diff --git a/armsrc/mifaredesfire.c b/armsrc/mifaredesfire.c index e16c00ed1..c13311051 100644 --- a/armsrc/mifaredesfire.c +++ b/armsrc/mifaredesfire.c @@ -585,7 +585,9 @@ size_t CreateAPDU(uint8_t *datain, size_t len, uint8_t *dataout) { void OnSuccess() { pcb_blocknum = 0; ReaderTransmit(deselect_cmd, 3, NULL); - mifare_ultra_halt(); + if (mifare_ultra_halt()) { + if (DBGLEVEL >= DBG_ERROR) Dbprintf("Halt error"); + } switch_off(); } diff --git a/armsrc/mifaresim.c b/armsrc/mifaresim.c index b1f419242..6c65a4f65 100644 --- a/armsrc/mifaresim.c +++ b/armsrc/mifaresim.c @@ -588,9 +588,11 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1 case MFEMUL_NOFIELD: if (DBGLEVEL >= DBG_EXTENDED) Dbprintf("MFEMUL_NOFIELD"); + break; case MFEMUL_HALTED: if (DBGLEVEL >= DBG_EXTENDED) Dbprintf("MFEMUL_HALTED"); + break; case MFEMUL_IDLE: { LogTrace(uart->output, uart->len, uart->startTime * 16 - DELAY_AIR2ARM_AS_TAG, uart->endTime * 16 - DELAY_AIR2ARM_AS_TAG, uart->parity, true); if (DBGLEVEL >= DBG_EXTENDED) diff --git a/armsrc/spiffs_nucleus.c b/armsrc/spiffs_nucleus.c index ef1db36f1..459222d5b 100644 --- a/armsrc/spiffs_nucleus.c +++ b/armsrc/spiffs_nucleus.c @@ -1560,6 +1560,7 @@ s32_t spiffs_object_modify(spiffs_fd *fd, u32_t offset, u8_t *data, u32_t len) { res = spiffs_page_allocate_data(fs, fd->obj_id & ~SPIFFS_OBJ_ID_IX_FLAG, &p_hdr, &data[written], to_write, page_offs, 1, &data_pix); SPIFFS_DBG("modify: store new data page, "_SPIPRIpg":"_SPIPRIsp" offset:"_SPIPRIi", len "_SPIPRIi", written "_SPIPRIi"\n", data_pix, data_spix, page_offs, to_write, written); + if (res != SPIFFS_OK) break; } else { // write to existing page, allocate new and copy unmodified data diff --git a/client/cmdhfmf.c b/client/cmdhfmf.c index 6b266e21e..87475926e 100644 --- a/client/cmdhfmf.c +++ b/client/cmdhfmf.c @@ -2866,18 +2866,21 @@ out: PrintAndLogEx(SUCCESS, "Found keys have been transferred to the emulator memory"); } - // Disable fast mode and send a dummy command to make it effective - conn.block_after_ACK = false; - SendCommandNG(CMD_PING, NULL, 0); - WaitForResponseTimeout(CMD_PING, NULL, 1000); - if (createDumpFile) { fptr = GenerateFilename("hf-mf-", "-key.bin"); createMfcKeyDump(SectorsCnt, e_sector, fptr); } - free(keyBlock); free(e_sector); + + // Disable fast mode and send a dummy command to make it effective + conn.block_after_ACK = false; + SendCommandNG(CMD_PING, NULL, 0); + if (!WaitForResponseTimeout(CMD_PING, NULL, 1000)) { + PrintAndLogEx(WARNING, "command execution time out"); + return PM3_ETIMEOUT; + } + PrintAndLogEx(NORMAL, ""); return PM3_SUCCESS; } diff --git a/client/cmdhfmfhard.c b/client/cmdhfmfhard.c index 75e647489..bc3591d06 100644 --- a/client/cmdhfmfhard.c +++ b/client/cmdhfmfhard.c @@ -282,7 +282,12 @@ static void init_bitflip_bitarrays(void) { fclose(statesfile); uint32_t count = 0; init_inflate(&compressed_stream, input_buffer, filesize, (uint8_t *)&count, sizeof(count)); - inflate(&compressed_stream, Z_SYNC_FLUSH); + int res = inflate(&compressed_stream, Z_SYNC_FLUSH); + if (res != Z_OK) { + PrintAndLogEx(ERR, "Inflate error. Aborting...\n"); + inflateEnd(&compressed_stream); + exit(4); + } if ((float)count / (1 << 24) < IGNORE_BITFLIP_THRESHOLD) { uint32_t *bitset = (uint32_t *)malloc_bitarray(sizeof(uint32_t) * (1 << 19)); if (bitset == NULL) { @@ -292,7 +297,12 @@ static void init_bitflip_bitarrays(void) { } compressed_stream.next_out = (uint8_t *)bitset; compressed_stream.avail_out = sizeof(uint32_t) * (1 << 19); - inflate(&compressed_stream, Z_SYNC_FLUSH); + res = inflate(&compressed_stream, Z_SYNC_FLUSH); + if (res != Z_OK && res != Z_STREAM_END) { + PrintAndLogEx(ERR, "Inflate error. Aborting...\n"); + inflateEnd(&compressed_stream); + exit(4); + } effective_bitflip[odd_even][num_effective_bitflips[odd_even]++] = bitflip; bitflip_bitarrays[odd_even][bitflip] = bitset; count_bitflip_bitarrays[odd_even][bitflip] = count; diff --git a/client/cmdhw.c b/client/cmdhw.c index a6f242b8f..fa43e6200 100644 --- a/client/cmdhw.c +++ b/client/cmdhw.c @@ -532,7 +532,7 @@ static int CmdPing(const char *Cmd) { error = memcmp(data, resp.data.asBytes, len) != 0; PrintAndLogEx((error) ? ERR : SUCCESS, "Ping response " _GREEN_("received") "and content is %s", error ? _RED_("NOT ok") : _GREEN_("ok")); } else { - PrintAndLogEx((error) ? ERR : SUCCESS, "Ping response " _GREEN_("received")); + PrintAndLogEx(SUCCESS, "Ping response " _GREEN_("received")); } } else PrintAndLogEx(WARNING, "Ping response " _RED_("timeout")); diff --git a/client/cmdlffdx.c b/client/cmdlffdx.c index dc2a11478..ce78525ac 100644 --- a/client/cmdlffdx.c +++ b/client/cmdlffdx.c @@ -204,7 +204,7 @@ static int CmdFdxDemod(const char *Cmd) { else if (preambleIndex == -2) PrintAndLogEx(DEBUG, "DEBUG: Error - FDX-B preamble not found"); else if (preambleIndex == -3) - PrintAndLogEx(DEBUG, "DEBUG: Error - FDX-B Size not correct: %d", size); + PrintAndLogEx(DEBUG, "DEBUG: Error - FDX-B Size not correct: %zu", size); else PrintAndLogEx(DEBUG, "DEBUG: Error - FDX-B ans: %d", preambleIndex); return PM3_ESOFT; diff --git a/client/cmdlfindala.c b/client/cmdlfindala.c index 0e308be35..914b510fc 100644 --- a/client/cmdlfindala.c +++ b/client/cmdlfindala.c @@ -109,7 +109,10 @@ static int CmdIndalaDemod(const char *Cmd) { //convert UID to HEX uint32_t uid1 = bytebits_to_byte(DemodBuffer, 32); uint32_t uid2 = bytebits_to_byte(DemodBuffer + 32, 32); - uint64_t foo = (((uint64_t)uid1 << 32) & 0x1FFFFFFF) | (uid2 & 0x7FFFFFFF); + // To be checked, what's this internal ID ? + // foo is only used for 64b ids and in that case uid1 must be only preamble, plus the following code is wrong as x<<32 & 0x1FFFFFFF is always zero + //uint64_t foo = (((uint64_t)uid1 << 32) & 0x1FFFFFFF) | (uid2 & 0x7FFFFFFF); + uint64_t foo = uid2 & 0x7FFFFFFF; if (DemodBufferLen == 64) { PrintAndLogEx( diff --git a/client/cmdlft55xx.c b/client/cmdlft55xx.c index c823e6a06..73809fd6d 100644 --- a/client/cmdlft55xx.c +++ b/client/cmdlft55xx.c @@ -479,7 +479,7 @@ bool t55xxAquireAndCompareBlock0(bool usepwd, uint32_t password, uint32_t known_ PrintAndLogEx(INFO, "Block0 write detected, running `detect` to see if validation is possible"); for (uint8_t m = 0; m < 4; m++) { - if (AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, m) == false) { + if (AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, m) == false) { continue; } @@ -512,7 +512,7 @@ bool t55xxAquireAndDetect(bool usepwd, uint32_t password, uint32_t known_block0, config.pwd = 0x00; for (uint8_t m = 0; m < 4; m++) { - if (AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, m) == false) + if (AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, m) == false) continue; if (tryDetectModulationEx(m, verbose, known_block0) == false) @@ -776,7 +776,7 @@ int T55xxReadBlockEx(uint8_t block, bool page1, bool usepwd, uint8_t override, u // override = 1 (override and display) // override = 2 (override and no display) if (override == 0) { - if (AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, false, 0, downlink_mode) == false) + if (AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, false, 0, downlink_mode) == false) return PM3_ERFTRANS; if (tryDetectModulation(downlink_mode, false) == false) { @@ -792,7 +792,7 @@ int T55xxReadBlockEx(uint8_t block, bool page1, bool usepwd, uint8_t override, u } } - if (AquireData(page1, block, usepwd, password, downlink_mode) == false) + if (AcquireData(page1, block, usepwd, password, downlink_mode) == false) return PM3_ERFTRANS; if (DecodeT55xxBlock() == false) @@ -1013,7 +1013,7 @@ static int CmdT55xxDetect(const char *Cmd) { if (try_all_dl_modes) { for (uint8_t m = downlink_mode; m < 4; m++) { - if (AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, try_with_pwd & usepwd, password, m) == false) + if (AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, try_with_pwd & usepwd, password, m) == false) continue; // pre fill to save passing in. @@ -1036,7 +1036,7 @@ static int CmdT55xxDetect(const char *Cmd) { else config.pwd = 0x00; - if (AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, downlink_mode)) { + if (AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, downlink_mode)) { found = tryDetectModulation(downlink_mode, T55XX_PrintConfig); } } @@ -1774,7 +1774,7 @@ static int CmdT55xxReadTrace(const char *Cmd) { uint32_t password = 0; // REGULAR_READ_MODE_BLOCK - yeilds correct Page 1 Block 2 data i.e. + 32 bit offset. - if (!AquireData(T55x7_PAGE1, REGULAR_READ_MODE_BLOCK, pwdmode, password, downlink_mode)) + if (!AcquireData(T55x7_PAGE1, REGULAR_READ_MODE_BLOCK, pwdmode, password, downlink_mode)) return PM3_ENODATA; } @@ -2077,7 +2077,7 @@ static int CmdT55xxInfo(const char *Cmd) { // sanity check. if (SanityOfflineCheck(false) != PM3_SUCCESS) return PM3_ENODATA; - if (!AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, downlink_mode)) + if (!AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, downlink_mode)) return PM3_ENODATA; } @@ -2275,7 +2275,7 @@ static int CmdT55xxRestore(const char *Cmd) { return res; } -bool AquireData(uint8_t page, uint8_t block, bool pwdmode, uint32_t password, uint8_t downlink_mode) { +bool AcquireData(uint8_t page, uint8_t block, bool pwdmode, uint32_t password, uint8_t downlink_mode) { // arg0 bitmodes: // b0 = pwdmode // b1 = page to read from @@ -2808,7 +2808,7 @@ static int CmdT55xxChkPwds(const char *Cmd) { if (resp.oldarg[0]) { PrintAndLogEx(SUCCESS, "\nFound a candidate [ " _YELLOW_("%08"PRIX64) " ]. Trying to validate", resp.oldarg[1]); - if (AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, true, resp.oldarg[1], downlink_mode)) { + if (AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, true, resp.oldarg[1], downlink_mode)) { found = tryDetectModulation(downlink_mode, T55XX_PrintConfig); if (found) { PrintAndLogEx(SUCCESS, "Found valid password: [ " _GREEN_("%08"PRIX64) "]", resp.oldarg[1]); @@ -2857,7 +2857,7 @@ static int CmdT55xxChkPwds(const char *Cmd) { PrintAndLogEx(INFO, "Testing %08"PRIX64, curr_password); for (dl_mode = downlink_mode; dl_mode <= 3; dl_mode++) { - if (!AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, true, curr_password, dl_mode)) { + if (!AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, true, curr_password, dl_mode)) { continue; } @@ -2975,14 +2975,14 @@ uint8_t tryOnePassword(uint32_t password, uint8_t downlink_mode) { // check if dl mode 4 and loop if needed for (dl_mode = downlink_mode; dl_mode < 4; dl_mode++) { - AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, true, password, dl_mode); - - // if (getSignalProperties()->isnoise == false) { - // } else { - if (tryDetectModulation(dl_mode, T55XX_PrintConfig)) { - return 1 + (dl_mode << 1); + if (AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, true, password, dl_mode)) { + // if (getSignalProperties()->isnoise == false) { + // } else { + if (tryDetectModulation(dl_mode, T55XX_PrintConfig)) { + return 1 + (dl_mode << 1); + } + // } } - // } if (!try_all_dl_modes) dl_mode = 4; } return 0; @@ -3109,7 +3109,7 @@ bool tryDetectP1(bool getData) { bool st = true; if (getData) { - if (!AquireData(T55x7_PAGE1, T55x7_TRACE_BLOCK1, false, 0, 0)) + if (!AcquireData(T55x7_PAGE1, T55x7_TRACE_BLOCK1, false, 0, 0)) return false; } @@ -3259,7 +3259,7 @@ static int CmdT55xxDetectPage1(const char *Cmd) { if (!useGB) { for (dl_mode = downlink_mode; dl_mode < 4; dl_mode++) { - found = AquireData(T55x7_PAGE1, T55x7_TRACE_BLOCK1, usepwd, password, dl_mode); + found = AcquireData(T55x7_PAGE1, T55x7_TRACE_BLOCK1, usepwd, password, dl_mode); //return PM3_ENODATA; if (tryDetectP1(false)) { //tryDetectModulation()) found = true; diff --git a/client/cmdlft55xx.h b/client/cmdlft55xx.h index 2efecdc26..876cbf7d7 100644 --- a/client/cmdlft55xx.h +++ b/client/cmdlft55xx.h @@ -164,7 +164,7 @@ bool testKnownConfigBlock(uint32_t block0); bool tryDetectP1(bool getData); bool test(uint8_t mode, uint8_t *offset, int *fndBitRate, uint8_t clk, bool *Q5); int special(const char *Cmd); -bool AquireData(uint8_t page, uint8_t block, bool pwdmode, uint32_t password, uint8_t downlink_mode); +bool AcquireData(uint8_t page, uint8_t block, bool pwdmode, uint32_t password, uint8_t downlink_mode); uint8_t tryOnePassword(uint32_t password, uint8_t downlink_mode); void printT55x7Trace(t55x7_tracedata_t data, uint8_t repeat); diff --git a/client/cmdtrace.c b/client/cmdtrace.c index 836c0b9eb..97d91e54d 100644 --- a/client/cmdtrace.c +++ b/client/cmdtrace.c @@ -840,8 +840,6 @@ int CmdTraceList(const char *Cmd) { PrintAndLogEx(NORMAL, "ISO15693 - Timings are not as accurate"); if (protocol == ISO_7816_4) PrintAndLogEx(NORMAL, "ISO7816-4 / Smartcard - Timings N/A yet"); - if (protocol == FELICA) - PrintAndLogEx(NORMAL, "Felica"); // Timings ? if (protocol == PROTO_HITAG) PrintAndLogEx(NORMAL, "Hitag2 / HitagS - Timings in ETU (8us)"); diff --git a/client/emv/tlv.c b/client/emv/tlv.c index 6e840f928..49a4038b5 100644 --- a/client/emv/tlv.c +++ b/client/emv/tlv.c @@ -367,12 +367,14 @@ void tlvdb_change_or_add_node_ex(struct tlvdb *tlvdb, tlv_tag_t tag, size_t len, // replace tlv element struct tlvdb *tnewelm = tlvdb_fixed(tag, len, value); + bool tnewelm_linked = false; tnewelm->next = telm->next; tnewelm->parent = telm->parent; // if telm stayed first in children chain if (telm->parent && telm->parent->children == telm) { telm->parent->children = tnewelm; + tnewelm_linked = true; } // if telm have previous element @@ -387,6 +389,7 @@ void tlvdb_change_or_add_node_ex(struct tlvdb *tlvdb, tlv_tag_t tag, size_t len, for (; celm; celm = celm->next) { if (celm->next == telm) { celm->next = tnewelm; + tnewelm_linked = true; break; } } @@ -396,8 +399,13 @@ void tlvdb_change_or_add_node_ex(struct tlvdb *tlvdb, tlv_tag_t tag, size_t len, telm->next = NULL; tlvdb_free(telm); - if (tlvdb_elm) + if (tlvdb_elm) { *tlvdb_elm = tnewelm; + tnewelm_linked = true; + } + if (! tnewelm_linked) { + tlvdb_free(tnewelm); + } } return; diff --git a/client/fileutils.c b/client/fileutils.c index de2fbef19..8b537d423 100644 --- a/client/fileutils.c +++ b/client/fileutils.c @@ -487,7 +487,7 @@ int loadFile_safe(const char *preferredName, const char *suffix, void **pdata, s } *pdata = calloc(fsize, sizeof(uint8_t)); - if (!pdata) { + if (!*pdata) { PrintAndLogEx(FAILED, "error, cannot allocate memory"); fclose(f); return PM3_EMALLOC; @@ -820,7 +820,7 @@ int loadFileDICTIONARY_safe(const char *preferredName, void **pdata, uint8_t key while (fgets(line, sizeof(line), f)) { // check if we have enough space (if not allocate more) - if ((*keycnt * (keylen >> 1)) >= mem_size) { + if ((((size_t)(*keycnt)) * (keylen >> 1)) >= mem_size) { mem_size += block_size; *pdata = realloc(*pdata, mem_size); @@ -1064,7 +1064,7 @@ static int searchFinalFile(char **foundpath, const char *pm3dir, const char *sea } } // try pm3 dirs in pm3 installation dir (install mode) - { + if (exec_path != NULL) { char *path = calloc(strlen(exec_path) + strlen(PM3_SHARE_RELPATH) + strlen(pm3dir) + strlen(filename) + 1, sizeof(char)); if (path == NULL) goto out; diff --git a/client/scripting.c b/client/scripting.c index 7157957ca..e5c3990fb 100644 --- a/client/scripting.c +++ b/client/scripting.c @@ -69,7 +69,10 @@ static int l_fast_push_mode(lua_State *L) { // Disable fast mode and send a dummy command to make it effective if (enable == false) { SendCommandNG(CMD_PING, NULL, 0); - WaitForResponseTimeout(CMD_PING, NULL, 1000); + if (!WaitForResponseTimeout(CMD_PING, NULL, 1000)) { + PrintAndLogEx(WARNING, "command execution time out"); + return returnToLuaWithError(L, "command execution time out"); + } } //Push the retval on the stack @@ -926,7 +929,7 @@ static int l_T55xx_readblock(lua_State *L) { // try reading the config block and verify that PWD bit is set before doing this! if (!override) { - if (!AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, false, 0, 0)) { + if (!AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, false, 0, 0)) { return returnToLuaWithError(L, "Failed to read config block"); } @@ -943,7 +946,7 @@ static int l_T55xx_readblock(lua_State *L) { } } - if (!AquireData(usepage1, block, usepwd, password, 0)) { + if (!AcquireData(usepage1, block, usepwd, password, 0)) { return returnToLuaWithError(L, "Failed to acquire data from card"); } @@ -1000,7 +1003,7 @@ static int l_T55xx_detect(lua_State *L) { if (!useGB) { - isok = AquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, 0); + isok = AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, 0); if (isok == false) { return returnToLuaWithError(L, "Failed to acquire LF signal data"); } diff --git a/common/lfdemod.c b/common/lfdemod.c index 1d1749d8e..9ed1a83c3 100644 --- a/common/lfdemod.c +++ b/common/lfdemod.c @@ -117,8 +117,11 @@ void computeSignalProperties(uint8_t *samples, uint32_t size) { sum += samples[i]; cnt++; - } - signalprop.mean = sum / cnt; + } + if (cnt > 0) + signalprop.mean = sum / cnt; + else + signalprop.mean = 0; #else for (uint32_t i = SIGNAL_IGNORE_FIRST_SAMPLES; i < size; i++) { if (samples[i] < signalprop.low) signalprop.low = samples[i]; @@ -160,8 +163,11 @@ void removeSignalOffset(uint8_t *samples, uint32_t size) { acc_off += samples[i] - 128; cnt++; - } - acc_off /= cnt; + } + if (cnt > 0) + acc_off /= cnt; + else + acc_off = 0; #else for (uint32_t i = SIGNAL_IGNORE_FIRST_SAMPLES; i < size; i++) acc_off += samples[i] - 128; diff --git a/covsubmit.sh b/covsubmit.sh index 6cf1bba47..dcfda0999 100755 --- a/covsubmit.sh +++ b/covsubmit.sh @@ -6,7 +6,7 @@ set -e pre_submit_hook ## delete all previous tarballs -rm proxmark3.all.*.tgz +rm proxmark3.all.*.tgz proxmark3.all.*.log TODAY="$(date --date now +%Y%m%d.%H%M)" VERSION="0.1.$TODAY"