FIX: coverty scan, resourceleak in "hf mf sniff", added call to 'free' befor return.

FIX: coverty scan, overflow in "hf 14a raw",  added an extra len check against USB_CMD_DATA_SIZE
This commit is contained in:
iceman1001 2016-01-08 14:30:56 +01:00
parent f4fbfb83e2
commit c46ea881a4
2 changed files with 7 additions and 2 deletions

View file

@ -731,8 +731,10 @@ int CmdHF14ACmdRaw(const char *cmd) {
if(topazmode)
c.arg[0] |= ISO14A_TOPAZMODE;
// Max buffer is USB_CMD_DATA_SIZE
datalen = (datalen > USB_CMD_DATA_SIZE) ? USB_CMD_DATA_SIZE : datalen;
c.arg[1] = (datalen & 0xFFFF) | (numbits << 16);
memcpy(c.d.asBytes,data,datalen);

View file

@ -2027,7 +2027,10 @@ int CmdHF14AMfSniff(const char *Cmd){
uint16_t traceLen = resp.arg[1];
len = resp.arg[2];
if (res == 0) return 0; // we are done
if (res == 0) {
free(buf);
return 0; // we are done
}
if (res == 1) { // there is (more) data to be transferred
if (pckNum == 0) { // first packet, (re)allocate necessary buffer