imgtool.py dumpinfo crash with struct.error

[dhMat]

During testing imgtool I recognized that python imgtool.py dumpinfo ... crashes with following error:

Traceback (most recent call last):
  File "C:\temp\mcuboot\scripts\imgtool.py", line 22, in <module>
    main.imgtool()
  File "C:\Program Files\Python310\lib\site-packages\click\core.py", line 1130, in __call__
    return self.main(*args, **kwargs)
  File "C:\Program Files\Python310\lib\site-packages\click\core.py", line 1055, in main
    rv = self.invoke(ctx)
  File "C:\Program Files\Python310\lib\site-packages\click\core.py", line 1657, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "C:\Program Files\Python310\lib\site-packages\click\core.py", line 1404, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "C:\Program Files\Python310\lib\site-packages\click\core.py", line 760, in invoke
    return __callback(*args, **kwargs)
  File "C:\temp\mcuboot\scripts\imgtool\main.py", line 244, in dumpinfo
    dump_imginfo(imgfile, outfile, silent)
  File "C:\temp\mcuboot\scripts\imgtool\dumpinfo.py", line 90, in dump_imginfo
    _tlv_prot_head = struct.unpack(
struct.error: unpack requires a buffer of 4 bytes

The key used for testing was generated with following command:
python imgtool.py keygen -k test_keys.pem -t ecdsa-p256

The image was signed with:
python imgtool.py sign -k test_keys.pem -v 1.0 -H 256 --pad-header -S 0x0000 "C:\temp\mcuboot_fw.hex" "C:\temp\mcuboot_fw_signed.hex"

When checking the file with python verify everthing looks fine. Only when the dumpinfo command is used the program crash.

Short investigation

When adding following code before the command that crash in dumpinfo.py", line 90:

        print(b[tlv_off:(tlv_off + image.TLV_INFO_SIZE)])
        print(f"data len: {len(b)}")
        print(f"tlv_off: {tlv_off}, TLV_INFO_SIZE: {image.TLV_INFO_SIZE}, protected_tlv_size: {protected_tlv_size}")

following results are printed

b''
data len: 278946
tlv_off: 221542010, TLV_INFO_SIZE: 4, protected_tlv_size: 17975

For whatever reason the tlv offset is bigger than the available data, which leads to the crash.

[davidvincze]

Thank you for raising the issue.
May I ask you to send the full output of the dumpinfo command? I'm interested in the content of the image header structure. The protected TLV area of your signed image should be empty, but it still hits line 90.

I signed a test image with ecdsa-p256 using your imgtool options but I couldn't reproduce this error message/condition.
Thank you :)

[dhMat]

When adding the debug code of debug_crash.diff and repeat the test with blank.hex I get following ouput:

> python imgtool.py sign -k test_keys.pem -v 1.0 -H 256 --pad-header -S 0x0000 blank.hex blank_signed.hex
image.py: sign the payload

> python imgtool.py verify blank_signed.hex
Image was correctly validated
Image version: 1.0.0+0
Image digest: 76b7278fbfe26276e92dee6e378e96a4c272e1f5977d8177898ea0fee49bf5de

> python imgtool.py dumpinfo blank_signed.hex
b''
data len: 4077
tlv_off: 221542010, TLV_INFO_SIZE: 4, protected_tlv_size: 17975
Traceback (most recent call last):
  File "C:\Temp\mcuboot\scripts\imgtool.py", line 22, in <module>
    main.imgtool()
  File "C:\Program Files\Python310\lib\site-packages\click\core.py", line 1130, in __call__
    return self.main(*args, **kwargs)
  File "C:\Program Files\Python310\lib\site-packages\click\core.py", line 1055, in main
    rv = self.invoke(ctx)
  File "C:\Program Files\Python310\lib\site-packages\click\core.py", line 1657, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "C:\Program Files\Python310\lib\site-packages\click\core.py", line 1404, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "C:\Program Files\Python310\lib\site-packages\click\core.py", line 760, in invoke
    return __callback(*args, **kwargs)
  File "C:\Temp\mcuboot\scripts\imgtool\main.py", line 244, in dumpinfo
    dump_imginfo(imgfile, outfile, silent)
  File "C:\Temp\mcuboot\scripts\imgtool\dumpinfo.py", line 93, in dump_imginfo
    _tlv_prot_head = struct.unpack(
struct.error: unpack requires a buffer of 4 bytes

hex and diff files: hex_and_diffs.zip

[mlaz]

I've been seeing this behaviour literally with any image thas's generated on zephyr's latest release. Even when I try dumping from an unsigned image.

[rustammendel]

Currently dumpinfo command does not support loading hex files, will be fixed soon.

@mlaz does verify and dumpinfo commands work for signed non-hex files generated on zephyr's latest release in your case? Both meant to work only with signed images.

[mlaz]

Currently dumpinfo command does not support loading hex files, will be fixed soon.

Ok, so this is the issue then.
Yes, it is working properly on bin files. I was debugging image uploads on mcumgr with zephyr and wanted to make sure the images I had did not have faulty headers.
Thanks for the clarification @rustammendel