RfidResearchGroup/proxmark3
1
1
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-02-13 02:34:48 +08:00
Code Issues Projects Releases Packages Wiki Activity

FIX: Some Coverity Scan warnings. fread, not initialised etc etc

Browse source
This commit is contained in:
iceman1001 2016-04-23 18:23:46 +02:00
parent 5bb6228386
commit cd777a0545
7 changed files with 81 additions and 88 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
armsrc/hitagS.c
View file

@ -10,8 +10,6 @@
//-----------------------------------------------------------------------------
// Some code was copied from Hitag2.c
//-----------------------------------------------------------------------------
#include <stdio.h>
#include <stdlib.h>
#include "proxmark3.h"

4
client/cmdhfmf.c
View file

@ -94,12 +94,14 @@ int usage_hf14_hardnested(void){
PrintAndLog(" w acquire nonces and write them to binary file nonces.bin");
PrintAndLog(" s slower acquisition (required by some non standard cards)");
PrintAndLog(" r read nonces.bin and start attack");
PrintAndLog(" t tests?");
PrintAndLog(" ");
PrintAndLog("samples:");
PrintAndLog(" hf mf hardnested 0 A FFFFFFFFFFFF 4 A");
PrintAndLog(" hf mf hardnested 0 A FFFFFFFFFFFF 4 A w");
PrintAndLog(" hf mf hardnested 0 A FFFFFFFFFFFF 4 A w s");
PrintAndLog(" hf mf hardnested r");
PrintAndLog(" hf mf hardnested r a0a1a2a3a4a5");
PrintAndLog(" ");
PrintAndLog("Add the known target key to check if it is present in the remaining key space:");
PrintAndLog(" sample5: hf mf hardnested 0 A A0A1A2A3A4A5 4 A FFFFFFFFFFFF");
@ -937,7 +939,7 @@ int CmdHF14AMfNestedHard(const char *Cmd) {
char ctmp;
ctmp = param_getchar(Cmd, 0);
if (ctmp != 'H' && ctmp != 'h' ) return usage_hf14_hardnested();
if (ctmp == 'H' || ctmp == 'h' ) return usage_hf14_hardnested();
if (ctmp != 'R' && ctmp != 'r' && ctmp != 'T' && ctmp != 't' && strlen(Cmd) < 20) return usage_hf14_hardnested();
bool know_target_key = false;

53
client/cmdhfmfhard.c
View file

@ -73,7 +73,6 @@ static const float p_K[257] = { // the probability that a random nonce has a Su
0.0000, 0.0000, 0.0000, 0.0000, 0.0000, 0.0000, 0.0000, 0.0000,
0.0000, 0.0000, 0.0000, 0.0000, 0.0000, 0.0000, 0.0000, 0.0000,
0.0290 };
typedef struct noncelistentry {
uint32_t nonce_enc;
@ -92,7 +91,6 @@ typedef struct noncelist {
float score1, score2;
} noncelist_t;
static size_t nonces_to_bruteforce = 0;
static noncelistentry_t *brute_force_nonces[256];
static uint32_t cuid = 0;
@ -130,10 +128,8 @@ typedef struct {
static partial_indexed_statelist_t partial_statelist[17];
static partial_indexed_statelist_t statelist_bitflip;
static statelist_t *candidates = NULL;
static int add_nonce(uint32_t nonce_enc, uint8_t par_enc)
{
uint8_t first_byte = nonce_enc >> 24;
@ -448,32 +444,31 @@ static void Tests()
// crypto1_destroy(pcs);
// printf("\nTests: number of states with BitFlipProperty: %d, (= %1.3f%% of total states)\n", statelist_bitflip.len[0], 100.0 * statelist_bitflip.len[0] / (1<<20));
printf("\nTests: Actual BitFlipProperties odd/even:\n");
for (uint16_t i = 0; i < 256; i++) {
printf("[%02x]:%c ", i, nonces[i].BitFlip[ODD_STATE]?'o':nonces[i].BitFlip[EVEN_STATE]?'e':' ');
if (i % 8 == 7) {
printf("\n");
}
}
// printf("\nTests: Actual BitFlipProperties odd/even:\n");
// for (uint16_t i = 0; i < 256; i++) {
// printf("[%02x]:%c ", i, nonces[i].BitFlip[ODD_STATE]?'o':nonces[i].BitFlip[EVEN_STATE]?'e':' ');
// if (i % 8 == 7) {
// printf("\n");
// }
// }
printf("\nTests: Sorted First Bytes:\n");
for (uint16_t i = 0; i < 256; i++) {
uint8_t best_byte = best_first_bytes[i];
printf("#%03d Byte: %02x, n = %3d, k = %3d, Sum(a8): %3d, Confidence: %5.1f%%, Bitflip: %c\n",
//printf("#%03d Byte: %02x, n = %3d, k = %3d, Sum(a8): %3d, Confidence: %5.1f%%, Bitflip: %c, score1: %1.5f, score2: %1.0f\n",
i, best_byte,
nonces[best_byte].num,
nonces[best_byte].Sum,
nonces[best_byte].Sum8_guess,
nonces[best_byte].Sum8_prob * 100,
nonces[best_byte].BitFlip[ODD_STATE]?'o':nonces[best_byte].BitFlip[EVEN_STATE]?'e':' '
//nonces[best_byte].score1,
//nonces[best_byte].score2
);
}
// printf("\nTests: Sorted First Bytes:\n");
// for (uint16_t i = 0; i < 256; i++) {
// uint8_t best_byte = best_first_bytes[i];
// printf("#%03d Byte: %02x, n = %3d, k = %3d, Sum(a8): %3d, Confidence: %5.1f%%, Bitflip: %c\n",
// //printf("#%03d Byte: %02x, n = %3d, k = %3d, Sum(a8): %3d, Confidence: %5.1f%%, Bitflip: %c, score1: %1.5f, score2: %1.0f\n",
// i, best_byte,
// nonces[best_byte].num,
// nonces[best_byte].Sum,
// nonces[best_byte].Sum8_guess,
// nonces[best_byte].Sum8_prob * 100,
// nonces[best_byte].BitFlip[ODD_STATE]?'o':nonces[best_byte].BitFlip[EVEN_STATE]?'e':' '
// //nonces[best_byte].score1,
// //nonces[best_byte].score2
// );
// }
// printf("\nTests: parity performance\n");
// time_t time1p = clock();
@ -1628,7 +1623,7 @@ static void* crack_states_thread(void* x){
}
return NULL;
}
#define _USE_32BIT_TIME_T
static void brute_force(void)
{
if (known_target_key != -1) {
@ -1667,6 +1662,8 @@ static void brute_force(void)
#ifndef __WIN32
thread_count = sysconf(_SC_NPROCESSORS_CONF);
if ( thread_count < 1)
thread_count = 1;
#endif /* _WIN32 */
pthread_t threads[thread_count];

100
client/cmdlfhitag.c
View file

@ -28,8 +28,7 @@ size_t nbytes(size_t nbits) {
return (nbits/8)+((nbits%8)>0);
}
int CmdLFHitagList(const char *Cmd)
{
int CmdLFHitagList(const char *Cmd) {
uint8_t *got = malloc(USB_CMD_DATA_SIZE);
// Query for the actual size of the trace
@ -58,13 +57,14 @@ int CmdLFHitagList(const char *Cmd)
int len = strlen(Cmd);
char filename[FILE_PATH_SIZE] = { 0x00 };
FILE* pf = NULL;
FILE* f = NULL;
if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;
memcpy(filename, Cmd, len);
if (strlen(filename) > 0) {
if ((pf = fopen(filename,"wb")) == NULL) {
f = fopen(filename,"wb");
if (!f) {
PrintAndLog("Error: Could not open file [%s]",filename);
return 1;
}
@ -129,8 +129,8 @@ int CmdLFHitagList(const char *Cmd)
(isResponse ? "TAG" : " "),
line);
if (pf) {
fprintf(pf," +%7d: %3d: %s %s\n",
if (f) {
fprintf(f," +%7d: %3d: %s %s\n",
(prev < 0 ? 0 : (timestamp - prev)),
bits,
(isResponse ? "TAG" : " "),
@ -141,8 +141,8 @@ int CmdLFHitagList(const char *Cmd)
i += (len + 9);
}
if (pf) {
fclose(pf);
if (f) {
fclose(f);
PrintAndLog("Recorded activity succesfully written to file: %s", filename);
}
@ -161,7 +161,7 @@ int CmdLFHitagSim(const char *Cmd) {
UsbCommand c = {CMD_SIMULATE_HITAG};
char filename[FILE_PATH_SIZE] = { 0x00 };
FILE* pf;
FILE* f;
bool tag_mem_supplied;
int len = strlen(Cmd);
@ -169,25 +169,25 @@ int CmdLFHitagSim(const char *Cmd) {
memcpy(filename, Cmd, len);
if (strlen(filename) > 0) {
if ((pf = fopen(filename,"rb+")) == NULL) {
f = fopen(filename,"rb+");
if (!f) {
PrintAndLog("Error: Could not open file [%s]",filename);
return 1;
}
tag_mem_supplied = true;
size_t bytes_read = fread(c.d.asBytes, 48, 1, pf);
size_t bytes_read = fread(c.d.asBytes, 48, 1, f);
if ( bytes_read == 0) {
PrintAndLog("Error: File reading error");
fclose(pf);
fclose(f);
return 1;
}
fclose(pf);
fclose(f);
} else {
tag_mem_supplied = false;
}
// Does the tag comes with memory
c.arg[0] = (uint32_t)tag_mem_supplied;
clearCommandBuffer();
SendCommand(&c);
return 0;
@ -195,7 +195,6 @@ int CmdLFHitagSim(const char *Cmd) {
int CmdLFHitagReader(const char *Cmd) {
UsbCommand c = {CMD_READER_HITAG};//, {param_get32ex(Cmd,0,0,10),param_get32ex(Cmd,1,0,16),param_get32ex(Cmd,2,0,16),param_get32ex(Cmd,3,0,16)}};
hitag_data* htd = (hitag_data*)c.d.asBytes;
hitag_function htf = param_get32ex(Cmd,0,0,10);
@ -241,11 +240,8 @@ int CmdLFHitagReader(const char *Cmd) {
// Copy the hitag2 function into the first argument
c.arg[0] = htf;
clearCommandBuffer();
// Send the command to the proxmark
SendCommand(&c);
UsbCommand resp;
WaitForResponse(CMD_ACK,&resp);
@ -253,28 +249,27 @@ int CmdLFHitagReader(const char *Cmd) {
if (resp.arg[0] == false) return 1;
uint32_t id = bytes_to_num(resp.d.asBytes,4);
char filename[FILE_PATH_SIZE];
FILE* pf = NULL;
char filename[FILE_PATH_SIZE];
FILE* f = NULL;
sprintf(filename,"%08x_%04x.ht2",id,(rand() & 0xffff));
if ((pf = fopen(filename,"wb")) == NULL) {
f = fopen(filename,"wb");
if (!f) {
PrintAndLog("Error: Could not open file [%s]",filename);
return 1;
}
// Write the 48 tag memory bytes to file and finalize
fwrite(resp.d.asBytes,1,48,pf);
fclose(pf);
fwrite(resp.d.asBytes, 1, 48, f);
fclose(f);
PrintAndLog("Succesfully saved tag memory to [%s]",filename);
return 0;
}
int CmdLFHitagSimS(const char *Cmd) {
UsbCommand c = { CMD_SIMULATE_HITAG_S };
char filename[FILE_PATH_SIZE] = { 0x00 };
FILE* pf;
FILE* f;
bool tag_mem_supplied;
int len = strlen(Cmd);
if (len > FILE_PATH_SIZE)
@ -282,24 +277,26 @@ int CmdLFHitagSimS(const char *Cmd) {
memcpy(filename, Cmd, len);
if (strlen(filename) > 0) {
if ((pf = fopen(filename, "rb+")) == NULL) {
f = fopen(filename, "rb+");
if (!f) {
PrintAndLog("Error: Could not open file [%s]", filename);
return 1;
}
tag_mem_supplied = true;
if (fread(c.d.asBytes, 4*64, 1, pf) == 0) {
size_t bytes_read = fread(c.d.asBytes, 4*64, 1, f);
if ( bytes_read == 0) {
PrintAndLog("Error: File reading error");
fclose(pf);
fclose(f);
return 1;
}
fclose(pf);
fclose(f);
} else {
tag_mem_supplied = false;
}
// Does the tag comes with memory
c.arg[0] = (uint32_t) tag_mem_supplied;
clearCommandBuffer();
SendCommand(&c);
return 0;
}
@ -307,36 +304,37 @@ int CmdLFHitagSimS(const char *Cmd) {
int CmdLFHitagCheckChallenges(const char *Cmd) {
UsbCommand c = { CMD_TEST_HITAGS_TRACES };
char filename[FILE_PATH_SIZE] = { 0x00 };
FILE* pf;
FILE* f;
bool file_given;
int len = strlen(Cmd);
if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;
memcpy(filename, Cmd, len);
if (strlen(filename) > 0) {
if ((pf = fopen(filename,"rb+")) == NULL) {
PrintAndLog("Error: Could not open file [%s]",filename);
f = fopen(filename,"rb+");
if( !f ) {
PrintAndLog("Error: Could not open file [%s]", filename);
return 1;
}
file_given = true;
if (fread(c.d.asBytes,8*60,1,pf) == 0) {
PrintAndLog("Error: File reading error");
fclose(pf);
size_t bytes_read = fread(c.d.asBytes, 8*60, 1, f);
if ( bytes_read == 0) {
PrintAndLog("Error: File reading error");
fclose(f);
return 1;
}
fclose(pf);
fclose(f);
} else {
file_given = false;
}
//file with all the challenges to try
c.arg[0] = (uint32_t)file_given;
SendCommand(&c);
return 0;
clearCommandBuffer();
SendCommand(&c);
return 0;
}
int CmdLFHitagWP(const char *Cmd) {
UsbCommand c = { CMD_WR_HITAG_S };
hitag_data* htd = (hitag_data*)c.d.asBytes;
@ -367,17 +365,15 @@ int CmdLFHitagWP(const char *Cmd) {
// Copy the hitag function into the first argument
c.arg[0] = htf;
// Send the command to the proxmark
SendCommand(&c);
UsbCommand resp;
WaitForResponse(CMD_ACK,&resp);
// Check the return status, stored in the first argument
if (resp.arg[0] == false) return 1;
return 0;
}
clearCommandBuffer();
SendCommand(&c);
UsbCommand resp;
WaitForResponse(CMD_ACK,&resp);
// Check the return status, stored in the first argument
if (resp.arg[0] == false) return 1;
return 0;
}
static command_t CommandTable[] =
{

4
client/nonce2key/crapto1.c
View file

@ -383,7 +383,7 @@ uint32_t lfsr_rollback_word(struct Crypto1State *s, uint32_t in, int fb)
/** nonce_distance
* x,y valid tag nonces, then prng_successor(x, nonce_distance(x, y)) = y
*/
static uint16_t *dist = 0;
static uint16_t *dist;
int nonce_distance(uint32_t from, uint32_t to)
{
uint16_t x, i;
@ -391,7 +391,7 @@ int nonce_distance(uint32_t from, uint32_t to)
dist = malloc(2 << 16);
if(!dist)
return -1;
for (x = i = 1; i; ++i) {
for (x = 1, i = 1; i; ++i) {
dist[(x & 0xff) << 8 | x >> 8] = i;
x = x >> 1 | (x ^ x >> 2 ^ x >> 3 ^ x >> 5) << 15;
}

4
client/nonce2key/crypto1_bs.c
View file

@ -80,7 +80,7 @@ inline const bitslice_value_t crypto1_bs_lfsr_rollback(const bitslice_value_t in
// note that bytes are sliced and unsliced with reversed endianness
inline void crypto1_bs_convert_states(bitslice_t bitsliced_states[], state_t regular_states[]){
size_t bit_idx = 0, slice_idx = 0;
state_t values[MAX_BITSLICES];
state_t values[MAX_BITSLICES] = {{0x00}};
for(slice_idx = 0; slice_idx < MAX_BITSLICES; slice_idx++){
for(bit_idx = 0; bit_idx < STATE_SIZE; bit_idx++){
bool bit = get_vector_bit(slice_idx, bitsliced_states[bit_idx]);
@ -111,7 +111,7 @@ void crypto1_bs_bitslice_value32(uint32_t value, bitslice_t bitsliced_value[], s
void crypto1_bs_print_states(bitslice_t bitsliced_states[]){
size_t slice_idx = 0;
state_t values[MAX_BITSLICES];
state_t values[MAX_BITSLICES] = {{0x00}};
crypto1_bs_convert_states(bitsliced_states, values);
for(slice_idx = 0; slice_idx < MAX_BITSLICES; slice_idx++){
printf("State %03zu: %012"llx"\n", slice_idx, values[slice_idx].value);

2
client/nonce2key/crypto1_bs.h
View file

@ -58,7 +58,7 @@ bitslice_t bs_zeroes;
#define ROLLBACK_SIZE 8
// number of nonces required to test to cover entire 48-bit state
// I would have said it's 12... but bla goes with 100, so I do too
#define NONCE_TESTS 100
#define NONCE_TESTS 12
// state pointer management
extern __thread bitslice_t states[KEYSTREAM_SIZE+STATE_SIZE];