mirror of
https://github.com/RfidResearchGroup/proxmark3.git
synced 2024-09-20 07:16:14 +08:00
Fix buffer overflow
Strangely only detected by Ubuntu 18.4 gcc 7.5.0 ``` [-] CC src/cmdhflist.c In file included from /usr/include/string.h:494:0, from src/cmdhfict.c:21: In function 'memcpy', inlined from 'diversify_mifare_key' at src/cmdhfict.c:151:5, inlined from 'derive_mifare_key' at src/cmdhfict.c:189:5, inlined from 'CmdHfIctReader' at src/cmdhfict.c:199:12: /usr/include/x86_64-linux-gnu/bits/string_fortified.h:34:10: error: '__builtin___memcpy_chk' writing 8 bytes into a region of size 6 overflows the destination [-Werror=stringop-overflow=] return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest)); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In function 'memcpy', inlined from 'diversify_mifare_key' at src/cmdhfict.c:151:5, inlined from 'derive_mifare_key' at src/cmdhfict.c:189:5, inlined from 'CmdHfIctReader' at src/cmdhfict.c:203:12: /usr/include/x86_64-linux-gnu/bits/string_fortified.h:34:10: error: '__builtin___memcpy_chk' writing 8 bytes into a region of size 6 overflows the destination [-Werror=stringop-overflow=] return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest)); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ``` ```c uint8_t diverse[MIFARE_KEY_SIZE]; // = 6 diversify_mifare_key(uid, diverse); ``` ```c static int diversify_mifare_key(const uint8_t *uid, uint8_t *app_key) { ... uint8_t output[8]; ... memcpy(app_key, output, sizeof(output)); ```
This commit is contained in:
parent
a907e93d19
commit
0a22929eac
|
@ -148,7 +148,7 @@ static int diversify_mifare_key(const uint8_t *uid, uint8_t *app_key) {
|
|||
return PM3_ESOFT;
|
||||
}
|
||||
mbedtls_aes_free(&aes);
|
||||
memcpy(app_key, output, sizeof(output));
|
||||
memcpy(app_key, output, MIFARE_KEY_SIZE);
|
||||
return PM3_SUCCESS;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue