RfidResearchGroup/proxmark3
1
1
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2024-09-20 07:16:14 +08:00
Code Issues Packages Projects Releases Wiki Activity

there were several memory leaks in hf 15 dump. Fixed by @jlitewski

Browse source
This commit is contained in:
iceman1001 2024-05-13 14:29:27 +02:00
parent 11a298dc42
commit 77db65a590
2 changed files with 35 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file.
This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log...
## [unreleased][unreleased]
- Fixed `hf 15 dump` memory leaks (@jlitewski)
- Changed `hf search` - topaz is detect before ISO14443a and commented out WIP ICT code path (@iceman1001)
- Fixed `hf search` - where felica reader now doesnt timeout and give wrong response (@iceman1001)
- Fixed overflow in deps/jansson library (@iceman1001)

35
client/src/cmdhf15.c
View file

@ -473,6 +473,26 @@ static const char *TagErrorStr(uint8_t error) {
}
}
static int iso15_error_handling_card_response(uint8_t *d, uint16_t n) {
if (check_crc(CRC_15693, d, n) == false) {
PrintAndLogEx(FAILED, "crc ( " _RED_("fail") " )");
return PM3_ECRC;
}
if ( (d[0] & ISO15_RES_ERROR) == ISO15_RES_ERROR ) {
if (d[1] == 0x0F || d[1] == 0x10) {
return PM3_EOUTOFBOUND;
}
PrintAndLogEx(ERR, "iso15693 card returned error %i: %s", d[0], TagErrorStr(d[0]));
return PM3_EWRONGANSWER;
}
return PM3_SUCCESS;
}
// fast method to just read the UID of a tag (collision detection not supported)
// *buf should be large enough to fit the 64bit uid
// returns 1 if succeeded
@ -1830,6 +1850,7 @@ static int CmdHF15Dump(const char *Cmd) {
iso15_tag_t *tag = (iso15_tag_t *)calloc(1, sizeof(iso15_tag_t));
if (tag == NULL) {
PrintAndLogEx(FAILED, "failed to allocate memory");
free(packet);
return PM3_EMALLOC;
};
@ -1844,6 +1865,7 @@ static int CmdHF15Dump(const char *Cmd) {
PrintAndLogEx(INFO, "Using scan mode");
if (getUID(verbose, false, uid) != PM3_SUCCESS) {
free(packet);
free(tag);
PrintAndLogEx(WARNING, "no tag found");
return PM3_EINVARG;
}
@ -1873,18 +1895,27 @@ static int CmdHF15Dump(const char *Cmd) {
PacketResponseNG resp;
if (WaitForResponseTimeout(CMD_HF_ISO15693_COMMAND, &resp, 2000) == false) {
PrintAndLogEx(DEBUG, "iso15693 timeout");
free(packet);
free(tag);
return PM3_ETIMEOUT;
}
if (resp.length < 2) {
PrintAndLogEx(WARNING, "iso15693 card doesn't answer to systeminfo command (%d)", resp.length);
free(packet);
free(tag);
return PM3_EWRONGANSWER;
}
uint8_t *d = resp.data.asBytes;
uint8_t dCpt = 10;
ISO15_ERROR_HANDLING_CARD_RESPONSE(d, resp.length);
int res = iso15_error_handling_card_response(d, resp.length);
if ( res != PM3_SUCCESS ) {
free(tag);
free(packet);
return res;
}
memcpy(tag->uid, &d[2], 8);
@ -1991,6 +2022,7 @@ static int CmdHF15Dump(const char *Cmd) {
if (no_save) {
PrintAndLogEx(INFO, "Called with no save option");
PrintAndLogEx(NORMAL, "");
free(tag);
return PM3_SUCCESS;
}
@ -2004,6 +2036,7 @@ static int CmdHF15Dump(const char *Cmd) {
pm3_save_dump(filename, (uint8_t *)tag, sizeof(iso15_tag_t), jsf15_v4);
free(tag);
return PM3_SUCCESS;
}