^,],%[^,],%s", serial, mount_point, device_name) != 3){
continue;
}
. . .


Maybe this information will be helpful to NG/DNI.

Voxel.
 
I forgot to write that correcting the error is removing this fclose(). The longer part of the code (deleted is marked in red):

. . .

fpu = fopen(USB_MAP_TABLE, "r");
if (fpu == NULL){

snprintf(mnt_path, sizeof(mnt_path), "/mnt/%s", part_name);
strcpy(partinfo->mount_name,part_name);
fclose(fpu);
}
else{

while (fgets(line, sizeof(line), fpu)) {
//printf("%s\n", line);
if (sscanf(line, "%[^,],%[^,],%s", serial, mount_point, device_name) != 3){
continue;
}
. . .


Maybe this information will be helpful to NG/DNI.

Voxel.
Then I still wonder:
the else statement does not close fpu (or at least not visible in the snippet)-> does that file then remain open? or is it closed outside of the else statement?
(i.e. should you perhaps have moved the fclose(fpu) from the end of the if to the end of the else statement? )
 
Then I still wonder:
the else statement does not close fpu (or at least not visible in the snippet)-> does that file then remain open? or is it closed outside of the else statement?
(i.e. should you perhaps have moved the fclose(fpu) from the end of the if to the end of the else statement? )
else statement does close fpu. More full version of this block of code (after my removal of wrong fclose()):

Code:
. . .
        fpu = fopen(USB_MAP_TABLE, "r");
        if (fpu == NULL){
            snprintf(mnt_path, sizeof(mnt_path), "/mnt/%s", part_name);
            strcpy(partinfo->mount_name,part_name);
        }
        else{
            while (fgets(line, sizeof(line), fpu)) {
                //printf("%s\n", line);
                if (sscanf(line, "%[^,],%[^,],%s", serial, mount_point, device_name) != 3){
                    continue;
                }
                sscanf(partinfo->device_id, "%[^*],%*s", disk_serial);
                if (strcmp(serial, disk_serial))
                    continue;
                 break;
            }
            fclose(fpu);
            if (strlen(part_name) == 3)
                strcpy(mount_num, "0");
            else
                strncpy(mount_num, part_name+3, 2);
            snprintf(mnt_path, sizeof(mnt_path), "/mnt/%s%s", mount_point, mount_num);
            snprintf(mount_part, sizeof(mount_part), "%s%s", mount_point, mount_num);
            strcpy(partinfo->mount_name,mount_part);
        }
. . .

Rule is that is file is opened by fopen (i.e. result of fopen is not NULL) it will be opened until explicit fclose() or until program end. But good programming style is to close opened file explicitly.

Voxel.
 
Hi @Voxel

Installed 101SF.

Got: "Warning! You are trying to download firmware with version V1.0.2.101SF which is older than the firmware with version V1.0.2.100.2SF you had. Do you want to continue?": Ignored it and clicked 'Yes".

I suppose Netgear coders aren't great at comparing version numbers either.

Everything is copasetic.

Thank you for all your great work!

All the best!
 
Last edited:
Developer Quiz. Find a bug in this code:

Code:
. . .
        fpu = fopen(USB_MAP_TABLE, "r");
        if (fpu == NULL){
            snprintf(mnt_path, sizeof(mnt_path), "/mnt/%s", part_name);
            strcpy(partinfo->mount_name,part_name);
            fclose(fpu);
        }
. . .

This is part of update_afp.c (netatalk-utility, stock firmware). I fixed this bug, but it was hard to find it.

Voxel.
The code appears to be trying to open a file named "USB_MAP_TABLE" in read mode, and if the file pointer fpu is NULL (which would indicate that the file could not be opened), it sets the mnt_path variable to a formatted string and copies part_name to partinfo->mount_name. It then closes the file pointer fpu. it is possible I'm guessing that the file "USB_MAP_TABLE" may not exist or may not have the correct permissions, in which case fpu would be NULL and the code would execute the if block. It is also possible that mnt_path and part_name are not initialized or do not have the expected values, which could lead to unexpected behavior.
 
The code appears to be trying to open a file named "USB_MAP_TABLE" in read mode, and if the file pointer fpu is NULL (which would indicate that the file could not be opened), it sets the mnt_path variable to a formatted string and copies part_name to partinfo->mount_name. It then closes the file pointer fpu. it is possible I'm guessing that the file "USB_MAP_TABLE" may not exist or may not have the correct permissions, in which case fpu would be NULL and the code would execute the if block. It is also possible that mnt_path and part_name are not initialized or do not have the expected values, which could lead to unexpected behavior.
This is the problem with Netduma, no wonder they can’t update their firmware 😂
 
Hi @Voxel (+ Kamoj) s sincere thank you from me and my family safely enjoying your work. Would you mind highlighting a couple of things I am confused with.

@kamoj (in your guide not in the readme.pdf /voxel PDF.) In the FAQ there exists a number of fairly (to me) complex strings to execute to reset the mnt drive pool lettering. From whatever back to sda1, or sdb1 etc... Would you mind highlighting possibly even in the FAQ what the purpose would be for this action. Also I cannot receive those results in my experience. Running those strings and rebooting produces no change because my routers mounts are ALWAYS sda first (NEVER sda1) .. Now the fact there is a protocol for this and I never have an sda1 whatever I do leads me to at least suspect I am not doing this right. Perhaps it's merely cosmetic. BUT consider how a newbie like me is following the guides and can't get an sda1. Perhaps the manual should remove the concern of yielding different results than the guide.

@Voxel I bet some folks here will have a laugh when they read this as its probably my pea brain. But are you actually calling for 2 seperate usb drives to be implemented? In the ReadMe.pdf what is communicated to said pea brain is actually 2 different possibilities.


During ssh setup step 4. you request the following..

(3) Prepare USB stick with ext2 filesystem and untar setssh.tar in the
root of stick (keeping +x filemask (!) for autorun/scrips/post-mount.sh
script, computer with Linux is recommended).

notice the very specific ext2 .. ?

in the following step you request the following

(1) Prepare new USB drive or disk with ext2 or ext3 or ext4 filesystem from
the command line

possibility one (again might be my pea brain)

You are asking to have the same stick prepared in 2 different ways for part of the setup protocol dropbear ~?~ and then wipe it for ext2/3/4...

possibility two

You actually want 2 different drives employed.

My suggestion would be for peabrains that are just droning through but have enough knowledge to get here. You could specify format the same or a second drive. As read following from SSH step to Entware step it does say new drive on the second of the two.

Thank you for you work.
 
This readme has evolved over years. That is why you are seeing ext2 at places.

During ssh setup step 4. you request the following..

(3) Prepare USB stick with ext2 filesystem and untar setssh.tar in the
root of stick (keeping +x filemask (!) for autorun/scrips/post-mount.sh
script, computer with Linux is recommended).

notice the very specific ext2 .. ?
For SSH access you need to format usb wih ext4. "mkfs.ext4" enables "metadata_csum" feature, make sure you disable it with "tune2fs" cmd, otherwise usb will be mounted read-only.

possibility two

You actually want 2 different drives employed.
For ease of use it is recommended that you create one usb for ssh and one for entware.

If you open the setssh.tar & entware-cortex-a15-3x-initial-generic.tar.gz, you will notice both use different "autorun\scripts\post-mount.sh" script. If you know your way around shell scripts you can merge the two and create single "autorun\scripts\post-mount.sh" that will handle both ssh and entware installation.
Using that single "post-mount.sh" script you can create single usb that will handle both ssh key and entware installation. Make sure you copy the ssh keys and entware to that single usb if you go through this route.

USB (ssh-usb) that enables SSH access is required only to copy authorization keys to the router. Most of us keep that ssh-usb plugged in the router, after firmware upgrade those ssh keys are wiped from the router. Keeping the ssh-usb plugged in copies the keys again automatically after firmware upgrade and keep the ssh access alive.
 
Last edited:

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top